Docker image used for httpd serving and isolated need to be a scanned-clean image

[techcobweb]

Story

As a galasa user of the mvp zip I want to know that the docker image contained in isolated.tar uses a clean and secure docker image with the httpd server inside, so I have fewer concerns over security vulnerabilities.

Background

Tasks

• [ ] investigate using a red hat base image instead of the dockerhub image, and put it back. httpd:alpine could be a good option for base, it is an "MIT-like" license
  • The above task will remove the following vulnerability: gary-os-httpd-2.4.54 : upgrade to v 2.4.60
• [ ] Add new base image usage to the code
• [ ] Test that it builds and is usable
• [ ] Test that it appears in mvp.zip
• [ ] Make sure the existing httpd.cnf files work with this newer version of httpd.
• [ ] Change to use this in:
  • [ ] mvp packaging
  • [ ] build process infrastructures:
    • [ ] base image
    • [ ] integration tests
    • [ ] simplatform