Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update omd-server's base image to alpine:3.18.5 #14199

Merged
merged 4 commits into from
Dec 4, 2023
Merged

Update omd-server's base image to alpine:3.18.5 #14199

merged 4 commits into from
Dec 4, 2023

Conversation

preetsshah
Copy link
Contributor

@preetsshah preetsshah commented Dec 1, 2023
edited
Loading

Describe your changes:

Currently we are using alpine:3 image for OMD server's base image. This image has below listed (Score - High) vulnerabilities:
CVE-2023-5363
CVE-2023-4586
CVE-2023-6378
CVE-2023-6378

Using alpine:3.18 image, we can fix openssl vulnerabilities i.e. CVE-2023-5363 (High) and CVE-2023-5678 (Medium).

The execute-migrate-all container also uses the same image, hence we can apply fix for both.

Type of change:

  • Bug fix
  • Improvement
  • New feature
  • Breaking change (fix or feature that would cause existing functionality to not work as expected)
  • Documentation

Checklist:

  • I have read the CONTRIBUTING document.
  • My PR title is Fixes <issue-number>: <short explanation>
  • I have commented on my code, particularly in hard-to-understand areas.
  • For JSON Schema changes: I updated the migration scripts or explained why it is not needed.

@github-actions github-actions bot added the devops label Dec 1, 2023
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 1, 2023

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Dec 1, 2023

Hi there 👋 Thanks for your contribution!

The OpenMetadata team will review the PR shortly! Once it has been labeled as safe to test, the CI workflows
will start executing and we'll be able to make sure everything is working as expected.

Let us know if you need any help!

@harshach
Copy link
Collaborator

harshach commented Dec 2, 2023

hi @preetshah can you make this PR to ready to review

@harshach harshach added the safe to test Add this label to run secure Github workflows on PRs label Dec 2, 2023
@harshach harshach marked this pull request as ready for review December 2, 2023 17:48
akash-jain-10
akash-jain-10 approved these changes Dec 4, 2023
View reviewed changes
Copy link
Collaborator

@akash-jain-10 akash-jain-10 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks for the contribution!

@akash-jain-10 akash-jain-10 merged commit 597c499 into open-metadata:main Dec 4, 2023
10 checks passed
akash-jain-10 pushed a commit that referenced this pull request Dec 4, 2023
@preetsshah @akash-jain-10
Update omd-server's base image to alpine:3.18.5 (#14199)
f630322 
* Update server's base image to alpine:3.18.5

* Update server's base image tags

---------

Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com>
(cherry picked from commit 597c499)
MrVinegar pushed a commit to MrVinegar/OpenMetadata that referenced this pull request Dec 15, 2023
@preetsshah @harshach
Update omd-server's base image to alpine:3.18.5 (open-metadata#14199)
f33905d 
* Update server's base image to alpine:3.18.5

* Update server's base image tags

---------

Co-authored-by: Sriharsha Chintalapani <harshach@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@akash-jain-10 akash-jain-10 akash-jain-10 approved these changes

@harshach harshach Awaiting requested review from harshach harshach is a code owner

Assignees
No one assigned
Labels
devops safe to test Add this label to run secure Github workflows on PRs
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@preetsshah @harshach @akash-jain-10