Skip to content
This repository has been archived by the owner on Mar 17, 2024. It is now read-only.

Use newer centos image #168

Merged
merged 2 commits into from
Oct 13, 2020
Merged

Use newer centos image #168

merged 2 commits into from
Oct 13, 2020

Conversation

killuazhu
Copy link
Contributor

Use newer base image and update packages to reduce vulnerabilities in the image.

When you use trivy to scan the latest image, it contains many fixable vulnerabilities, most of them comes from centos:7 base image

sudo trivy image --ignore-unfixed lightbend/kafka-lag-exporter:0.6.4
2020-10-08T22:44:51.188Z        INFO    Detecting RHEL/CentOS vulnerabilities...

lightbend/kafka-lag-exporter:0.6.4 (centos 7.8.2003)
====================================================
Total: 112 (UNKNOWN: 0, LOW: 23, MEDIUM: 81, HIGH: 8, CRITICAL: 0)

......did not include the full output.....

@lightbend-cla-validator
Copy link

Hi @killuazhu,

Thank you for your contribution! We really value the time you've taken to put this together.

Before we proceed with reviewing this pull request, please sign the Lightbend Contributors License Agreement:

https://www.lightbend.com/contribute/cla

@killuazhu
Copy link
Contributor Author

@seglo the build is passing. Could you please review and merge? Thanks.

@seglo seglo merged commit 5af3ba4 into seglo:master Oct 13, 2020
@seglo
Copy link
Owner

seglo commented Oct 13, 2020

Thanks @killuazhu

@killuazhu
Copy link
Contributor Author

@seglo thanks for merging the change. Could you please also make a release? We'd like to consume the updated image on docker hub.

Thanks in advance.

@seglo
Copy link
Owner

seglo commented Oct 14, 2020

@killuazhu
Copy link
Contributor Author

Awesome! Thanks @seglo

@killuazhu killuazhu deleted the patch-1 branch October 14, 2020 16:56
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants