Skip to content
This repository was archived by the owner on Jun 4, 2024. It is now read-only.

Update base docker images#924

Closed
marcoandredinis wants to merge 2 commits intomasterfrom
marco/update-docker-image
Closed

Update base docker images#924
marcoandredinis wants to merge 2 commits intomasterfrom
marco/update-docker-image

Conversation

@marcoandredinis
Copy link
Copy Markdown
Contributor

@marcoandredinis marcoandredinis commented Sep 25, 2023

Buddy PR #915

MattiasAng and others added 2 commits September 25, 2023 09:20
@MattiasAng @marcoandredinis
Update to latest base distroless image
85d6079 
The current image contains several critical vulnerabilities for OpenSSL, libc and libssl
@marcoandredinis
update event handler docker image for builds
6e7e2d5
@marcoandredinis marcoandredinis mentioned this pull request Sep 25, 2023
Closed
@strideynet
Copy link
Copy Markdown
Contributor

strideynet commented Sep 25, 2023

Does this also need adjusting in the main Teleport repo for the plugins that have been moved ?

@marcoandredinis
Copy link
Copy Markdown
Contributor Author

marcoandredinis commented Sep 25, 2023

I don't think so.
These are only used for creating the docker images for the plugins.
The ones that were moved live within the teleport binary, and should have their own base docker image.

reedloden
reedloden reviewed Sep 25, 2023
View reviewed changes
Copy link
Copy Markdown
Contributor

@reedloden reedloden left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Instead of doing specific hashes, can we just use gcr.io/distroless/base-debian12? Specifically, please use a variable at the top of the Dockerfile for easy updating.

Take a look at gravitational/teleport#31620.

reedloden added a commit that referenced this pull request Sep 25, 2023
@reedloden
Update base docker images to use Debian 12 distroless base image
6d64f30 
Instead of chasing ever-changing commit hashes, just use the apppropriate
tag for the distroless image. This aligns things to how `teleport` is handled.

Additionally, standardize on Debian 12 for everything (instead of a mix of 11 and 12).

Alternative to #924 and #915.
@reedloden reedloden mentioned this pull request Sep 25, 2023
Merged
@reedloden
Copy link
Copy Markdown
Contributor

reedloden commented Sep 25, 2023

Instead of doing specific hashes, can we just use gcr.io/distroless/base-debian12? Specifically, please use a variable at the top of the Dockerfile for easy updating.

I submitted #928 as an alternative to this PR.

@tcsc
Copy link
Copy Markdown
Contributor

tcsc commented Sep 26, 2023

We should probably close this in favour of @reedloden's #928.

reedloden added a commit that referenced this pull request Sep 26, 2023
@reedloden
Update base docker images to use Debian 12 distroless base image
edc30fd 
Instead of chasing ever-changing commit hashes, just use the apppropriate
tag for the distroless image. This aligns things to how `teleport` is handled.

Additionally, standardize on Debian 12 for everything (instead of a mix of 11 and 12).

Alternative to #924 and #915.
reedloden added a commit that referenced this pull request Sep 26, 2023
@reedloden
Update base docker images to use Debian 12 distroless base image
b02a444 
Instead of chasing ever-changing commit hashes, just use the apppropriate
tag for the distroless image. This aligns things to how `teleport` is handled.

Additionally, standardize on Debian 12 for everything (instead of a mix of 11 and 12).

Alternative to #924 and #915.
@reedloden
Copy link
Copy Markdown
Contributor

reedloden commented Sep 26, 2023

Addressed in #928.

@reedloden reedloden closed this Sep 26, 2023
@reedloden reedloden deleted the marco/update-docker-image branch September 26, 2023 02:36
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@klizhentas klizhentas Awaiting requested review from klizhentas klizhentas is a code owner

@russjones russjones Awaiting requested review from russjones russjones is a code owner

@r0mant r0mant Awaiting requested review from r0mant r0mant is a code owner

@Joerger Joerger Awaiting requested review from Joerger Joerger is a code owner

@tcsc tcsc Awaiting requested review from tcsc tcsc is a code owner

@zmb3 zmb3 Awaiting requested review from zmb3 zmb3 is a code owner

@camscale camscale Awaiting requested review from camscale camscale is a code owner

@fheinecke fheinecke Awaiting requested review from fheinecke fheinecke is a code owner

2 more reviewers

@reedloden reedloden reedloden left review comments

@strideynet strideynet strideynet approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@marcoandredinis @strideynet @reedloden @tcsc @MattiasAng