:: Re: [DNG] help with docker - runnin…
トップ ページ
このメッセージを削除
このメッセージに返信
著者: Tom
日付:  
To: Olaf Meeuwissen
CC: Lorenz, dng
題目: Re: [DNG] help with docker - running entrypoint as root


> On 8 Jul 2024, at 21:43, Olaf Meeuwissen via Dng <dng@???> wrote:
>
> Hi Lorenz,
>
> I saw that Nick's reply already solved your issues but wanted to comment
> on something not directly related to that.
>
> Lorenz via Dng <dng@???> writes:
>
>> [...]
>> I'm using the follwing dockerfile:
>>
>> --------------------------------
>> # dockerfile for runit-services testsuite
>> #
>> FROM debian:sid
>> MAINTAINER plorenzo@???
>>
>> RUN apt-get update -q -q && apt-get upgrade --yes
>
> Rather that running apt-get upgrade (which is generally advised against
> IIRC), I would rebuild your runit-testsuite image regularly with --pull.
> The debian:sid images are updated every three or four weeks by the looks
> of the Docker Hub tags for sid.


It’s no longer advised to not run apt-get upgrade in Dockerfiles.

https://pythonspeed.com/articles/security-updates-in-docker/

Hadolint and OWASP have removed this advice for a while now.

https://github.com/hadolint/hadolint/issues/562
https://github.com/OWASP/CheatSheetSeries/pull/614#issuecomment-806209720

Tom