mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 18:51:59 +00:00

History

Vincent 9a2904203c dep: resolve CVE-2023-0464 in base image 2/2 (#50261 ) This PR updates the base images for our docker files to a version of Alpine without vulnerabilities. ## Test plan Pipelines from https://github.com/sourcegraph/sourcegraph/pull/50248 indicate that there are no vulnerabilities in the base image. <!-- All pull requests REQUIRE a test plan: https://docs.sourcegraph.com/dev/background-information/testing_principles -->		2023-04-02 18:24:34 +02:00
..
alpine-3.14	dep: resolve CVE-2023-0464 in base image 1/2 (#50248 )	2023-04-01 08:41:15 +00:00
blobstore	dep: resolve CVE-2023-0464 in base image 2/2 (#50261 )	2023-04-02 18:24:34 +02:00
cadvisor	Resolve vulnerabilities in containers by updating dependencies (#46330 )	2023-02-16 16:34:38 +00:00
codeinsights-db	Swap codeinsights-db docker image to be based off postgres instead of Timescale (#32697 )	2022-03-24 18:42:05 +00:00
codeintel-db	Update Postgres to 12.7 (#31933 )	2022-03-03 14:39:52 -06:00
dind	dep: fix openssl vuln dind (#50232 )	2023-03-31 19:29:02 +02:00
executor-vm	executor-vm: Bump source image to resolve vulnerabilities (#49262 )	2023-03-20 12:24:34 +01:00
grafana	dep: resolve CVE-2023-0464 in base image 2/2 (#50261 )	2023-04-02 18:24:34 +02:00
indexed-searcher	unrevert "all: rename go module google/zoekt to sourcegraph/zoekt" (#40423 )	2022-08-17 15:30:49 -07:00
jaeger-agent	dep: resolve CVE-2023-0464 in base image 2/2 (#50261 )	2023-04-02 18:24:34 +02:00
jaeger-all-in-one	dep: resolve CVE-2023-0464 in base image 2/2 (#50261 )	2023-04-02 18:24:34 +02:00
node-exporter	Upgrade node-exporter (#46553 )	2023-01-17 11:13:38 -03:00
opentelemetry-collector	dep: resolve CVE-2023-0464 in base image 2/2 (#50261 )	2023-04-02 18:24:34 +02:00
postgres_exporter	dep: resolve CVE-2023-0464 in base image 2/2 (#50261 )	2023-04-02 18:24:34 +02:00
postgres-12-alpine	Resolve vulnerabilities in containers by updating dependencies (#46330 )	2023-02-16 16:34:38 +00:00
prometheus	dep: resolve CVE-2023-0464 in base image 2/2 (#50261 )	2023-04-02 18:24:34 +02:00
prometheus-gcp	docker-images: use managed prom forwarding image (#39722 )	2022-08-23 21:03:15 +00:00
redis_exporter	updating redis_exporter image (#39623 )	2022-08-15 18:40:18 -04:00
redis-cache	Update SSL dependencies (#48025 )	2023-02-22 12:34:19 +00:00
redis-store	Update SSL dependencies (#48025 )	2023-02-22 12:34:19 +00:00
search-indexer	unrevert "all: rename go module google/zoekt to sourcegraph/zoekt" (#40423 )	2022-08-17 15:30:49 -07:00
sg	sg: add Dockerfile and build script (#32326 )	2022-03-08 16:54:50 +01:00
syntax-highlighter	dep: resolve CVE-2023-0464 in base image 2/2 (#50261 )	2023-04-02 18:24:34 +02:00
README.md	docker: bump alpine base image from 3.12 to 3.14 (#28126 )	2021-11-25 10:33:17 +01:00

README.md

Sourcegraph derivative Docker images

This directory contains Sourcegraph docker images which are derivatives of an existing Docker image, but with better defaults for our use cases. For example:

sourcegraph/alpine handles setting up a sourcegraph user account, installing common packages.
sourcegraph/postgres-11.4 is postgres-11.4 but with some Sourcegraph defaults.

If you are looking for our non-derivative Docker images, see e.g. /cmd/.../Dockerfile and /enterprise/cmd/.../Dockerfile instead.

Building

All images in this directory are built and published automatically on CI:

See the handbook for more information
Or see how to build a test image if you need to build a test image without merging your change to master first.

Adding a new image

Create a build.sh and add your publishing script to it - the script should end with docker tag ... "$IMAGE". See the scripts in this directory for examples.
Ensure your new script is executable with chmod +x build.sh (you can try it via e.g. IMAGE=fake-repo/cadvisor:latest docker-images/$SERVICE/build.sh, or by building a test image)
Add an image to the automated builds pipeline by adding it to SourcegraphDockerImages.