You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@openwhisk.apache.org by GitBox <gi...@apache.org> on 2019/03/26 05:32:48 UTC

[GitHub] [incubator-openwhisk] chetanmeh opened a new pull request #4394: Use https endpoint for alpine packages

chetanmeh opened a new pull request #4394: Use https endpoint for alpine packages
URL: https://github.com/apache/incubator-openwhisk/pull/4394
 
 
   Switches to ssl endpoint for alpine package downloads
   
   ## Description
   
   Alpine use http endpoint (http://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86_64/APKINDEX.tar.gz) for downloading the index files. 
   
   Per [discussion at gliderlabs/docker-alpine#184](https://github.com/gliderlabs/docker-alpine/issues/184#issuecomment-250831640) there is a suggestion to use https://alpine.global.ssl.fastly.net/alpine/
   
   Per comment on [alpine forum](https://bugs.alpinelinux.org/issues/8087#note-3) use of http seems to be safe
   
   > apk checks downloaded packages using repository public keys, so it shouldn't really matter much. If you insist on using HTTPS, you could use a mirror supporting it directly, without using the Fastly CDN. All this considered, using HTTP for this will have no impact on security. It will only avoid the cost of encryption introduced by SSL.
   
   However some of our build system restrict access to non secure endpoints so we need to use a secure download url for alpine
   
   ## Related issue and scope
   <!--- Please include a link to a related issue if there is one. -->
   - [ ] I opened an issue to propose and discuss this change (#????)
   
   ## My changes affect the following components
   <!--- Select below all system components are affected by your change. -->
   <!--- Enter an `x` in all applicable boxes. -->
   - [ ] API
   - [ ] Controller
   - [ ] Message Bus (e.g., Kafka)
   - [ ] Loadbalancer
   - [ ] Invoker
   - [ ] Intrinsic actions (e.g., sequences, conductors)
   - [ ] Data stores (e.g., CouchDB)
   - [ ] Tests
   - [ ] Deployment
   - [ ] CLI
   - [ ] General tooling
   - [ ] Documentation
   
   ## Types of changes
   <!--- What types of changes does your code introduce? Use `x` in all the boxes that apply: -->
   - [ ] Bug fix (generally a non-breaking change which closes an issue).
   - [ ] Enhancement or new feature (adds new functionality).
   - [ ] Breaking change (a bug fix or enhancement which changes existing behavior).
   
   ## Checklist:
   <!--- Please review the points below which help you make sure you've covered all aspects of the change you're making. -->
   
   - [ ] I signed an [Apache CLA](https://github.com/apache/incubator-openwhisk/blob/master/CONTRIBUTING.md).
   - [ ] I reviewed the [style guides](https://github.com/apache/incubator-openwhisk/wiki/Contributing:-Git-guidelines#code-readiness) and followed the recommendations (Travis CI will check :).
   - [ ] I added tests to cover my changes.
   - [ ] My changes require further changes to the documentation.
   - [ ] I updated the documentation where necessary.
   
   

----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
 
For queries about this service, please contact Infrastructure at:
users@infra.apache.org


With regards,
Apache Git Services