This is an automated email from the ASF dual-hosted git repository.
mhenke pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/openwhisk-runtime-dotnet.git
The following commit(s) were added to refs/heads/master by this push:
new c593769 Get latest security updates with every build. (#32)
c593769 is described below
commit c5937697fccebf45693ad53865bf5aab128ae27e
Author: falkzoll <[email protected]>
AuthorDate: Mon Mar 16 09:51:49 2020 +0100
Get latest security updates with every build. (#32)
- Add 'apk upgrade' to the image builds to include security fixes with each
build in case the used base image is not updated frequently.
In case the base image is updated frequently, the 'apk upgrade' is a no
operation. If not it will catch the security updates available since the last
update of the base image.
---
core/dotnet2.2/CHANGELOG.md | 5 +++++
core/dotnet2.2/Dockerfile | 6 ++++++
core/dotnet3.1/CHANGELOG.md | 5 +++++
core/dotnet3.1/Dockerfile | 6 ++++++
4 files changed, 22 insertions(+)
diff --git a/core/dotnet2.2/CHANGELOG.md b/core/dotnet2.2/CHANGELOG.md
index a3fbb36..71ff900 100644
--- a/core/dotnet2.2/CHANGELOG.md
+++ b/core/dotnet2.2/CHANGELOG.md
@@ -20,6 +20,11 @@
# .NET Core 2.2 OpenWhisk Runtime Container
+## 1.15 (next release)
+Changes:
+- Get the latest security fixes (apk upgrade) with every build.
+
+
## 1.14
Changes:
- Support for async methods. Example:
diff --git a/core/dotnet2.2/Dockerfile b/core/dotnet2.2/Dockerfile
index 70f1067..053ad75 100644
--- a/core/dotnet2.2/Dockerfile
+++ b/core/dotnet2.2/Dockerfile
@@ -29,6 +29,12 @@ WORKDIR /app/Apache.OpenWhisk.Runtime.Dotnet.Minimal
RUN dotnet publish -c Release -r alpine.3.9-x64 -o out
FROM mcr.microsoft.com/dotnet/core/runtime:2.2-alpine AS runtime
+
+# Get the latest security fixes in case the base image does not contain them
already.
+RUN apk update \
+ && apk upgrade \
+ && rm -f /var/cache/apk/*
+
WORKDIR /app
COPY --from=build /app/Apache.OpenWhisk.Runtime.Dotnet.Minimal/out ./
ENV ASPNETCORE_URLS http://+:8080
diff --git a/core/dotnet3.1/CHANGELOG.md b/core/dotnet3.1/CHANGELOG.md
index a499a36..ed867b6 100644
--- a/core/dotnet3.1/CHANGELOG.md
+++ b/core/dotnet3.1/CHANGELOG.md
@@ -20,6 +20,11 @@
# .NET Core 3.1 OpenWhisk Runtime Container
+## 1.15 (next release)
+Changes:
+- Get the latest security fixes (apk upgrade) with every build.
+
+
## 1.14
Changes:
- Initial release
diff --git a/core/dotnet3.1/Dockerfile b/core/dotnet3.1/Dockerfile
index f69c6d2..f636628 100644
--- a/core/dotnet3.1/Dockerfile
+++ b/core/dotnet3.1/Dockerfile
@@ -29,6 +29,12 @@ WORKDIR /app/Apache.OpenWhisk.Runtime.Dotnet.Minimal
RUN dotnet publish -c Release -r linux-musl-x64 -o out
FROM mcr.microsoft.com/dotnet/core/runtime:3.1-alpine AS runtime
+
+# Get the latest security fixes in case the base image does not contain them
already.
+RUN apk update \
+ && apk upgrade \
+ && rm -f /var/cache/apk/*
+
WORKDIR /app
COPY --from=build /app/Apache.OpenWhisk.Runtime.Dotnet.Minimal/out ./
ENV ASPNETCORE_URLS http://+:8080
