devindata-public
/
csi-driver-nfs
3
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Merge pull request #303 from andyzhangx/cve-3.1 

fix: CVE issues in image build on release-3.1
This commit is contained in:
Andy Zhang 2022-03-30 20:05:48 +08:00 committed by GitHub
parent 79d4b0eb1c e889a5efa0
commit c0bf858eab
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Dockerfile
View File

@ -12,17 +12,15 @@
# See the License for the specific language governing permissions and
# limitations under the License.
FROM k8s.gcr.io/build-image/debian-base:bullseye-v1.0.0
FROM k8s.gcr.io/build-image/debian-base:bullseye-v1.1.0
# Architecture for bin folder
ARG ARCH
# Copy nfsplugin from build _output directory
COPY bin/${ARCH}/nfsplugin /nfsplugin
ARG binary=./bin/${ARCH}/nfsplugin
COPY ${binary} /nfsplugin
RUN apt update && apt-mark unhold libcap2
RUN clean-install ca-certificates mount nfs-common netbase
# install updated packages to fix CVE issues
RUN clean-install libssl1.1 libgssapi-krb5-2 libk5crypto3 libkrb5-3 libkrb5support0 libgmp10
RUN clean-install libgmp10 bsdutils libssl1.1 openssl libc6 libc-bin libsystemd0 libudev1
ENTRYPOINT ["/nfsplugin"]