.github/workflows/ci.yml

@@ -11,14 +11,14 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out the codebase.
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
 
       - name: Install hadolint.
         run: |
           sudo curl -L https://github.com/hadolint/hadolint/releases/download/v$HADOLINT_VERSION/hadolint-$(uname -s)-$(uname -m) -o /usr/local/bin/hadolint
           sudo chmod 755 /usr/local/bin/hadolint
         env:
-          HADOLINT_VERSION: 2.12.0
+          HADOLINT_VERSION: 2.8.0
 
       - name: Run hadolint.
         run: |
@@ -30,7 +30,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out the codebase.
-        uses: actions/checkout@v3
+        uses: actions/checkout@v2
 
       - name: Find an open port.
         run: |
@@ -63,15 +63,12 @@ jobs:
         with:
           image-ref: ${{ github.repository }}:${{ github.run_id }}
           exit-code: '1'
-          skip-files: '/etc/ssl/certs/vsftpd.pem'
-          severity: 'CRITICAL,HIGH'
 
       - name: Run Trivy vulnerability scanner.
         uses: aquasecurity/trivy-action@master
         with:
           image-ref: ${{ github.repository }}:nossl
           exit-code: '1'
-          severity: 'CRITICAL,HIGH'
 
   deploy:
     if: startsWith(github.ref, 'refs/tags/v')
@@ -87,7 +84,7 @@ jobs:
           echo ::set-output name=VERSION::${TAG%-*}
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v2
+        uses: docker/setup-buildx-action@v1
 
       - name: Login to Quay
         uses: docker/login-action@v1
@@ -97,7 +94,7 @@ jobs:
           password: ${{ secrets.QUAY_PASSWORD }}
 
       - name: Push to Quay
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v2
         with:
           file: ./Dockerfile
           pull: true
@@ -111,7 +108,7 @@ jobs:
           VERSION: ${{ steps.get_version.outputs.VERSION }}
 
       - name: Push nossl to Quay
-        uses: docker/build-push-action@v3
+        uses: docker/build-push-action@v2
         with:
           file: ./Dockerfile_nossl
           pull: true

.github/workflows/docker-publish-image.yml

@@ -0,0 +1,86 @@
+name: Docker hub auto publish image
+
+on:
+  push:
+    branches:
+      - master
+    paths:
+      # Run when file is edited
+      - Dockerfile
+      - start_vsftpd.sh
+      - vsftpd.conf
+
+  # Run tests for any PRs.
+  pull_request:
+
+env:
+  # Image name at docker hub
+  IMAGE_NAME: delfer/alpine-ftp-server
+
+jobs:
+  # Run tests.
+  # See also https://docs.docker.com/docker-hub/builds/automated-testing/
+  test:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout 
+        uses: actions/checkout@v2
+
+      - name: Run tests
+        run: |
+          if [ -f docker-compose.test.yml ]; then
+            docker-compose --file docker-compose.test.yml build
+            docker-compose --file docker-compose.test.yml run sut
+          else
+            docker build . --file Dockerfile
+          fi
+
+  push:
+    # Ensure test job passes before pushing image.
+    needs: test
+
+    runs-on: ubuntu-latest
+    if: github.event_name == 'push'
+
+    steps:
+      - name: Checkout 
+        uses: actions/checkout@v2
+        
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+       
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          # Genrate secret from here https://hub.docker.com/settings/security
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Add Label Schema to Dockerfile
+        run: |
+          # Label Schema based on http://label-schema.org/rc1/
+          TIME_ISO=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
+          echo "LABEL org.label-schema.build-date=$TIME_ISO" >> Dockerfile
+          echo "LABEL org.label-schema.name=vsftpd" >> Dockerfile
+          echo "LABEL org.label-schema.url=https://security.appspot.com/vsftpd.html" >> Dockerfile
+          echo "LABEL org.label-schema.vcs-url=https://github.com/delfer/docker-alpine-ftp-server" >> Dockerfile
+          GIT_HASH=$(git rev-parse --short "$GITHUB_SHA")
+          echo "LABEL org.label-schema.vcs-ref=$GIT_HASH" >> Dockerfile
+          echo "LABEL org.label-schema.schema-version=1.0.0-rc.1" >> Dockerfile
+          echo "LABEL org.label-schema.docker.cmd=\"docker run -d -p 21:21 -e USERS=\"username|password\" delfer/alpine-ftp-server\"" >> Dockerfile
+          # Show edited Dockerfile content
+          cat Dockerfile
+                    
+      - name: Build and push latest
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: ./Dockerfile
+          platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64
+          push: true
+          tags: |
+            ${{ env.IMAGE_NAME }}:latest

