Is your feature request related to a problem? Please describe.
Currently grafana loki main-tag (Jun 26, 2024 at 8:34 pm) using Alpine 3.18.x as base-image. This version showing some busybox and openssl vulnerabilities. Most of them are fixed in current Alpine base-image 3.20.x version (latest-tag, today: 3.20.1).
Here are the release notes for Alpine 3.20 along some notes:
https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.20.0
(Notes, we saw during updating our internal Dockerfiles: yq has been renamed to yq-go + aws-cli is defined as removed in release-notes, but it's already available/re-added again)
Is your feature request related to a problem? Please describe.
Currently grafana loki main-tag (Jun 26, 2024 at 8:34 pm) using Alpine 3.18.x as base-image. This version showing some busybox and openssl vulnerabilities. Most of them are fixed in current Alpine base-image 3.20.x version (latest-tag, today: 3.20.1).
Describe the solution you'd like
Testing + Using a base-image of Alpine 3.20.x
Describe alternatives you've considered
Update your Dockerfile to 3.18.7, since some openssl and busybox findings are fixed there as well: https://alpinelinux.org/posts/Alpine-3.17.8-3.18.7-3.19.2-released.html
Additional context
Here are the release notes for Alpine 3.20 along some notes: https://wiki.alpinelinux.org/wiki/Release_Notes_for_Alpine_3.20.0 (Notes, we saw during updating our internal Dockerfiles: yq has been renamed to yq-go + aws-cli is defined as removed in release-notes, but it's already available/re-added again)