You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by mh...@apache.org on 2020/11/12 14:09:18 UTC
[openwhisk-runtime-ruby] branch master updated: * Add `apt-get
upgrade` to always install latest security fixes during every image build.
(#50)
This is an automated email from the ASF dual-hosted git repository.
mhenke pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openwhisk-runtime-ruby.git
The following commit(s) were added to refs/heads/master by this push:
new 5ed6e3d * Add `apt-get upgrade` to always install latest security fixes during every image build. (#50)
5ed6e3d is described below
commit 5ed6e3d81c2054cf9d756ab6337145205e779a70
Author: falkzoll <fa...@de.ibm.com>
AuthorDate: Thu Nov 12 14:59:28 2020 +0100
* Add `apt-get upgrade` to always install latest security fixes during every image build. (#50)
This is done to always have an up to date image even when the base image is not updated for some reason.
* Cleanup apt data once they are not required anymore.
---
core/ruby2.5Action/CHANGELOG.md | 3 +++
core/ruby2.5Action/Dockerfile | 12 ++++++++++--
core/ruby2.6ActionLoop/CHANGELOG.txt | 3 +++
core/ruby2.6ActionLoop/Dockerfile | 10 +++++++++-
4 files changed, 25 insertions(+), 3 deletions(-)
diff --git a/core/ruby2.5Action/CHANGELOG.md b/core/ruby2.5Action/CHANGELOG.md
index 8eb3ac5..b1eee83 100644
--- a/core/ruby2.5Action/CHANGELOG.md
+++ b/core/ruby2.5Action/CHANGELOG.md
@@ -19,6 +19,9 @@
# Ruby 2.5 OpenWhisk Runtime Container
+## Next Release
+ - Install latest security fixes with every image build.
+
## 1.15.0
- Build proxy using golang 1.15 and openwhisk-runtime-go 1.16.0 (#48)
diff --git a/core/ruby2.5Action/Dockerfile b/core/ruby2.5Action/Dockerfile
index 992adc7..6650ddf 100644
--- a/core/ruby2.5Action/Dockerfile
+++ b/core/ruby2.5Action/Dockerfile
@@ -27,8 +27,16 @@ RUN gem install \
activesupport `#optional` \
jwt `#optional`
-# create src directory to store action files
-RUN mkdir -p /action/src
+
+RUN \
+ apt-get -y update \
+ # Upgrade installed packages to get latest security fixes if the base image does not contain them already.
+ && apt-get upgrade -y --no-install-recommends \
+ # Cleanup apt data, we do not need them later on.
+ && rm -rf /var/lib/apt/lists/* \
+ # create src directory to store action files
+ && mkdir -p /action/src
+
ADD rackapp /action/rackapp/
COPY config.ru /action
diff --git a/core/ruby2.6ActionLoop/CHANGELOG.txt b/core/ruby2.6ActionLoop/CHANGELOG.txt
index 7219f9e..10c68a1 100644
--- a/core/ruby2.6ActionLoop/CHANGELOG.txt
+++ b/core/ruby2.6ActionLoop/CHANGELOG.txt
@@ -19,6 +19,9 @@
# Ruby 2.6 OpenWhisk Runtime Container
+## Next Release
+ - Install latest security fixes with every image build.
+
## 1.15.0
- Build proxy using golang 1.15 and openwhisk-runtime-go 1.16.0 (#48)
diff --git a/core/ruby2.6ActionLoop/Dockerfile b/core/ruby2.6ActionLoop/Dockerfile
index 6272cd2..714a5aa 100644
--- a/core/ruby2.6ActionLoop/Dockerfile
+++ b/core/ruby2.6ActionLoop/Dockerfile
@@ -33,7 +33,15 @@ FROM ruby:2.6
# select the builder to use
ARG GO_PROXY_BUILD_FROM=release
-RUN mkdir -p /proxy/bin /proxy/lib /proxy/action
+RUN \
+ apt-get -y update \
+ # Upgrade installed packages to get latest security fixes if the base image does not contain them already.
+ && apt-get upgrade -y --no-install-recommends \
+ # Cleanup apt data, we do not need them later on.
+ && rm -rf /var/lib/apt/lists/* \
+ # Create required directories
+ && mkdir -p /proxy/bin /proxy/lib /proxy/action
+
WORKDIR /proxy
COPY --from=builder_source /bin/proxy /bin/proxy_source
COPY --from=builder_release /bin/proxy /bin/proxy_release