Dockerfile

@@ -1,8 +1,8 @@
-FROM alpine:3.18.4
+FROM alpine:3.15.0
 
 LABEL maintainer="Amin Vakil <info@aminvakil.com>"
 
-RUN apk --no-cache add vsftpd=3.0.5-r2
+RUN apk --no-cache add vsftpd=3.0.5-r1
 
 COPY vsftpd.pem /etc/ssl/certs/vsftpd.pem
 COPY start_vsftpd.sh /usr/local/bin/start_vsftpd.sh

Dockerfile_nossl

@@ -1,8 +1,8 @@
-FROM alpine:3.18.4
+FROM alpine:3.15.0
 
 LABEL maintainer="Amin Vakil <info@aminvakil.com>"
 
-RUN apk --no-cache add vsftpd=3.0.5-r2
+RUN apk --no-cache add vsftpd=3.0.5-r1
 
 COPY start_vsftpd.sh /usr/local/bin/start_vsftpd.sh
 COPY vsftpd.conf_nossl /etc/vsftpd/vsftpd.conf

README.md

@@ -1,16 +1,6 @@
 # docker-alpine-ftp-server-tls
 Small and flexible docker image with vsftpd server with tls
 
-# Important Note
-I think upstream has made it more complicated than it needs to be since this commit and I'm not merging its commits anymore, although I cherry-pick some of them when I see fit.
-
-https://github.com/delfer/docker-alpine-ftp-server/commit/fbf9afd9368d63a225e093bae227fa878de46b2c
-
-Also for future reference this is the PR of this commit: https://github.com/delfer/docker-alpine-ftp-server/pull/36
-
-FOr further discussion about this you can use [this issue](https://github.com/aminvakil/docker-alpine-ftp-server-tls/issues/14).
-
-
 ## Usage
 ```
 docker run -d \
@@ -24,9 +14,9 @@ docker run -d \
 ## Configuration
 
 Environment variables:
-- `USERS` - space and `|` separated list (optional, default: `alpineftp|alpineftp`)
+- `USERS` - space and `|` separated list (optional, default: `ftp|alpineftp`)
   - format `name1|password1|[folder1][|uid1] name2|password2|[folder2][|uid2]`
-- `ADDRESS` - external address to which clients can connect for passive ports (optional, should resolve to ftp server ip address)
+- `ADDRESS` - external address witch clients can connect passive ports (optional, should resolve to ftp server ip address)
 - `MIN_PORT` - minimum port number to be used for passive connections (optional, default `21000`)
 - `MAX_PORT` - maximum port number to be used for passive connections (optional, default `21010`)
 

start_vsftpd.sh

@@ -1,6 +1,6 @@
 #!/bin/sh
 #Remove all ftp users
-grep '/ftp/' /etc/passwd | cut -d':' -f1 | xargs -r -n1 deluser
+#grep '/ftp/' /etc/passwd | cut -d':' -f1 | xargs -n1 deluser
 
 #Create users
 #USERS='name1|password1|[folder1][|uid1] name2|password2|[folder2][|uid2]'
@@ -14,15 +14,14 @@ grep '/ftp/' /etc/passwd | cut -d':' -f1 | xargs -r -n1 deluser
 #Default user 'ftp' with password 'alpineftp'
 
 if [ -z "$USERS" ]; then
-  USERS="alpineftp|alpineftp"
+  USERS="amin|alpineftp"
 fi
 
 for i in $USERS ; do
-  NAME=$(echo $i | cut -d'|' -f1)
+    NAME=$(echo $i | cut -d'|' -f1)
-  GROUP=$NAME
+    PASS=$(echo $i | cut -d'|' -f2)
-  PASS=$(echo $i | cut -d'|' -f2)
   FOLDER=$(echo $i | cut -d'|' -f3)
-  UID=$(echo $i | cut -d'|' -f4)
+     UID=$(echo $i | cut -d'|' -f4)
 
   if [ -z "$FOLDER" ]; then
     FOLDER="/ftp/$NAME"
@@ -30,16 +29,11 @@ for i in $USERS ; do
 
   if [ ! -z "$UID" ]; then
     UID_OPT="-u $UID"
-    #Check if the group with the same ID already exists
-    GROUP=$(getent group $UID | cut -d: -f1)
-    if [ ! -z "$GROUP" ]; then
-      GROUP_OPT="-G $GROUP"
-    fi
   fi
 
-  echo -e "$PASS\n$PASS" | adduser -h $FOLDER -s /sbin/nologin $UID_OPT $GROUP_OPT $NAME
+  echo -e "$PASS\n$PASS" | adduser -h $FOLDER -s /sbin/nologin $UID_OPT $NAME
   mkdir -p $FOLDER
-  chown $NAME:$GROUP $FOLDER
+  chown $NAME:$NAME $FOLDER
   unset NAME PASS FOLDER UID
 done