Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Che PHP base image to latest release + update composer #19675

Closed
nickboldt opened this issue Apr 26, 2021 · 0 comments · Fixed by eclipse-che/che-devfile-registry#396
Closed

Update Che PHP base image to latest release + update composer #19675

nickboldt opened this issue Apr 26, 2021 · 0 comments · Fixed by eclipse-che/che-devfile-registry#396
Assignees
@ericwill
Labels
area/plugins kind/task Internal things, technical debt, and to-do tasks to be performed. severity/P1 Has a major impact to usage or development of the system. sprint/current
Milestone
7.31

Comments

@nickboldt
Copy link
Contributor

nickboldt commented Apr 26, 2021
edited
Loading

Is your task related to a problem? Please describe.

The base image used to build the php sidecar in Che 7.29.1 is https://quay.io/repository/eclipse/che-php-base?tab=tags ... last updated over a year ago, with 3 High sev CVE issues.

Describe the solution you'd like

A respin is needed to update to the latest images:

  • php:7.4-apache
  • composer:latest

Dockerfile is https://github.com/che-dockerfiles/che-php-base/blob/7.4/Dockerfile#L37

Then the resulting https://quay.io/eclipse/che-php-7 will have newer content and fewer CVEs.

It might also be valuable to update the dockerfile to pin to specific versions, so it's more obvious when we get outdated.

Additional context

Customer reported this issue via an SA.
@nickboldt nickboldt added the kind/task Internal things, technical debt, and to-do tasks to be performed. label Apr 26, 2021
@che-bot che-bot added the status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. label Apr 26, 2021
@ibuziuk ibuziuk added severity/P1 Has a major impact to usage or development of the system. area/plugins and removed status/need-triage An issue that needs to be prioritized by the curator responsible for the triage. See https://github. labels Apr 26, 2021
@ericwill ericwill added this to the 7.31 milestone Apr 26, 2021
@ericwill ericwill mentioned this issue Apr 29, 2021
Closed
32 tasks
@ericwill ericwill mentioned this issue May 13, 2021
Merged
9 tasks
nickboldt pushed a commit to eclipse-che/che-devfile-registry that referenced this issue May 14, 2021
@ericwill
Update PHP7 base image (#396)
68b4fbd 
Fixes eclipse-che/che#19675

Signed-off-by: Eric Williams <ericwill@redhat.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@ericwill ericwill

Labels
area/plugins kind/task Internal things, technical debt, and to-do tasks to be performed. severity/P1 Has a major impact to usage or development of the system. sprint/current
Projects
None yet
Milestone
7.31
Development

Successfully merging a pull request may close this issue.

Update PHP7 base image
4 participants
@nickboldt @ibuziuk @ericwill @che-bot