Skip to content

Commit f91a9d0

Browse files
committed
CH-229 reduce base images vulnerabilities
1 parent 22027b4 commit f91a9d0

8 files changed

Lines changed: 7787 additions & 1458 deletions

File tree

applications/common/server/requirements.txt

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -4,4 +4,3 @@ python_dateutil>=2.9.0
44
setuptools>=21.0.0
55
uvicorn
66
flask_sqlalchemy==3.0.2
7-
sqlalchemy<2.0.0

applications/samples/backend/requirements.txt

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,4 +2,8 @@ connexion[swagger-ui,flask,uvicorn]>=3.0.0,<4.0.0
22
swagger-ui-bundle>=1.1.0
33
python_dateutil>=2.9.0
44
setuptools>=21.0.0
5-
uvicorn
5+
uvicorn
6+
# Following some unnecessary requirements to make sure they can be installed
7+
psycopg2-binary
8+
sqlalchemy<2.0.0
9+
scipy

infrastructure/base-images/cloudharness-base/Dockerfile

Lines changed: 7 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,12 @@
1-
ARG PARENT=python:3.12
1+
ARG PARENT=python:3.12-slim-trixie
22
FROM ${PARENT}
33

4-
RUN apt-get update && apt-get install -y nfs-common && rm -rf /var/lib/apt/lists/*
4+
RUN apt update && apt install -y --no-install-recommends \
5+
gcc \
6+
python3-dev \
7+
libpq-dev \
8+
nfs-common \
9+
&& rm -rf /var/lib/apt/lists/*
510

611
RUN --mount=type=cache,target=/root/.cache python -m pip install --upgrade pip &&\
712
pip install pytest --prefer-binary
Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,3 @@
1-
FROM node:20
1+
FROM node:22-alpine
22

33

test/test-e2e/Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
FROM ghcr.io/puppeteer/puppeteer:23
1+
FROM ghcr.io/puppeteer/puppeteer:24
22

33
USER root
44
RUN mkdir -p /home/test

0 commit comments

Comments
 (0)