Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

refactor (bbb-soffice): Switch parent image to amazoncorretto:17-alpine #15743

Merged
merged 1 commit into from
Sep 29, 2022
Merged

refactor (bbb-soffice): Switch parent image to amazoncorretto:17-alpine #15743

merged 1 commit into from
Sep 29, 2022

Conversation

gustavotrott
Copy link
Collaborator

As reported in https://hub.docker.com/_/openjdk, the current parent image openjdk is deprecated!
image

This PR will switch the parent docker image to amazoncorretto.

It will bring some pros:

  • It will use less disk space
  • It brings a more recent version of Libreoffice
  Before After
OS Debian 11 (bullseye) Alpine Linux v3.15
LibreOffice 7.0.4.2 00 7.2.2.2
Jdk 17.0.2 2022-01-18 17.0.4.1 2022-08-12 LTS
Bbb-soffice image size 2.48GB 877MB
Parent Image openjdk amazoncorretto
Parent Image size 408MB 333MB

@gustavotrott gustavotrott changed the title refactor: Switch bbb-soffice parent image to amazoncorretto:17-alpine refactor (bbb-soffice): Switch parent image to amazoncorretto:17-alpine Sep 28, 2022
@sonarcloud
Copy link

sonarcloud bot commented Sep 28, 2022

SonarCloud Quality Gate failed.    Quality Gate failed

Bug D 1 Bug
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 5 Code Smells

No Coverage information No Coverage information
3.3% 3.3% Duplication

@MaximKhlobystov MaximKhlobystov added this to the Release 2.6 milestone Sep 28, 2022
TiagoJacobs
TiagoJacobs reviewed Sep 29, 2022
View reviewed changes
bbb-libreoffice/docker/Dockerfile
RUN apt update && apt -y install locales-all fontconfig libxt6 libxrender1
RUN apt update && apt -y install libreoffice \
&& rm -f \
/usr/share/java/ant-apache-log4j-1.10.9.jar \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Hello @gustavotrott - please check what is the version of log4j that's installed in this new implementation
I believe these removals was to ensure the vulnerable version would not be there.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

from within the docker, run:

find /  2>&1 | grep log4j

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The log4j files is no longer present in this image!

image

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great!

TiagoJacobs
TiagoJacobs approved these changes Sep 29, 2022
View reviewed changes
bbb-libreoffice/docker/Dockerfile
RUN apt update && apt -y install locales-all fontconfig libxt6 libxrender1
RUN apt update && apt -y install libreoffice \
&& rm -f \
/usr/share/java/ant-apache-log4j-1.10.9.jar \
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

great!

@gustavotrott gustavotrott merged commit a3dfb35 into bigbluebutton:v2.6.x-release Sep 29, 2022
@gustavotrott gustavotrott deleted the openjdk-deprecated branch September 29, 2022 17:43
@antobinary antobinary mentioned this pull request Dec 29, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@TiagoJacobs TiagoJacobs TiagoJacobs approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
Release 2.6
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@gustavotrott @TiagoJacobs @MaximKhlobystov