You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@openwhisk.apache.org by mh...@apache.org on 2020/03/13 16:24:49 UTC

[openwhisk-runtime-go] branch master updated: Update to go 1.12.17, include secuity fixes in build. (#124)

This is an automated email from the ASF dual-hosted git repository.

mhenke pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openwhisk-runtime-go.git


The following commit(s) were added to refs/heads/master by this push:
     new aa5c2f5  Update to go 1.12.17, include secuity fixes in build. (#124)
aa5c2f5 is described below

commit aa5c2f5240b0c381c16164c3d9354d04e51a15f8
Author: falkzoll <fa...@de.ibm.com>
AuthorDate: Fri Mar 13 17:24:39 2020 +0100

    Update to go 1.12.17, include secuity fixes in build. (#124)
    
    - Updated golang12 to go 1.12.17.
      - Add 'apt-get upgrade' to the image builds to include security fixes with each build in case the used base image is not updated frequently.
        In case the base image is updated frequently the 'apt-get upgrade' is a no operation. If not it will catch the security updateds available since the last update of the base image.
---
 CHANGES.md                              |  2 ++
 golang1.11/CHANGELOG.md                 |  6 +++---
 golang1.11/Dockerfile                   | 25 ++++++++++++-------------
 {golang1.11 => golang1.12}/CHANGELOG.md |  8 ++++----
 golang1.12/Dockerfile                   | 27 +++++++++++++--------------
 5 files changed, 34 insertions(+), 34 deletions(-)

diff --git a/CHANGES.md b/CHANGES.md
index 9e0526a..f41ba59 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -17,6 +17,8 @@
 #
 -->
 # 1.16.0 (next release)
+- upgraded to go 1.12.17
+- add 'apt-get upgrade' to the image build to get latest security fixes during each build, for the case the base images are not updated frequently
 - added OW_WAIT_FOR_ACK such at if true, the proxy waits for an acknowledgement from the action on startup
 - added OW_EXECUTION_ENV to validate the execution environment before starting an action
 - write compilation logs to standard out
diff --git a/golang1.11/CHANGELOG.md b/golang1.11/CHANGELOG.md
index 68f6262..e75ec07 100644
--- a/golang1.11/CHANGELOG.md
+++ b/golang1.11/CHANGELOG.md
@@ -19,6 +19,6 @@
 
 # Go 1.11 OpenWhisk Runtime Container
 
-## Apache 1.13.0-incubating (next release)
-- Initial version
-- Go 1.11.6
+## Apache 1.16 (next release)
+Changes:
+- Adding Go 1.11.13
diff --git a/golang1.11/Dockerfile b/golang1.11/Dockerfile
index aabdb99..96a81a6 100644
--- a/golang1.11/Dockerfile
+++ b/golang1.11/Dockerfile
@@ -15,19 +15,18 @@
 # limitations under the License.
 #
 FROM golang:1.11.13
-RUN echo "deb http://deb.debian.org/debian stretch-backports main contrib non-free" \
-     >>/etc/apt/sources.list &&\
-    apt-get update && apt-get install -y \
-     curl \
-     jq \
-     git &&\
-    apt-get -y install \
-     librdkafka1=0.11.6-1~bpo9+1 \
-     librdkafka++1=0.11.6-1~bpo9+1 && \
-    apt-get -y install \
-     librdkafka-dev=0.11.6-1~bpo9+1 && \
-    rm -rf /var/lib/apt/lists/*
-RUN mkdir /action
+RUN echo "deb http://deb.debian.org/debian stretch-backports main contrib non-free" >>/etc/apt/sources.list \
+    && apt-get update \
+    && apt-get -y --no-install-recommends upgrade \
+    && apt-get -y --no-install-recommends install \
+                        curl jq git \
+                        librdkafka1=0.11.6-1~bpo9+1 \
+                        librdkafka++1=0.11.6-1~bpo9+1 \
+                        librdkafka-dev=0.11.6-1~bpo9+1 \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* \
+    && mkdir /action
+
 WORKDIR /action
 ADD proxy /bin/proxy
 ADD gobuild.py /bin/compile
diff --git a/golang1.11/CHANGELOG.md b/golang1.12/CHANGELOG.md
similarity index 87%
copy from golang1.11/CHANGELOG.md
copy to golang1.12/CHANGELOG.md
index 68f6262..f80653e 100644
--- a/golang1.11/CHANGELOG.md
+++ b/golang1.12/CHANGELOG.md
@@ -17,8 +17,8 @@
 #
 -->
 
-# Go 1.11 OpenWhisk Runtime Container
+# Go 1.12 OpenWhisk Runtime Container
 
-## Apache 1.13.0-incubating (next release)
-- Initial version
-- Go 1.11.6
+## Apache 1.16 (next release)
+Changes:
+- Adding Go 1.12.17
diff --git a/golang1.12/Dockerfile b/golang1.12/Dockerfile
index 6ccf0f9..83ba09c 100644
--- a/golang1.12/Dockerfile
+++ b/golang1.12/Dockerfile
@@ -14,20 +14,19 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 #
-FROM golang:1.12.9
-RUN echo "deb http://deb.debian.org/debian stretch-backports main contrib non-free" \
-     >>/etc/apt/sources.list &&\
-    apt-get update && apt-get install -y \
-     curl \
-     jq \
-     git &&\
-    apt-get -y install \
-     librdkafka1=0.11.6-1~bpo9+1 \
-     librdkafka++1=0.11.6-1~bpo9+1 && \
-    apt-get -y install \
-     librdkafka-dev=0.11.6-1~bpo9+1 && \
-    rm -rf /var/lib/apt/lists/*
-RUN mkdir /action
+FROM golang:1.12.17
+RUN echo "deb http://deb.debian.org/debian stretch-backports main contrib non-free" >>/etc/apt/sources.list \
+    && apt-get update \
+    && apt-get -y --no-install-recommends upgrade \
+    && apt-get -y --no-install-recommends install \
+                        curl jq git \
+                        librdkafka1=0.11.6-1~bpo9+1 \
+                        librdkafka++1=0.11.6-1~bpo9+1 \
+                        librdkafka-dev=0.11.6-1~bpo9+1 \
+    && apt-get clean \
+    && rm -rf /var/lib/apt/lists/* \
+    && mkdir /action
+
 WORKDIR /action
 ADD proxy /bin/proxy
 ADD gobuild.py /bin/compile