netlify[bot]
commented
2 years ago Deploy request for kodiak-docs pending review.
Visit the deploys page to approve it
| Name | Link |
|---|---|
| Latest commit | de7643dff739daafeb9de61f778f701e9345c8e5 |
Closed etiennetremel closed 8 months ago
netlify[bot]
commented
2 years ago Visit the deploys page to approve it
| Name | Link |
|---|---|
| Latest commit | de7643dff739daafeb9de61f778f701e9345c8e5 |
netlify[bot]
commented
2 years ago Visit the deploys page to approve it
| Name | Link |
|---|---|
| Latest commit | de7643dff739daafeb9de61f778f701e9345c8e5 |
sbdchd
commented
2 years ago Nice, I love that smaller image size!
etiennetremel
commented
2 years ago Anything else I can help with?
chdsbd
commented
2 years ago @etiennetremel It looks the CI job for building the bot container failed. Should be good to merge once that's fixed
etiennetremel
commented
2 years ago ah, that's interesting.. it worked on my machine 😛 I made a few changes, let's see how that goes
etiennetremel
commented
1 year ago @chdsbd anychance you could run the docker build job with credentials?
chdsbd
commented
1 year ago Not sure why CI is failing
etiennetremel
commented
1 year ago Not sure why CI is failing
Error was being triggered during the pip install of poetry, for this use case I reckon we can safely use the flag --root-ignore-action=ignore as we then use kodiak as user to run the app from supervisord.
sbdchd
commented
1 year ago Oh I think we need to update CI to install git for the script to pass:
since the slim version of the image doesn't have it
novascreen
commented
9 months ago @etiennetremel @sbdchd any change you could give this another look? it would be really nice to get vulnerabilities resolved
etiennetremel
commented
9 months ago @novascreen it's pretty old but I just rebased the branch. The Docker credentials are missing in CircleCI, I reckon only @sbdchd or @chdsbd would be able to help with it.
novascreen
commented
8 months ago Awesome, thank you!
While scanning the Kodiak Docker image with Grype, we noticed a significant amount of vulnerabilities.
This PR upgrade the base image to the latest 3.7 image and use the slim version which come with a smaller size and reduce the attack surface. I also took the opportunity to use a non root user.