From 0c29cbfe7e24a1d590a83f30dba24e026e5e2b1e Mon Sep 17 00:00:00 2001 From: Nicola Stoira <nicola.stoira@accenture.com> Date: Thu, 11 Jul 2024 14:47:44 +0200 Subject: [PATCH 1/2] Remove specific versions to fix vulnerabilities --- conf/Dockerfile | 3 +-- data_handler/Dockerfile | 2 +- grafana/Dockerfile | 3 ++- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/conf/Dockerfile b/conf/Dockerfile index 59f8f2e0..880e8f73 100644 --- a/conf/Dockerfile +++ b/conf/Dockerfile @@ -14,8 +14,7 @@ FROM registry.dcc.sib.swiss/sphn-semantic-framework/sphn-connector/nginx:1.25-al USER root RUN addgroup sphn_proxy && adduser -u 1000 -D sphn_proxy -G sphn_proxy -RUN apk update && apk add --no-cache curl==8.5.0-r0 libcrypto3 libcurl==8.5.0-r0 curl=8.5.0-r0 libssl3 libexpat=2.6.2-r0 libxml2 - +RUN apk update && apk upgrade --no-cache # Set the working directory WORKDIR /usr/share/nginx/html diff --git a/data_handler/Dockerfile b/data_handler/Dockerfile index 4d0f3294..fdc76af5 100644 --- a/data_handler/Dockerfile +++ b/data_handler/Dockerfile @@ -13,7 +13,7 @@ FROM registry.dcc.sib.swiss/sphn-semantic-framework/sphn-connector/alpine:3.18 -RUN apk update && apk add ca-certificates && rm -rf /var/cache/apk/* +RUN apk update && apk add ca-certificates && apk upgrade --no-cache && rm -rf /var/cache/apk/* COPY ./data_handler/entrypoint.sh /home/entrypoint.sh RUN chmod 770 /home/entrypoint.sh diff --git a/grafana/Dockerfile b/grafana/Dockerfile index dbd2d346..833134e3 100644 --- a/grafana/Dockerfile +++ b/grafana/Dockerfile @@ -21,7 +21,8 @@ ENV DASHBOARDS_TARGET=/etc/grafana/provisioning/dashboards USER root #Update APK libraries -RUN apk update && apk add --no-cache curl==8.5.0-r0 libcrypto3 libcurl==8.5.0-r0 libssl3 nghttp2-libs==1.58.0-r0 +RUN apk update && apk upgrade --no-cache +#&& apk add --no-cache curl==8.5.0-r0 libcrypto3 libcurl==8.5.0-r0 libssl3 nghttp2-libs==1.58.0-r0 USER grafana # setting up dashboard & dataresources config -- GitLab From 849ee3ba80bd38430083592c52255c9d034e8eb1 Mon Sep 17 00:00:00 2001 From: Nicola Stoira <nicola.stoira@accenture.com> Date: Thu, 11 Jul 2024 14:55:26 +0200 Subject: [PATCH 2/2] REmove comment --- grafana/Dockerfile | 1 - 1 file changed, 1 deletion(-) diff --git a/grafana/Dockerfile b/grafana/Dockerfile index 833134e3..4a482f78 100644 --- a/grafana/Dockerfile +++ b/grafana/Dockerfile @@ -22,7 +22,6 @@ USER root #Update APK libraries RUN apk update && apk upgrade --no-cache -#&& apk add --no-cache curl==8.5.0-r0 libcrypto3 libcurl==8.5.0-r0 libssl3 nghttp2-libs==1.58.0-r0 USER grafana # setting up dashboard & dataresources config -- GitLab