jstastny-cz commented on code in PR #1125: URL: https://github.com/apache/incubator-kie-kogito-pipelines/pull/1125#discussion_r1403237573
########## apache-nodes/Dockerfile.kogito-ci-build: ########## @@ -1,4 +1,4 @@ -FROM registry.access.redhat.com/ubi9/ubi:9.2 +FROM cruizba/ubuntu-dind:latest Review Comment: Seems to be well-maintained. https://hub.docker.com/r/cruizba/ubuntu-dind/tags When it comes to security, I've reviewed the current codebase, all the changes seem valid to me, though I am no expert on container security. https://github.com/cruizba/ubuntu-dind/blob/master/ubuntu-jammy.Dockerfile One thing we could do is to specify an exact version of the base image, so that we have control over what we build on? With understanding that when upgrading, we should review the image we're building on. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
