From bd8633c630448a40367bf727e5bf91e0a51df8cc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcel=20M=C3=A4rtens?= Date: Sun, 6 Feb 2022 19:32:50 +0100 Subject: [PATCH 1/2] Update the baseimage of dockerfile as alpine 3.12 has some security vunerabilities. According to: https://artifacthub.io/packages/helm/truecharts/recipes?modal=security-report&image=tccr.io%2Ftruecharts%2Frecipes%3Av1.0.5%40sha256%3Ac74923879e7d2bf5bff4d1e953a100307462ad191a79908165f3364b97446833 There are at least 4 Chritical ones with a total of 47. So updating the base should prob be a good thing and help here. --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b69c037a..80e05f6a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM python:3.9-alpine3.12 +FROM python:3.10-alpine3.15 #Install all dependencies. RUN apk add --no-cache postgresql-libs gettext zlib libjpeg libwebp libxml2-dev libxslt-dev py-cryptography From 542b656beaee1f1cf902007b5938abe7c669c7ea Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcel=20M=C3=A4rtens?= Date: Mon, 7 Feb 2022 19:21:35 +0100 Subject: [PATCH 2/2] fix python-ldap bugs according to https://github.com/TandoorRecipes/recipes/pull/1499\#issuecomment-1031627178 --- Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/Dockerfile b/Dockerfile index 80e05f6a..a626649a 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,6 +16,7 @@ WORKDIR /opt/recipes COPY requirements.txt ./ RUN apk add --no-cache --virtual .build-deps gcc musl-dev postgresql-dev zlib-dev jpeg-dev libwebp-dev libressl-dev libffi-dev cargo openssl-dev openldap-dev && \ + echo -n "INPUT ( libldap.so )" > /usr/lib/libldap_r.so && \ python -m venv venv && \ /opt/recipes/venv/bin/python -m pip install --upgrade pip && \ venv/bin/pip install wheel==0.36.2 && \