search

IdentityPython / SATOSA

Proxy translating between different authentication protocols (SAML2, OpenID Connect and OAuth2)
https://idpy.org
Apache License 2.0
197 stars 121 forks source link

[Feature Request] Alpine based Dockerfile #436

Closed clyra closed 1 year ago

clyra commented 1 year ago

The current Dockerfile build a image from a debian based image. When I upload the image to our Harbor registry it runs a vulnerability scanner and about 150 vulnerabilities are found.

Code Version

I'm running 8.0.0 but i guess it applies to all new versions as well.

Possible Solution

Since the source of many of them are default system libraries (like libc) a "easy" fix should be to build the image from a alpine base image. I was able to build a new imagem by changing the first and second lines of the dockerfile to:

FROM python:3.9-alpine

RUN apk update \
    && apk add xmlsec build-base libffi-dev

I'm wondering how further it's possible to advance in the python version...

peppelinux commented 1 year ago

See this https://github.com/italia/Satosa-Saml2Spid/blob/master/Dockerfile

c00kiemon5ter commented 1 year ago

The docker image has been moved to a dedicated repo https://github.com/IdentityPython/satosa-docker

The satosa image is now part of the official Docker images hub and supports Alpine: https://hub.docker.com/_/satosa

Please, fill an issue on that repo to discuss more if you need anything more ;)