Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: build acr cred helper binary from source [OI-183] #1477

Merged
merged 1 commit into from
Apr 23, 2024
Merged

feat: build acr cred helper binary from source [OI-183] #1477

merged 1 commit into from
Apr 23, 2024

Conversation

armand-snyk
Copy link
Contributor

  • N/A Tests written and linted ℹ︎
  • N/A Documentation written ℹ︎
  • Commit history is tidy ℹ︎

What this does

This PR aims to remove a high vuln in the ubi9 docker image introduced through the docker-credential-acr-env package that we install.

The docker-credential-acr-env repository is not maintained and does not make any new releases, even though a fix for this vuln has been merged into the repo. The solution implemented in this PR creates another step in the ubi9 Dockerfile where the binary is built from source using go install pointed at the latest commit (as of writing this).

Jira ticket OI-183

@armand-snyk armand-snyk requested a review from a team as a code owner April 23, 2024 10:54
popas90
popas90 reviewed Apr 23, 2024
View reviewed changes
Dockerfile.ubi9 Outdated Show resolved Hide resolved
Dockerfile.ubi9 Outdated Show resolved Hide resolved
popas90
popas90 approved these changes Apr 23, 2024
View reviewed changes
Copy link
Contributor

@popas90 popas90 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving, just some minor comments

@armand-snyk armand-snyk changed the title feat: build ecr cred helper binary from source [OI-183] feat: build acr cred helper binary from source [OI-183] Apr 23, 2024
@armand-snyk armand-snyk force-pushed the feat/build-ecr-cred-helper-dockerfile branch from 5d38b34 to 2c05b8a Compare April 23, 2024 11:50
@armand-snyk armand-snyk merged commit 7ef1794 into staging Apr 23, 2024
16 checks passed
@armand-snyk armand-snyk deleted the feat/build-ecr-cred-helper-dockerfile branch April 23, 2024 13:08
@team-container-integration
Copy link
Collaborator

🎉 This PR is included in version 2.13.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@popas90 popas90 popas90 approved these changes

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@armand-snyk @team-container-integration @popas90