extern/workspaces-core-images
1
0
Fork 0
mirror of https://github.com/kasmtech/workspaces-core-images.git synced 2024-11-07 08:04:06 +01:00
Code Issues Packages Projects Releases Wiki Activity

KASM-5269 update trivvy junit template, upgrade packages on base images

Browse Source
This commit is contained in:
Matthew McClaskey 2023-11-22 14:07:43 +00:00
parent c6eb1b14af
commit c5269e2e27
4 changed files with 25 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
ci-scripts/junit.tpl
View File

@ -10,7 +10,7 @@
{{- end -}}
{{ range .Vulnerabilities }}
<testcase classname="{{ .PkgName }}-{{ .InstalledVersion }}" file="{{ if .FixedVersion -}} Upgrade to {{ .FixedVersion }} {{- else -}} No solution provided {{- end }}" name="[{{ .Vulnerability.Severity }}] {{ .VulnerabilityID }}" time="">
<{{ if .FixedVersion -}}error{{- else -}}skipped{{- end }} message="{{ escapeXML .Title }}" type="description">Upgrade {{ .PkgName }} to {{ .FixedVersion }} - {{ escapeXML .Description }}</{{ if .FixedVersion -}}error{{- else -}}skipped{{- end }}>
<{{ if not .FixedVersion -}}passed{{- else if (eq .Vulnerability.Severity "CRITICAL") -}}failure{{- else if (eq .Vulnerability.Severity "HIGH") -}}error{{- else -}}skipped{{- end }} message="{{ escapeXML .Title }}" type="description">Upgrade {{ .PkgName }} to {{ .FixedVersion }} - {{ escapeXML .Description }}</{{ if not .FixedVersion -}}passed{{- else if (eq .Vulnerability.Severity "CRITICAL") -}}failure{{- else if (eq .Vulnerability.Severity "HIGH") -}}error{{- else -}}skipped{{- end }}>
</testcase>
{{- end }}
</testsuite>

4
dockerfile-kasm-core-alpine
View File

@ -41,6 +41,10 @@ ENV DISTRO=$DISTRO \
WORKDIR $HOME
RUN mkdir -p $HOME/Desktop
### Setup package rules
COPY ./src/ubuntu/install/package_rules $INST_SCRIPTS/package_rules/
RUN bash $INST_SCRIPTS/package_rules/package_rules.sh && rm -rf $INST_SCRIPTS/package_rules/
### Install custom fonts
COPY ./src/ubuntu/install/fonts $INST_SCRIPTS/fonts/
RUN bash $INST_SCRIPTS/fonts/install_custom_fonts.sh && rm -rf $INST_SCRIPTS/fonts/

4
dockerfile-kasm-core-suse
View File

@ -45,6 +45,10 @@ ENV HOME=/home/kasm-default-profile \
WORKDIR $HOME
RUN mkdir -p $HOME/Desktop
### Setup package rules
COPY ./src/ubuntu/install/package_rules $INST_SCRIPTS/package_rules/
RUN bash $INST_SCRIPTS/package_rules/package_rules.sh && rm -rf $INST_SCRIPTS/package_rules/
### Install custom fonts
COPY ./src/ubuntu/install/fonts $INST_SCRIPTS/fonts/
RUN bash $INST_SCRIPTS/fonts/install_custom_fonts.sh && rm -rf $INST_SCRIPTS/fonts/

16
src/ubuntu/install/package_rules/package_rules.sh
View File

@ -18,3 +18,19 @@ elif [[ "${DISTRO}" == @(centos|oracle7) ]]; then
yum reinstall -y \
glibc-common
fi
echo "Upgrading packages from upstream base image"
if [[ "${DISTRO}" == @(centos|oracle7) ]] ; then
yum update -y
elif [[ "${DISTRO}" == @(fedora37|fedora38|oracle8|oracle9|rockylinux9|rockylinux8|almalinux8|almalinux9) ]]; then
dnf upgrade -y --refresh
elif [ "${DISTRO}" == "opensuse" ]; then
zypper --non-interactive patch --auto-agree-with-licenses
elif [ "${DISTRO}" == "alpine" ]; then
apk update
apk add --upgrade apk-tools
apk upgrade --available
else
apt-get update
DEBIAN_FRONTEND=noninteractive apt-get upgrade -y
fi