From 9633f9aa943b3285a6dafe6defadff69a9c52178 Mon Sep 17 00:00:00 2001 From: Mic Bowman Date: Thu, 3 Oct 2024 17:22:52 -0600 Subject: [PATCH] Clean up the docker configuration files based on trivy feedback Note that trivy notes errors about missing USER declarations. The final images that are built, pdo_ccf, pdo_services, and pdo_client all have users defined. Signed-off-by: Mic Bowman --- docker/pdo_base.dockerfile | 2 +- docker/pdo_ccf_base.dockerfile | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/docker/pdo_base.dockerfile b/docker/pdo_base.dockerfile index 5be86fa7..52af201a 100644 --- a/docker/pdo_base.dockerfile +++ b/docker/pdo_base.dockerfile @@ -27,7 +27,7 @@ ARG ADD_APT_PKGS= ENV DEBIAN_FRONTEND "noninteractive" RUN apt-get update \ - && apt-get install -y -q \ + && apt-get install -y -q --no-install-recommends \ autoconf \ automake \ build-essential \ diff --git a/docker/pdo_ccf_base.dockerfile b/docker/pdo_ccf_base.dockerfile index e163d9bb..66d50f07 100644 --- a/docker/pdo_ccf_base.dockerfile +++ b/docker/pdo_ccf_base.dockerfile @@ -31,7 +31,7 @@ ARG ADD_APT_PKGS= ENV DEBIAN_FRONTEND "noninteractive" RUN apt-get update \ - && apt-get install -y -q \ + && apt-get install -y -q --no-install-recommends \ libsecp256k1-dev \ lsof \ python \ @@ -46,8 +46,9 @@ RUN apt-get update \ RUN echo "deb [arch=amd64] https://download.01.org/intel-sgx/sgx_repo/ubuntu ${UBUNTU_NAME} main" >> /etc/apt/sources.list RUN curl https://download.01.org/intel-sgx/sgx_repo/ubuntu/intel-sgx-deb.key | apt-key add - + RUN apt-get update \ - && apt-get install -y \ + && apt-get install -y --no-install-recommends \ sgx-aesm-service \ libsgx-dcap-ql \ libsgx-urts \