Closed pjonsson closed 3 months ago
codecov[bot]
commented
3 months ago All modified and coverable lines are covered by tests :white_check_mark:
Project coverage is 93.64%. Comparing base (
8466b07) to head (73732af). Report is 27 commits behind head on master.
pjonsson
commented
3 months ago Edit: #1059 removes the copying along with not installing the test dependencies in the prod image, so that supersedes this PR. I'm most likely busy with other things for the next couple of weeks, so if that PR isn't merged or needs further discussion before merging, I think this PR should be merged in the meantime.
The copy statements seem to originate from #743, and that references GDAL as inspiration. I use GDAL 3.4 which is from late 2021 and that does copy, but it's the extra libraries that were built in the builder image that are copied from the builder, not the content of the deb packages.
I'm pretty sure that dodging the package system confuses Trivy since it can't see that the binary comes from a security patched Debian/Ubuntu package, so the image is flagged as containing more security vulnerabilities than it actually does.
The point of this PR was just to remove the now unused binary, I'll fix the rest of the copying in a separate PR. I suspect that will be a bit of work and I have quite a few other things on my plate, so don't hold the next release while you wait for that PR, the image on current master is strictly better than it was in the previous release and I think that is a win in itself.
SpacemanPaul
commented
3 months ago I wouldn't overthink anything done in #743
After adding health checks to docker compose, this command is no longer used anywhere else.
📚 Documentation preview 📚: https://datacube-ows--1057.org.readthedocs.build/en/1057/