Skip to content

Commit

Permalink
upgrade container packages to latest versions (#576)
Browse files Browse the repository at this point in the history 
Signed-off-by: Paul S. Schweigert <paul@paulschweigert.com>

We want to avoid running into security vulnerabilties in our images,
so we're upgrading system packages to the latest versions via apt
update/upgrade.
  • Loading branch information
@psschwei
psschwei authored May 22, 2023
1 parent 98b7687 commit b37f679
Show file tree
Hide file tree
Showing 4 changed files with 5 additions and 5 deletions.
3 changes: 1 addition & 2 deletions infrastructure/docker/Dockerfile-gateway
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,7 @@ ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1

# install psycopg2 dependencies
RUN apt-get -y update \
&& apt-get -y install gcc python3-dev
RUN apt-get -y update && apt-get -y upgrade && apt-get -y install gcc python3-dev

USER 0
COPY gateway .
Expand Down
3 changes: 1 addition & 2 deletions infrastructure/docker/Dockerfile-notebook
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@ ARG IMAGE_PY_VERSION=3.9
FROM jupyter/base-notebook:python-$IMAGE_PY_VERSION

USER 0
RUN apt-get -y update && apt-get -y install gcc build-essential libopenblas-dev

RUN apt-get -y update && apt-get -y upgrade && apt-get -y install gcc build-essential libopenblas-dev
USER $NB_UID

COPY --chown=$NB_UID:$NB_UID ./client ./qs
Expand Down
3 changes: 2 additions & 1 deletion infrastructure/docker/Dockerfile-ray-qiskit
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,7 @@
ARG IMAGE_PY_VERSION=py39

FROM rayproject/ray:2.4.0-$IMAGE_PY_VERSION AS ray-node-amd64
RUN apt-get -y update && apt-get -y upgrade
USER $RAY_UID
COPY --chown=$RAY_UID:$RAY_UID ./client ./qs
RUN cd ./qs && pip install .
Expand All @@ -9,7 +10,7 @@ RUN rm -r ./qs

FROM rayproject/ray:2.4.0-$IMAGE_PY_VERSION-aarch64 AS ray-node-arm64
USER $RAY_UID
RUN apt-get -y update && apt-get -y install gcc build-essential libopenblas-dev cmake
RUN apt-get -y update && apt-get -y upgrade && apt-get -y install gcc build-essential libopenblas-dev cmake
COPY --chown=$RAY_UID:$RAY_UID ./client ./qs
RUN cd ./qs && pip install .
RUN if [ $TARGETARCH == arm64 ] ; then pip install git+https://github.com/pyscf/pyscf@v2.2.1; fi
Expand Down
1 change: 1 addition & 0 deletions infrastructure/docker/Dockerfile-repository-server
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED 1

USER 0
RUN apt-get -y update && apt-get -y upgrade
COPY repository .
RUN chown -R 1001:0 /usr/src/app

Expand Down

0 comments on commit b37f679

Please sign in to comment.