Skip to content

Commit a57ea49

Browse files
majst01majst01
authored
fix containerd cve (#54)
1 parent 8162e78 commit a57ea49

File tree

3 files changed

+37
-416
lines changed

3 files changed

+37
-416
lines changed

Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
1-
FROM alpine:3.14 as health-downloader
2-
ENV GRPC_HEALTH_PROBE_VERSION=v0.4.6 \
1+
FROM alpine:3.15 as health-downloader
2+
ENV GRPC_HEALTH_PROBE_VERSION=v0.4.10 \
33
GRPC_HEALTH_PROBE_URL=https://github.com/grpc-ecosystem/grpc-health-probe/releases/download
44
RUN apk -U add curl \
55
&& curl -fLso /bin/grpc_health_probe \
@@ -8,7 +8,7 @@ RUN apk -U add curl \
88

99
FROM metalstack/builder:latest as builder
1010

11-
FROM alpine:3.14
11+
FROM alpine:3.15
1212
RUN apk -U add ca-certificates
1313
COPY --from=builder /work/bin/server /masterdata-api
1414
COPY --from=health-downloader /bin/grpc_health_probe /bin/grpc_health_probe

go.mod

Lines changed: 9 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -10,19 +10,19 @@ require (
1010
github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0
1111
github.com/jmoiron/sqlx v1.3.4
1212
github.com/json-iterator/go v1.1.12
13-
github.com/lib/pq v1.10.4
13+
github.com/lib/pq v1.10.5
1414
github.com/lopezator/migrator v0.3.0
1515
github.com/metal-stack/metal-lib v0.9.0
1616
github.com/metal-stack/security v0.6.3
1717
github.com/metal-stack/v v1.0.3
1818
github.com/prometheus/client_golang v1.12.1
19-
github.com/spf13/cobra v1.3.0
19+
github.com/spf13/cobra v1.4.0
2020
github.com/spf13/viper v1.10.1
21-
github.com/stretchr/testify v1.7.0
22-
github.com/testcontainers/testcontainers-go v0.12.0
21+
github.com/stretchr/testify v1.7.1
22+
github.com/testcontainers/testcontainers-go v0.13.0
2323
go.uber.org/zap v1.21.0
24-
google.golang.org/grpc v1.44.0
25-
google.golang.org/protobuf v1.27.1
24+
google.golang.org/grpc v1.45.0
25+
google.golang.org/protobuf v1.28.0
2626
sigs.k8s.io/yaml v1.3.0
2727
)
2828

@@ -32,10 +32,10 @@ require (
3232
github.com/Microsoft/hcsshim v0.9.2 // indirect
3333
github.com/asaskevich/govalidator v0.0.0-20200428143746-21a406dcc535 // indirect
3434
github.com/beorn7/perks v1.0.1 // indirect
35-
github.com/cenkalti/backoff v2.2.1+incompatible // indirect
35+
github.com/cenkalti/backoff/v4 v4.1.2 // indirect
3636
github.com/cespare/xxhash/v2 v2.1.2 // indirect
3737
github.com/containerd/cgroups v1.0.3 // indirect
38-
github.com/containerd/containerd v1.6.0 // indirect
38+
github.com/containerd/containerd v1.6.2 // indirect
3939
github.com/coreos/go-oidc/v3 v3.1.0 // indirect
4040
github.com/davecgh/go-spew v1.1.1 // indirect
4141
github.com/decred/dcrd/dcrec/secp256k1/v4 v4.0.0-20210816181553-5444fa50b93d // indirect
@@ -74,7 +74,7 @@ require (
7474
github.com/mitchellh/mapstructure v1.4.3 // indirect
7575
github.com/moby/sys/mount v0.2.0 // indirect
7676
github.com/moby/sys/mountinfo v0.5.0 // indirect
77-
github.com/moby/term v0.0.0-20210610120745-9d4ed1856297 // indirect
77+
github.com/moby/term v0.0.0-20210619224110-3f7ff695adc6 // indirect
7878
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
7979
github.com/modern-go/reflect2 v1.0.2 // indirect
8080
github.com/morikuni/aec v1.0.0 // indirect

0 commit comments

Comments
 (0)