From 531f74149f2d1e32fceff580332a94d149f8129d Mon Sep 17 00:00:00 2001 From: Abolfazl Shahbazi Date: Wed, 1 May 2024 22:10:30 -0700 Subject: [PATCH] Minor updates to docker Makefile and scan job Signed-off-by: Abolfazl Shahbazi --- .github/workflows/trivy.yml | 2 +- openfl-docker/Dockerfile.base | 1 + openfl-docker/Makefile | 6 +++--- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index dfd1c244fe..92006d3f70 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -17,7 +17,7 @@ jobs: - name: Build an image from Dockerfile run: | - docker build -t docker.io/securefederatedai/openfl:${{ github.sha }} -f openfl-docker/Dockerfile.base . + docker build --pull -t docker.io/securefederatedai/openfl:${{ github.sha }} -f openfl-docker/Dockerfile.base . - name: Run Trivy vulnerability scanner uses: aquasecurity/trivy-action@master diff --git a/openfl-docker/Dockerfile.base b/openfl-docker/Dockerfile.base index c30d53396a..7dc1d5e134 100644 --- a/openfl-docker/Dockerfile.base +++ b/openfl-docker/Dockerfile.base @@ -79,6 +79,7 @@ RUN apt-get update && \ openssh-server=\* \ curl=\* \ ca-certificates=\* && \ + rm -rf /etc/ssh/ssh_host_*_key && \ if [ "$INSTALL_SOURCES" = "yes" ]; then \ dpkg --get-selections | grep -v deinstall | awk '{print $1}' > all_packages.txt && \ sed -Ei 's/# deb-src /deb-src /' /etc/apt/sources.list && \ diff --git a/openfl-docker/Makefile b/openfl-docker/Makefile index c689a88339..ea6b414ef0 100644 --- a/openfl-docker/Makefile +++ b/openfl-docker/Makefile @@ -1,6 +1,6 @@ build: - @docker build -t openfl -f Dockerfile.base .. + @docker build --pull -t openfl -f Dockerfile.base .. run: - @docker run -it --network host openfl + @docker run --rm -it --network host openfl save: - @docker save openfl > openfl.tar \ No newline at end of file + @docker save openfl | gzip > openfl.tar.gz