Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(docker): add dockerize image #24534

Merged
merged 1 commit into from
Jun 29, 2023
Merged

build(docker): add dockerize image #24534

merged 1 commit into from
Jun 29, 2023

Conversation

alekseyolg
Copy link
Contributor

The Dockerezer image currently on the Helm Chart is too old and has critical vulnerabilities, for example:

busybox, 1.26.2-r5, CVE-2017-16544 (https://nvd.nist.gov/vuln/detail/CVE-2017-16544)

This pr is designed to solve this problem

SUMMARY

BEFORE/AFTER SCREENSHOTS OR ANIMATED GIF

TESTING INSTRUCTIONS

ADDITIONAL INFORMATION

  • Has associated issue:
  • Required feature flags:
  • Changes UI
  • Includes DB Migration (follow approval process in SIP-59)
    • Migration is atomic, supports rollback & is backwards-compatible
    • Confirm DB migration upgrade and downgrade tested
    • Runtime estimates and downtime expectations provided
  • Introduces new feature or API
  • Removes existing feature or API

@alekseyolg alekseyolg changed the title docker (feature) add dockerize image docker (feat) add dockerize image Jun 27, 2023
@alekseyolg alekseyolg changed the title docker (feat) add dockerize image docker(feat) add dockerize image Jun 27, 2023
@alekseyolg alekseyolg changed the title docker(feat) add dockerize image feat(docker) add dockerize image Jun 27, 2023
@alekseyolg alekseyolg changed the title feat(docker) add dockerize image build(docker): add dockerize image Jun 27, 2023
@alekseyolg
Copy link
Contributor Author

Hi all!
I can not understand the reason for the error when running the test:

Python Misc / pre-commit (3.9) (pull_request)

Maybe someone can advise?

craig-rueda
craig-rueda reviewed Jun 28, 2023
View reviewed changes
dockerize.Dockerfile Outdated
@@ -0,0 +1,14 @@
FROM alpine:latest

ARG DOCKERIZE_VERSION=v0.6.1
Copy link
Member

@craig-rueda craig-rueda Jun 28, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we need this? I think it's preferable to just switch over to the "official" image. Or I wonder if we could use busybox or something? 🤔

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@craig-rueda I don't understand what you mean by "official". I found only this repository on dockerhub (on the attached image). The youngest image from there is 4 years old. If I did not find a link to some official image, then I would be grateful if you show it to me, and I, in turn, could study this issue.

About the busybox image: dockereze requires openssl to work, and busybox doesn't have a package manager to install it, so in my opinion the best way is to use the alpine base image.
image

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok, makes sense. I wasn't sure what we were using that image for in the first place 😄 . I see what's going on here - you're moving us to "official" (apache) ;)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We need this image in order to expect connection to postgreSQL and Redis. If you do not use this image, then users may make an error when starting the chart and will endlessly receive a crashloopbackoff, and this image in the work logs clearly shows that the connection failed and repeats attempts to contact the destination (in my opinion, this is a good idea ).

craig-rueda
craig-rueda approved these changes Jun 29, 2023
View reviewed changes
Copy link
Member

@craig-rueda craig-rueda left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks like CI is failing, otherwise LGTM

build(docker): add dockerize image
d07b053 
build(docker): add dockerize image
@alekseyolg
Copy link
Contributor Author

@craig-rueda I managed to solve the problem - now all processes work correctly!

@rusackas rusackas merged commit 46159fd into apache:master Jun 29, 2023
26 checks passed
@mistercrunch mistercrunch added 🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels 🚢 3.0.0 labels Mar 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@craig-rueda craig-rueda craig-rueda approved these changes

@villebro villebro Awaiting requested review from villebro villebro is a code owner

@geido geido Awaiting requested review from geido geido is a code owner

@eschutho eschutho Awaiting requested review from eschutho eschutho is a code owner

@rusackas rusackas Awaiting requested review from rusackas rusackas is a code owner

@betodealmeida betodealmeida Awaiting requested review from betodealmeida betodealmeida is a code owner

@nytai nytai Awaiting requested review from nytai nytai is a code owner

@mistercrunch mistercrunch Awaiting requested review from mistercrunch mistercrunch is a code owner

@john-bodley john-bodley Awaiting requested review from john-bodley john-bodley is a code owner

@kgabryje kgabryje Awaiting requested review from kgabryje kgabryje is a code owner

@dpgaspar dpgaspar Awaiting requested review from dpgaspar dpgaspar is a code owner

Assignees
No one assigned
Labels
🏷️ bot A label used by `supersetbot` to keep track of which PR where auto-tagged with release labels size/M 🚢 3.0.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@alekseyolg @craig-rueda @mistercrunch @rusackas