Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update docker images to reduce security vulnerabilities #211

Draft
wants to merge 15 commits into
base: main
Choose a base branch
from
Draft

Update docker images to reduce security vulnerabilities #211

wants to merge 15 commits into from
+70 −60

Conversation

adthrasher
Copy link
Member

@adthrasher adthrasher commented Jan 31, 2025
edited
Loading

This resolves 960 security vulnerabilities. Mainly by switching compatible images to an alpine base image. Other improvements include updating base OS versions and updating packages. There are 25 remaining security vulnerabilities, all of which are Low/Medium by Snyk (level documentation). All of the remaining vulnerabilities are in the util image (which uses Ubuntu 24.04). We do an apt-get upgrade in the image and I've skimmed most of the remaining vulnerabilities and they have no fixed version in 24.04. So the only "fix" would be to change to a different image that does not have those vulnerabilities.

Before submitting this PR, please make sure:

  • You have added a few sentences describing the PR here.
  • You have added yourself or the appropriate individual as the assignee.
  • You have added at least one relevant code reviewer to the PR.
  • The code passes all CI tests without any errors or warnings.
  • You have added tests (when appropriate).
  • You have added an entry in any relevant CHANGELOGs (when appropriate).
  • If you have made any changes to the scripts/ or docker/ directories, please ensure any image versions have been incremented accordingly!
  • You have updated the README or other documentation to account for these changes (when appropriate).

@adthrasher adthrasher self-assigned this Jan 31, 2025
github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 31, 2025
View reviewed changes
Copy link

@github-advanced-security github-advanced-security bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Snyk Container found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.

github-advanced-security[bot]
github-advanced-security bot found potential problems Jan 31, 2025
View reviewed changes
docker/estimate/Dockerfile Fixed Show fixed Hide fixed
docker/estimate/Dockerfile Fixed Show fixed Hide fixed
docker/estimate/Dockerfile Fixed Show fixed Hide fixed
docker/estimate/Dockerfile Fixed Show fixed Hide fixed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@adthrasher adthrasher

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@adthrasher