Skip to content

Commit a5f035c

Browse files
jiridanekjiridanek
committed
[2.22] RHOAIENG-10057: add dnf upgrade to rstudio images to mitigate fixable vulnerabilities (#1488)
Cherry-picked from a49c372
1 parent d7f5240 commit a5f035c

File tree

4 files changed

+20
-4
lines changed

4 files changed

+20
-4
lines changed

rstudio/c9s-python-3.11/Dockerfile.cpu

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,11 @@ RUN pip install --no-cache-dir -U "micropipenv[toml]"
1111
# OS Packages needs to be installed as root
1212
USER root
1313

14-
# Install usefull OS packages
14+
# upgrade first to avoid fixable vulnerabilities
15+
RUN dnf -y upgrade --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0 --setopt=keepcache=0 \
16+
&& dnf clean all -y
17+
18+
# Install useful OS packages
1519
RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum
1620

1721
# Other apps and tools installed as default user

rstudio/c9s-python-3.11/Dockerfile.cuda

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,11 @@ RUN pip install --no-cache-dir -U "micropipenv[toml]"
1111
# OS Packages needs to be installed as root
1212
USER root
1313

14-
# Install usefull OS packages
14+
# upgrade first to avoid fixable vulnerabilities
15+
RUN dnf -y upgrade --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0 --setopt=keepcache=0 \
16+
&& dnf clean all -y
17+
18+
# Install useful OS packages
1519
RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum
1620

1721
# Other apps and tools installed as default user

rstudio/rhel9-python-3.11/Dockerfile.cpu

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,11 @@ RUN pip install --no-cache-dir -U "micropipenv[toml]"
1111
# OS Packages needs to be installed as root
1212
USER root
1313

14-
# Install usefull OS packages
14+
# upgrade first to avoid fixable vulnerabilities
15+
RUN dnf -y upgrade --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0 --setopt=keepcache=0 \
16+
&& dnf clean all -y
17+
18+
# Install useful OS packages
1519
RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum
1620

1721
# Other apps and tools installed as default user

rstudio/rhel9-python-3.11/Dockerfile.cuda

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,7 +11,11 @@ RUN pip install --no-cache-dir -U "micropipenv[toml]"
1111
# OS Packages needs to be installed as root
1212
USER root
1313

14-
# Install usefull OS packages
14+
# upgrade first to avoid fixable vulnerabilities
15+
RUN dnf -y upgrade --refresh --best --nodocs --noplugins --setopt=install_weak_deps=0 --setopt=keepcache=0 \
16+
&& dnf clean all -y
17+
18+
# Install useful OS packages
1519
RUN dnf install -y mesa-libGL skopeo && dnf clean all && rm -rf /var/cache/yum
1620

1721
# Other apps and tools installed as default user

0 commit comments

Comments
 (0)