Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update base images #32

Merged
merged 1 commit into from
Jan 30, 2024
Merged

update base images #32

merged 1 commit into from
Jan 30, 2024

Conversation

JasonPowr
Copy link
Contributor

updating base images

@JasonPowr
Copy link
Contributor Author

/retest

@JasonPowr JasonPowr force-pushed the update-base-image-shas branch from 087a65a to e459a47 Compare January 29, 2024 15:23
@JasonPowr
Copy link
Contributor Author

/hold
dont merge this, testing stuff related to the CVE's that a produced in konflux

@lance
Copy link
Member

lance commented Jan 29, 2024

Curious why not to merge it - it's definitely needed

@lance
Copy link
Member

lance commented Jan 29, 2024

/retest

@JasonPowr
Copy link
Contributor Author

Curious why not to merge it - it's definitely needed

Sorry yea this can be merged, my comment was more related to the fact that it doesn't fix the cve's showing up in konflux, from what I can tell most seem to be coming from packages used in the oc binary

@JasonPowr JasonPowr changed the title update base images fix cve issues Jan 30, 2024
@JasonPowr JasonPowr force-pushed the update-base-image-shas branch from e459a47 to 537a36d Compare January 30, 2024 09:42
@JasonPowr JasonPowr changed the title fix cve issues update base images Jan 30, 2024
@JasonPowr
Copy link
Contributor Author

@lance the ec is failing because of high CVEs found in this image, as mentioned above, these are coming from the oc binary, I've tried to use different versions of the oc tool but different versions just generate different high CVE's I think the best thing to do here is to keep ec as optional for access. WDYT?

@JasonPowr JasonPowr merged commit 9a39797 into securesign:release-1.0.gamma Jan 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@JasonPowr @lance