feat(ci): use latest crs containers for testing #2188
Conversation
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
Signed-off-by: Felipe Zipitria <felipe.zipitria@owasp.org>
|
Why is this needed? What is happening without this? |
|
From the CRS perspective? Not much. But there are plenty of variables that help users with better UX. For example: I was trying to have the debug log to verify a problem in a different PR, and setting the variable in the docker-compose wasn't working. After updating, now I can just define |
|
Thanks.< 8000 /p> But it also means we should update this when we do a new release, don't we? Or should we better wait a few weeks, since docker containers would get the new rule set automatically otherwise? |
|
Containers always get the latest For example, the Github action test mounts the branch tested instead of using what's in the container. |
There was a problem hiding this comment.
Looks almost good to me. owasp/modsecurity-crs:apache points to latest image version.
owasp/modsecurity-crs:nginx does not.
Also see this issue here.
There was a problem hiding this comment.
Looks almost good to me. owasp/modsecurity-crs:apache points to latest image version.
owasp/modsecurity-crs:nginx does not.
Also see this issue here.
|
Fixed issue with latest containers. |
|
@franbuehler Can you review again? |
1 similar comment
|
@franbuehler Can you review again? |
Signed-off-by: Felipe Zipitria felipe.zipitria@owasp.org
Turns out we were using the old version. We fell in our own trap.