Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docker: simplify apk add lines #759

Merged
merged 1 commit into from
Apr 22, 2024
Merged

docker: simplify apk add lines #759

merged 1 commit into from
Apr 22, 2024

Conversation

keegancsmith
Copy link
Member

The images produced are no longer consumed directly by sourcegraph so we don't have security scanners running on them. Additionally we upgraded to the latest alpine now and some of the apk upgrade lines no longer work. Both combined means we can simplify the apk add lines.

Test Plan: built locally

docker build -t zoekt .
docker build -t zoekt-indexserver . -f Dockerfile.indexserver
docker build -t zoekt-webserver   . -f Dockerfile.webserver

@keegancsmith
docker: simplify apk add lines
ad6521e 
The images produced are no longer consumed directly by sourcegraph so we
don't have security scanners running on them. Additionally we upgraded
to the latest alpine now. Both combined means we can simplify the apk
add lines.

Test Plan: built locally

  docker build -t zoekt .
  docker build -t zoekt-indexserver . -f Dockerfile.indexserver
  docker build -t zoekt-webserver   . -f Dockerfile.webserver
@keegancsmith keegancsmith requested a review from a team April 18, 2024 17:07
@cla-bot cla-bot bot added the cla-signed label Apr 18, 2024
@jtibshirani
Copy link
Member

The images produced are no longer consumed directly by sourcegraph so we don't have security scanners running on them.

Could you explain how this lets us simplify the lines like this? (Apologies if obvious, working on getting up to speed :))

@keegancsmith
Copy link
Member Author

The images produced are no longer consumed directly by sourcegraph so we don't have security scanners running on them.

Could you explain how this lets us simplify the lines like this? (Apologies if obvious, working on getting up to speed :))

Our security team came in and added the apk upgrade lines with the specific versions to use since we would get things like trivy complaining about the images. In practice the CVEs didn't actually effect us except for noise in scanners. Now that we don't ship this to customers who complain about these sort of things we can just do simple "apk add" lines on what we need.

@keegancsmith keegancsmith merged commit 55b7aee into main Apr 22, 2024
9 checks passed
@keegancsmith keegancsmith deleted the k/simplify-docker-add branch April 22, 2024 14:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stefanhengl stefanhengl stefanhengl approved these changes

Assignees
No one assigned
Labels
cla-signed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@keegancsmith @jtibshirani @stefanhengl