ea41fc5e74
* [SECURITY] Docker patches for CVE-2019-5736 (#4223) This updates docker 18.06 and 18.09 with the two patches released yesterday to address the new runc exploit. Details here: https://kubernetes.io/blog/2019/02/11/runc-and-cve-2019-5736/ * keep edge versions to same minor * keep edge versions to same minor
46 lines
1.2 KiB
YAML
46 lines
1.2 KiB
YAML
---
|
|
docker_kernel_min_version: '3.10'
|
|
docker_version: 18.06
|
|
# https://download.docker.com/linux/ubuntu/
|
|
docker_versioned_pkg:
|
|
'latest': docker-ce
|
|
'17.09': docker-ce=17.09.1~ce-0~ubuntu
|
|
'17.12': docker-ce=17.12.1~ce-0~ubuntu-{{ ansible_distribution_release|lower }}
|
|
'18.06': docker-ce=18.06.2~ce~3-0~ubuntu
|
|
'stable': docker-ce=18.06.2~ce~3-0~ubuntu
|
|
'edge': docker-ce=18.06.2~ce~3-0~ubuntu
|
|
|
|
docker_package_info:
|
|
pkg_mgr: apt
|
|
pkgs:
|
|
- name: "{{ docker_versioned_pkg[docker_version | string] }}"
|
|
force: yes
|
|
|
|
docker_repo_key_info:
|
|
pkg_key: apt_key
|
|
url: '{{ docker_ubuntu_repo_gpgkey }}'
|
|
repo_keys:
|
|
- 9DC858229FC7DD38854AE2D88D81803C0EBFCD88
|
|
|
|
docker_repo_info:
|
|
pkg_repo: apt_repository
|
|
repos:
|
|
- >
|
|
deb {{ docker_ubuntu_repo_base_url }}
|
|
{{ ansible_distribution_release|lower }}
|
|
stable
|
|
|
|
dockerproject_repo_key_info:
|
|
pkg_key: apt_key
|
|
url: '{{ dockerproject_apt_repo_gpgkey }}'
|
|
repo_keys:
|
|
- 58118E89F3A912897C070ADBF76221572C52609D
|
|
|
|
dockerproject_repo_info:
|
|
pkg_repo: apt_repository
|
|
repos:
|
|
- >
|
|
deb {{ dockerproject_apt_repo_base_url }}
|
|
{{ ansible_distribution|lower }}-{{ ansible_distribution_release|lower }}
|
|
main
|