Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update container image to address vulnerabilities #1000

Merged
merged 1 commit into from
Jul 7, 2023
Merged

Update container image to address vulnerabilities #1000

merged 1 commit into from
Jul 7, 2023

Conversation

ian-noaa
Copy link
Collaborator

@ian-noaa ian-noaa commented Jul 6, 2023
edited
Loading

We were previously installing OS-vendored versions of our Python dependencies as that was easiest when on Alpine and dealing with musl. We're now on a Debian-base image so pip packages will be well-tested, compatible, and more up-to-date than the OS-vendored ones.

I also added g++ and build-essentials to the image to support ARM/Apple Silicon builds.

@ian-noaa
Use pip to manage Python dependencies
dbba68d 
We were previously installing OS-vendored versions of our Python
dependencies as that was easiest when on Alpine and dealing with
musl. We're now on a Debian-base image so pip packages will be well
tested and compatible.

I also added g++ and build-essentials to support ARM/Apple Silicon
builds.
@ian-noaa ian-noaa self-assigned this Jul 6, 2023
mollybsmith-noaa
mollybsmith-noaa approved these changes Jul 7, 2023
View reviewed changes
Copy link
Collaborator

@mollybsmith-noaa mollybsmith-noaa left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good. As long as the containers still build in a reasonable amount of time I approve it.

@ian-noaa
Copy link
Collaborator Author

ian-noaa commented Jul 7, 2023

Thanks! It looks like this didn't change the build times appreciably - the longest is still taking ~15 min.

@ian-noaa ian-noaa merged commit 82f23f9 into development Jul 7, 2023
33 checks passed
@ian-noaa ian-noaa deleted the 999-update-container-image-to-address-vulnerabilities branch July 7, 2023 18:33
@ian-noaa ian-noaa linked an issue Jul 13, 2023 that may be closed by this pull request
Update container image to address vulnerabilities #999
Closed
@ian-noaa ian-noaa mentioned this pull request Jul 13, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mollybsmith-noaa mollybsmith-noaa mollybsmith-noaa approved these changes

Assignees

@ian-noaa ian-noaa

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Update container image to address vulnerabilities
2 participants
@ian-noaa @mollybsmith-noaa