Closed gfvirga closed 4 years ago
The release official docker image that uses alpine is building with the latest version of Go.
FROM docker.bintray.io/jfrog/jfrog-cli-go:latest AS build WORKDIR /usr/local/bin/
FROM bar.prod.company.com/company-docker-temp/ubi7 LABEL maintainer="UBI commitee" \ name="ubi7-jfrogcli" \ url="https://gitlab.company.com/machine-shop/catalog/" ENV VERSION=1.33.2
USER root COPY --from=build /usr/local/bin/jfrog /usr/local/bin/jfrog RUN chmod +x /usr/local/bin/jfrog USER 1001
@gfvirga, Does this issue need to be closed? If not, please share with us the issue you see. Thanks
@eyalbe4, no, the future release need to be compiled with a non vulnerable version of Go...
@gfvirga, The Dockerfile has been updated to use go 1.14. The latest release of the docker image used this Dockerfile. Please let us know if the issue is resolved for you.
This is great. I am able to pull it from jfrog artifactory scanned by xray.
Hello,
I have build an internal jfrogcli running on rhel7 and xray is blocking jfrog cli because it was built in a old version of GO.
Dockerfile used
FROM bar.jfrog.company.com/ubi7:89a082b4 ENV VERSION=1.33.2 USER root RUN curl -o /usr/local/bin/jfrog "https://bar.jfrog.company.com/artifactory/generic-jfrogbintraycomjfrogcligo-remote/${VERSION}/jfrog-cli-linux-amd64/jfrog" RUN chmod +x /usr/local/bin/jfrog USER 1001
Xray errors