From aade1f2854f05e8884cc8c14c8ef3ad280d490b5 Mon Sep 17 00:00:00 2001 From: jiangpengcheng Date: Thu, 23 May 2024 08:33:16 +0800 Subject: [PATCH 1/2] Update alpine to 3.20 to fix CVEs --- images/pulsar-functions-base-runner/Dockerfile | 2 +- images/pulsar-functions-base-runner/pulsarctl.Dockerfile | 2 +- operator.Dockerfile | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/images/pulsar-functions-base-runner/Dockerfile b/images/pulsar-functions-base-runner/Dockerfile index 03e1a077..d9d4b532 100644 --- a/images/pulsar-functions-base-runner/Dockerfile +++ b/images/pulsar-functions-base-runner/Dockerfile @@ -1,7 +1,7 @@ ARG PULSAR_IMAGE ARG PULSAR_IMAGE_TAG FROM ${PULSAR_IMAGE}:${PULSAR_IMAGE_TAG} as pulsar -FROM alpine:3.19 as functions-runner +FROM alpine:3.20 as functions-runner ENV GID=10001 ENV UID=10000 diff --git a/images/pulsar-functions-base-runner/pulsarctl.Dockerfile b/images/pulsar-functions-base-runner/pulsarctl.Dockerfile index 123cba40..564a10cf 100644 --- a/images/pulsar-functions-base-runner/pulsarctl.Dockerfile +++ b/images/pulsar-functions-base-runner/pulsarctl.Dockerfile @@ -1,7 +1,7 @@ ARG PULSAR_IMAGE ARG PULSAR_IMAGE_TAG FROM ${PULSAR_IMAGE}:${PULSAR_IMAGE_TAG} as pulsar -FROM alpine:3.19 as functions-runner +FROM alpine:3.20 as functions-runner ENV GID=10001 ENV UID=10000 diff --git a/operator.Dockerfile b/operator.Dockerfile index 0e51ef60..60e502cf 100644 --- a/operator.Dockerfile +++ b/operator.Dockerfile @@ -1,4 +1,4 @@ -FROM alpine:3.19 +FROM alpine:3.20 RUN apk add tzdata --no-cache RUN apk upgrade --no-cache From 1aade94c12f8e8a88e5f89b8f6c0f618d84e4415 Mon Sep 17 00:00:00 2001 From: jiangpengcheng Date: Thu, 23 May 2024 08:51:05 +0800 Subject: [PATCH 2/2] Fix runner error --- images/pulsar-functions-python-runner/Dockerfile | 2 +- images/pulsar-functions-python-runner/pulsarctl.Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/images/pulsar-functions-python-runner/Dockerfile b/images/pulsar-functions-python-runner/Dockerfile index ff09f6b1..79780a0d 100644 --- a/images/pulsar-functions-python-runner/Dockerfile +++ b/images/pulsar-functions-python-runner/Dockerfile @@ -23,7 +23,7 @@ RUN if [ -d "/tmp/pulsar/cpp-client" ]; then mv /tmp/pulsar/cpp-client /pulsar/c # Install some utilities RUN apk update \ && apk add --no-cache python3 python3-dev tk-dev curl ca-certificates\ - && mv /usr/lib/python3.11/EXTERNALLY-MANAGED /usr/lib/python3.11/EXTERNALLY-MANAGED.old + && mv /usr/lib/python3.*/EXTERNALLY-MANAGED /tmp/EXTERNALLY-MANAGED.old RUN mkdir -p /etc/pki/tls/certs && cp /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt diff --git a/images/pulsar-functions-python-runner/pulsarctl.Dockerfile b/images/pulsar-functions-python-runner/pulsarctl.Dockerfile index ba83d5a8..d42f542a 100644 --- a/images/pulsar-functions-python-runner/pulsarctl.Dockerfile +++ b/images/pulsar-functions-python-runner/pulsarctl.Dockerfile @@ -23,7 +23,7 @@ RUN apk update \ && apk add --no-cache python3 python3-dev tk-dev curl ca-certificates\ && mkdir -p /etc/pki/tls/certs && cp /etc/ssl/certs/ca-certificates.crt /etc/pki/tls/certs/ca-bundle.crt \ && curl https://bootstrap.pypa.io/get-pip.py -o get-pip.py \ - && mv /usr/lib/python3.11/EXTERNALLY-MANAGED /usr/lib/python3.11/EXTERNALLY-MANAGED.old \ + && mv /usr/lib/python3.*/EXTERNALLY-MANAGED /tmp/EXTERNALLY-MANAGED.old \ && python3 get-pip.py && pip3 install --upgrade pip RUN if [ -f "/pulsar/bin/install-pulsar-client-37.sh" ]; then /pulsar/bin/install-pulsar-client-37.sh || pip3 install 'pulsar-client[all]==3.5.0' ; else pip3 install 'pulsar-client[all]==3.5.0' ; fi