Runner-helper fips image cleanups (!4308) · Merge requests · GitLab.org / gitlab-runner

Axel von Bertoldi requested to merge avonbertoldi/helper-fips-image-fixes into main Aug 23, 2023

This is one in a series of MRs to clean up and reduce actual and potential CVE reports runner fips images:

!4289 (merged)
!4296 (merged)
👉 !4308 (merged)

What does this MR do?

A few minor cleanups in the runner-helper fips docker image.

Install fewer (none) packages
Inject dumb-init version into image as is done elsewhere
Bump dumb-init version to 1.2.5

Why was this MR needed?

Primarily the goal is to to reduce the actual and potential CVE issues by minimizing the number of packages installed in the final image. Secondary goals are to standardize how packages are manually installed.

What's the best way to test this MR?

CI pipeline passes and image is built.

What are the relevant issue numbers?

Edited Aug 23, 2023 by Axel von Bertoldi

Runner-helper fips image cleanups

What does this MR do?

Why was this MR needed?

What's the best way to test this MR?

What are the relevant issue numbers?

Merge request reports