This repository has been archived by the owner on Sep 30, 2024. It is now read-only.
Regularly update alpine version used in base docker images #29522
Labels
team/delivery
Delivery team
Comments
|
Heads up @dan-mckean @caugustus-sourcegraph @kevinwojo - the "team/delivery" label was applied to this issue. |
|
Keep in icebox and before work starts need to collab with security to see if stance on Alpine has changed (ie we need to move away from it) |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
The alpine version used as a base in the docker images is currently 3.12, which is EOL on May 2022. There is no established process or automation around upgrading to newer versions. As versions age, it becomes more difficult to maintain compatibility between the base image and installed packages, and incorporating fixes for CVE's sometimes requires installing from an edge repo for an entirely different version.
We should investigate how we can more regularly and safely update these versions, to both reduce risk and the effort involved in upgrading.
/~https://github.com/sourcegraph/sourcegraph/issues/27942 may make this work significantly easier.
Context: /~https://github.com/sourcegraph/sourcegraph/pull/28176
The text was updated successfully, but these errors were encountered: