Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed various docker vulnerabilities #66

Merged
merged 5 commits into from
Sep 10, 2021
Merged

Fixed various docker vulnerabilities #66

merged 5 commits into from
Sep 10, 2021

Conversation

applejag
Copy link
Contributor

@applejag applejag commented Sep 9, 2021
edited

Summary

  • Strip away patch version from docker base images.
  • Removed building dependencies make and python. They were introduced pre-GitHub with no comment on why they were needed. The docker build succeeds without them, so gone they go.
  • Force update libgcrypt from nginx Docker base image.

Motivation

Resolve vulnerability issues reported by trivy, which is used to scan in both quay.io and harbor.

@applejag applejag added the bug Something isn't working label Sep 9, 2021
@applejag applejag added this to In progress in Backlog via automation Sep 9, 2021
@applejag applejag self-assigned this Sep 9, 2021
fredx30
fredx30 reviewed Sep 9, 2021
View reviewed changes
Dockerfile Outdated Show resolved Hide resolved
@applejag applejag mentioned this pull request Sep 10, 2021
Merged
fredx30
fredx30 approved these changes Sep 10, 2021
View reviewed changes
Dockerfile Outdated Show resolved Hide resolved
Dockerfile Outdated Show resolved Hide resolved
Backlog automation moved this from In progress to Reviewer approved Sep 10, 2021
@fredx30 fredx30 self-requested a review September 10, 2021 11:06
fredx30
fredx30 reviewed Sep 10, 2021
View reviewed changes
Copy link
Contributor

@fredx30 fredx30 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

If this is merged without the tag changes i think we should have a discussion at the team meeting about manual controll of version updates and the time cost of retaining a high level control.

@applejag
Copy link
Contributor Author

If this is merged without the tag changes i think we should have a discussion at the team meeting about manual controll of version updates and the time cost of retaining a high level control.

I'll accept your suggestions, but I think it would be good to still have a verbal chat about this. Perhaps on the next bi-weekly meeting?

@applejag @fredx30
Apply suggestions from code review
499efc2 
Co-authored-by: Fredrik <fdyrvold@outlook.com>
@applejag applejag mentioned this pull request Sep 10, 2021
Merged
@applejag applejag merged commit 210d5ac into master Sep 10, 2021
Backlog automation moved this from Reviewer approved to Done Sep 10, 2021
@applejag applejag deleted the feature/fix-docker-vulnerabilities branch September 10, 2021 11:58
This was referenced Sep 10, 2021
Merged
Merged
Merged
Merged
applejag added a commit that referenced this pull request Sep 10, 2021
@applejag
Fix changelog note for #66
bf491e0
@applejag applejag mentioned this pull request Sep 10, 2021
Merged
applejag added a commit that referenced this pull request Sep 13, 2021
@applejag
Fix changelog note for #66 (#68)
a175a98
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fredx30 fredx30 fredx30 approved these changes

@Alexamakans Alexamakans Alexamakans approved these changes

@iverestefans iverestefans Awaiting requested review from iverestefans

Assignees

@applejag applejag

Labels
bug Something isn't working
Projects
No open projects
Backlog
Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@applejag @fredx30 @Alexamakans