From 7c61910435059b3b8b032dc4f90b7cd385881077 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 10 Jul 2024 09:36:18 -0600 Subject: [PATCH 1/2] [APIPUB-58] Update docker images and nuget packages to remove vulnerabilites --- src/Dockerfile | 2 +- src/dev.Dockerfile | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/src/Dockerfile b/src/Dockerfile index 8f0f121..1cfb6c8 100644 --- a/src/Dockerfile +++ b/src/Dockerfile @@ -4,7 +4,7 @@ # See the LICENSE and NOTICES files in the project root for more information. # Tag aspnet:8.0-alpine -FROM mcr.microsoft.com/dotnet/aspnet@sha256:de73c1e1abd69d3ffa2658075ad4cd4edccfef37eb92ddda2c78f20173403238 +FROM mcr.microsoft.com/dotnet/aspnet@sha256:ba398f8c6a0469436cc115bfbd278002baf4ce9423b6d8a9e904da6adc31a23d LABEL maintainer="Ed-Fi Alliance, LLC and Contributors " ENV VERSION="1.0.0" diff --git a/src/dev.Dockerfile b/src/dev.Dockerfile index 5b9ee12..c79d267 100644 --- a/src/dev.Dockerfile +++ b/src/dev.Dockerfile @@ -5,7 +5,7 @@ # tag sdk:8.0 alpine -FROM mcr.microsoft.com/dotnet/sdk@sha256:e9f2d4a0452e823d615bf6da6e0575489d8037498571db6fa1c6ce6fb9987ecd AS build +FROM mcr.microsoft.com/dotnet/sdk@sha256:91cb46b0ee207d0df53e2e38f2e4013fe2668ab52dcca13c971afbbef94c83ef WORKDIR /source COPY ./EdFi.Tools.ApiPublisher.Cli/ EdFi.Tools.ApiPublisher.Cli/ @@ -36,7 +36,7 @@ RUN dotnet publish -c Release -o /app/EdFi.Tools.ApiPiblisher.Cli --no-build --n # Tag aspnet:8.0 alpine -FROM mcr.microsoft.com/dotnet/aspnet@sha256:de73c1e1abd69d3ffa2658075ad4cd4edccfef37eb92ddda2c78f20173403238 +FROM mcr.microsoft.com/dotnet/aspnet@sha256:ba398f8c6a0469436cc115bfbd278002baf4ce9423b6d8a9e904da6adc31a23d LABEL maintainer="Ed-Fi Alliance, LLC and Contributors " # Alpine image does not contain Globalization Cultures library so we need to install ICU library to get fopr LINQ expression to work From 030322e00221ef392c9b87a54f2ebdd9f84b17b8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jos=C3=A9=20Alberto=20Leiva=20Obando?= Date: Wed, 10 Jul 2024 11:02:26 -0600 Subject: [PATCH 2/2] Update dev.Dockerfile Update docker file to update definitions --- src/dev.Dockerfile | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/src/dev.Dockerfile b/src/dev.Dockerfile index c79d267..a8cae29 100644 --- a/src/dev.Dockerfile +++ b/src/dev.Dockerfile @@ -5,7 +5,7 @@ # tag sdk:8.0 alpine -FROM mcr.microsoft.com/dotnet/sdk@sha256:91cb46b0ee207d0df53e2e38f2e4013fe2668ab52dcca13c971afbbef94c83ef +FROM mcr.microsoft.com/dotnet/sdk@sha256:91cb46b0ee207d0df53e2e38f2e4013fe2668ab52dcca13c971afbbef94c83ef AS build WORKDIR /source COPY ./EdFi.Tools.ApiPublisher.Cli/ EdFi.Tools.ApiPublisher.Cli/ @@ -36,9 +36,17 @@ RUN dotnet publish -c Release -o /app/EdFi.Tools.ApiPiblisher.Cli --no-build --n # Tag aspnet:8.0 alpine -FROM mcr.microsoft.com/dotnet/aspnet@sha256:ba398f8c6a0469436cc115bfbd278002baf4ce9423b6d8a9e904da6adc31a23d +FROM mcr.microsoft.com/dotnet/aspnet@sha256:ba398f8c6a0469436cc115bfbd278002baf4ce9423b6d8a9e904da6adc31a23d AS runtimeBase LABEL maintainer="Ed-Fi Alliance, LLC and Contributors " +RUN apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 icu=~74 curl=~8 && \ + dos2unix /app/*.json && \ + dos2unix /app/*.sh && \ + chmod 700 /app/*.sh -- ** && \ + rm -f /app/*.pdb && \ + rm -f /app/*.exe +FROM runtimebase AS setup + # Alpine image does not contain Globalization Cultures library so we need to install ICU library to get fopr LINQ expression to work # Disable the globaliztion invariant mode (set in base image) ENV DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=false @@ -52,11 +60,4 @@ COPY ./Docker/logging.template.json /app/logging.template.json COPY ./Docker/plainTextNamedConnections.template.json /app/plainTextNamedConnections.template.json COPY ./Docker/run.sh /app/run.sh -RUN apk --no-cache add unzip=~6 dos2unix=~7 bash=~5 gettext=~0 icu=~74 curl=~8 && \ - dos2unix /app/*.json && \ - dos2unix /app/*.sh && \ - chmod 700 /app/*.sh -- ** && \ - rm -f /app/*.pdb && \ - rm -f /app/*.exe - ENTRYPOINT [ "/app/run.sh" ] \ No newline at end of file