Updated the underlying haproxy version from 2.2 to 3.2.4

Programmer-Admin · Programmer-Admin · commit 7bc0a0adba62 · 2025-08-22T12:50:50.000+05:30
Fixed CI

Reverted conftests.py, Added root user before CMD in Dockerfile, to respect existing setups

version pinned and comment removed from cfg

Removed extra empty lines
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM haproxy:2.2-alpine
+FROM haproxy:3.2.4-alpine
 
 EXPOSE 2375
 ENV ALLOW_RESTARTS=0 \
@@ -33,3 +33,5 @@ ENV ALLOW_RESTARTS=0 \
     VOLUMES=0
 COPY docker-entrypoint.sh /usr/local/bin/
 COPY haproxy.cfg /usr/local/etc/haproxy/haproxy.cfg.template
+USER root
+CMD ["haproxy", "-f", "/tmp/haproxy.cfg"]
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -15,7 +15,7 @@ case "$DISABLE_IPV6_LOWER" in
 esac
 
 # Process the HAProxy configuration template using sed
-sed "s/\${BIND_CONFIG}/$BIND_CONFIG/g" /usr/local/etc/haproxy/haproxy.cfg.template > /usr/local/etc/haproxy/haproxy.cfg
+sed "s/\${BIND_CONFIG}/$BIND_CONFIG/g" /usr/local/etc/haproxy/haproxy.cfg.template > /tmp/haproxy.cfg
 
 # first arg is `-f` or `--some-option`
 if [ "${1#-}" != "$1" ]; then
diff --git a/haproxy.cfg b/haproxy.cfg
@@ -44,8 +44,11 @@ backend docker-events
     timeout server 0
 
 frontend dockerfrontend
+    # bind [::]:2375 v4v6
     bind ${BIND_CONFIG}
     http-request deny unless METH_GET || { env(POST) -m bool }
+
+    # Allowed endpoints
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/((stop)|(restart)|(kill)) } { env(ALLOW_RESTARTS) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/start } { env(ALLOW_START) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/stop } { env(ALLOW_STOP) -m bool }
@@ -73,6 +76,6 @@ frontend dockerfrontend
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/version } { env(VERSION) -m bool }
     http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/volumes } { env(VOLUMES) -m bool }
     http-request deny
-    default_backend dockerbackend
 
+    default_backend dockerbackend
     use_backend docker-events if { path,url_dec -m reg -i ^(/v[\d\.]+)?/events }
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,8 +1,9 @@
 [tool.poetry]
 name = "docker-socket-proxy"
-version = "0.0.0"
+version = "1.0.0"
 description = ""
 authors = ["Tecnativa"]
+package-mode = false
 
 [tool.poetry.dependencies]
 python = "^3.8"
