Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update OS packages by default in all Quickstarters and bump gitleaks version #1055

Merged
merged 13 commits into from
Sep 5, 2024
Merged

Update OS packages by default in all Quickstarters and bump gitleaks version #1055

merged 13 commits into from
Sep 5, 2024

Conversation

BraisVQ
Copy link
Contributor

@BraisVQ BraisVQ commented Sep 4, 2024
edited
Loading

Closes #1049

Tests:

  • Image build successfully for Angular QS
  • Image build successfully for Rust QS ( UBI micro does not have package manager)
  • Image build successfully for Ionic QS
  • Image build successfully for Streamlit QS
  • Image build successfully for Plain QS
  • Image build successfully for Type QS
  • Image build successfully for Scala QS
  • Image build successfully for Python QS
  • Image build successfully for Java QS
  • Image build successfully for Golang QS
  • Image build successfully for Nginx QS
  • Image build successfully for Mono-repo QS

@BraisVQ BraisVQ changed the title Update OS packages by default in all Quickstarters Update OS packages by default in all Quickstarters and bump gitleaks version Sep 4, 2024
@BraisVQ BraisVQ marked this pull request as ready for review September 4, 2024 14:13
tbugfinder
tbugfinder approved these changes Sep 4, 2024
View reviewed changes
Copy link
Contributor

@tbugfinder tbugfinder left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

gerardcl
gerardcl approved these changes Sep 4, 2024
View reviewed changes
Copy link
Member

@gerardcl gerardcl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!
Regarding the UBI9 micro base image, it makes sense to not even try updating packages as IIRC there are almost no packages to worry about! Nevertheless, now and then, when building I scan with both trivy and aqua scanners and there are no findings, which make sense too. 👍 (and, if I ever find something I will report ASAP)

@BraisVQ
Copy link
Contributor Author

BraisVQ commented Sep 4, 2024

LGTM!
Regarding the UBI9 micro base image, it makes sense to not even try updating packages as IIRC there are almost no packages to worry about! Nevertheless, now and then, when building I scan with both trivy and aqua scanners and there are no findings, which make sense too. 👍 (and, if I ever find something I will report ASAP)

Yeah, I took a look at the amount of packages it has and it is only about 20. The other UBI9 images we use in contrast have over 100. And even if there is any vul, Red Hat usually patch it and pushes a new image that will be pulled next time any end user with the rust QS build its application

@BraisVQ BraisVQ merged commit 4d69f70 into master Sep 5, 2024
24 checks passed
@BraisVQ BraisVQ deleted the feature/general-maintenance branch September 5, 2024 15:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tbugfinder tbugfinder tbugfinder approved these changes

@gerardcl gerardcl gerardcl approved these changes

@metmajer metmajer Awaiting requested review from metmajer metmajer is a code owner

@michaelsauter michaelsauter Awaiting requested review from michaelsauter michaelsauter is a code owner

@nichtraunzer nichtraunzer Awaiting requested review from nichtraunzer

@bljubisic bljubisic Awaiting requested review from bljubisic bljubisic is a code owner

@cschweikert cschweikert Awaiting requested review from cschweikert cschweikert is a code owner

@sklingel sklingel Awaiting requested review from sklingel sklingel is a code owner

@sino92 sino92 Awaiting requested review from sino92 sino92 is a code owner

@oalyman oalyman Awaiting requested review from oalyman oalyman is a code owner

@FLIGHTLAMA FLIGHTLAMA Awaiting requested review from FLIGHTLAMA FLIGHTLAMA is a code owner

@buegelbeatz buegelbeatz Awaiting requested review from buegelbeatz buegelbeatz is a code owner

@henrjk henrjk Awaiting requested review from henrjk henrjk is a code owner

@stitakis stitakis Awaiting requested review from stitakis stitakis is a code owner

@renedupont renedupont Awaiting requested review from renedupont renedupont is a code owner

@clemensutschig clemensutschig Awaiting requested review from clemensutschig clemensutschig is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

OS packages updated by default in the Quickstarters
3 participants
@BraisVQ @gerardcl @tbugfinder