This PR removes the -cgo suffixed docker images from our build and release process. The reason for this change is that security vulnerabilities are being reported on the base of this image (Debian) and the release cadence for security updates is unacceptable to us.
The only major distinction these builds have is that they support zmq4 as an input and output. However, based on the metrics that we have this image is rarely used and these connectors even less so. Therefore, the few users that are impacted are probably better served on a case by case basis than by trying to build a new image with a different base.
When reviewing please take extra note of the changelog entry as the important thing here is to give users a clear and concise description of why we've made this change.
This PR removes the
-cgosuffixed docker images from our build and release process. The reason for this change is that security vulnerabilities are being reported on the base of this image (Debian) and the release cadence for security updates is unacceptable to us.The only major distinction these builds have is that they support
zmq4as an input and output. However, based on the metrics that we have this image is rarely used and these connectors even less so. Therefore, the few users that are impacted are probably better served on a case by case basis than by trying to build a new image with a different base.When reviewing please take extra note of the changelog entry as the important thing here is to give users a clear and concise description of why we've made this change.