Closed FGSHadden closed 4 years ago
monotek
commented
4 years ago New image will be available soon. See: https://github.com/kubernetes/kubernetes/pull/91581
I've just pushed it: https://quay.io/repository/fluentd_elasticsearch/fluentd?tab=tags
monotek
commented
4 years ago updated helm chart with current build of the image: https://github.com/kiwigrid/helm-charts/pull/364 nevertheless the cve seems not to be fixed in debian base image.
FGSHadden
commented
4 years ago :( I guess we shall continue to wait.
anshu14
commented
4 years ago Please guide how we can build the image ourselves instead of fetching from quay.io repository.
monotek
commented
4 years ago run docker builld on the dockerfile and upload to your registry?
FGSHadden
commented
4 years ago @anshu14 The Docker image that is being used by kiwigrid is handled by the kubernetes project see https://github.com/kubernetes/kubernetes/tree/master/cluster/addons/fluentd-elasticsearch/fluentd-es-image I still think you would have an issue if you build manually as the vuln are in the debian image. I guess you could try with a different debian version, I have not checked to see whats available.
monotek
commented
4 years ago I know. I maintain that image.
Its already Debian 10. See: https://github.com/kubernetes/kubernetes/blob/master/cluster/addons/fluentd-elasticsearch/fluentd-es-image/Dockerfile#L27
FGSHadden
commented
4 years ago Hah why did I not think to check that :p
Thanks Andre, I guess we wait for the Debian fix.
stale[bot]
commented
4 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Is this a BUG REPORT or FEATURE REQUEST? (choose one): Feature Request
If this is a FEATURE REQUEST, please:
Which chart in which version: Fluentd-elasticsearch 9.1.1
What happened: The current chart is using the image quay.io/fluentd_elasticsearch/fluentd:v3.0.1 The current container image contains 162 vulnerabilities of which 2 are critical and 8 are high.
What you expected to happen: An alternative container or updated container is available without significant vulnerabilities
How to reproduce it (as minimally and precisely as possible): Install latest chart and scan with a kubernetes security tool and or check container vulnerabilities list in image repo https://quay.io/repository/fluentd_elasticsearch/fluentd/manifest/sha256:016408afa2d170ebe2ae5dfe1529b7f6d7e6c79625d8793df7dc12f6ba03c5d6?tab=vulnerabilities
Anything else we need to know: Thanks for maintaining this chart !!! If there are no plans to maintain a newer container version please advise as I will bake my own, hoping this is not the case :)