v2.46.0-04: Update image id and digest.

elgalu · Jul 18, 2015 · 5566616 · 5566616
1 parent 45cfd91
commit 5566616
Show file tree

Hide file tree

Showing 3 changed files with 14 additions and 13 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -25,8 +25,8 @@ Note image ids also change after scm-source.json has being updated which trigger
   + Built with: Docker version 1.7.1, build 786b29d
   + FROM ubuntu:wily-20150708
   + Python: 2.7.10
-  + Digest: sha256:TBD
-  + Image ID: TBD
+  + Digest: sha256:6f525fa015e3b815da968a998c58757892955f195cee286b4c39fe15035d01d3
+  + Image ID: e7ceeaf7ab0adf758a1f2f5e21fe53db9aa2eff7b55b01af1c7fe2620a9f309b
 
 ## v2.46.0-02 (2015-07-17)
  + Add DISABLE_ROLLBACK so when true users can troubleshoot. (Leo Gallucci)

diff --git a/README.md b/README.md
@@ -133,25 +133,26 @@ cat scm-source.json #=> { "url": "https://github.com/elgalu/docker-selenium",
 
 There are also additional steps you can take to ensure you're using the correct image:
 
-### Option 1 - Use immutable image digests
-Given docker.io currently allows to push the same tag image twice this represent a security concern but since docker >= 1.6.2 is possible to fetch the digest sha256 instead of the tag so you can be sure you're using the exact same docker image every time:
-
-    # e.g. sha256 for tag v2.46.0-04
-    export SHA=TBD
-    docker pull elgalu/selenium@sha256:${SHA}
-
-### Option 2 - Check the Full Image Id
+### Option 1 - Check the Full Image Id
 
-Verify that image id is indeed correct
+You can simply verify that image id is indeed the correct one.
 
     # e.g. full image id for tag v2.46.0-04
-    export IMGID=TBD
+    export IMGID=e7ceeaf7ab0adf758a1f2f5e21fe53db9aa2eff7b55b01af1c7fe2620a9f309b
     if docker inspect -f='{{.Id}}' elgalu/selenium:v2.46.0-04 |grep ${IMGID} &> /dev/null; then
         echo "Image ID tested ok"
     else
         echo "Image ID doesn't match"
     fi
 
+### Option 2 - Use immutable image digests
+
+Given docker.io currently allows to push the same tag image twice this represent a security concern but since docker >= 1.6.2 is possible to fetch the digest sha256 instead of the tag so you can be sure you're using the exact same docker image every time:
+
+    # e.g. sha256 for tag v2.46.0-04
+    export SHA=6f525fa015e3b815da968a998c58757892955f195cee286b4c39fe15035d01d3
+    docker pull elgalu/selenium@sha256:${SHA}
+
 You can find all digests sha256 and image ids per tag in the [CHANGELOG](./CHANGELOG.md) so as of now you just need to trust the sha256 in the CHANGELOG. Bullet proof is to fork this project and build the images yourself if security is a big concern.
 
 ### Using Xephyr to redirect X to the docker host

diff --git a/scm-source.json b/scm-source.json
@@ -1,6 +1,6 @@
 {
     "url": "https://github.com/elgalu/docker-selenium",
-    "revision": "5ea69b370ccb8f5d64f9a59526261600ac8ab68c",
+    "revision": "45cfd9122cfaad8cc9ec7099842a7d0e13aa2409",
     "author": "lgallucci",
     "status": ""
 }