Rebuild docker container to patch for CVE-2019-14697 #255

thomasv314 · 2020-02-18T20:47:18Z

#230 incremented the base version of Alpine from 3.7 to 3.10 to patch CVE-2019-14697

https://hub.docker.com/r/jtblin/kube2iam is still built from the Alpine 3.7 base

Would it be possible for an updated image to be built and pushed to docker hub?

grosser · 2020-02-29T02:04:36Z

@jtblin is there some regular issue/PR grooming going on or is there someone we can ping on issues like that ?

@thomasv314 you can build your own (steps by @uthark)

ARG REPO=https://github.com/jtblin/kube2iam.git
ARG SHA=796b988765a075548cbcb1af4a9fc05b4adc8588

FROM golang:1.14 AS BUILDER
ARG REPO
ARG SHA

WORKDIR /go/src/github.com/jtblin/kube2iam
ENV ARCH=linux
ENV CGO_ENABLED=0
RUN git clone ${REPO} . && git reset --hard ${SHA}
RUN make setup && make build

FROM alpine:3.11.3

RUN apk --no-cache add \
    ca-certificates \
    iptables

COPY --from=BUILDER /go/src/github.com/jtblin/kube2iam/build/bin/linux/kube2iam /bin/kube2iam

ENTRYPOINT ["kube2iam"]

mwhittington21 mentioned this issue Mar 5, 2020

Upgrade dependencies #263

Merged

struz closed this as completed in #263 Mar 5, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Rebuild docker container to patch for CVE-2019-14697 #255

Rebuild docker container to patch for CVE-2019-14697 #255

thomasv314 commented Feb 18, 2020 •

edited

Loading

grosser commented Feb 29, 2020

Rebuild docker container to patch for CVE-2019-14697 #255

Rebuild docker container to patch for CVE-2019-14697 #255

Comments

thomasv314 commented Feb 18, 2020 • edited Loading

grosser commented Feb 29, 2020

thomasv314 commented Feb 18, 2020 •

edited

Loading