Pin the version of Firefox
What does this MR do?
The way Firefox was installed on the DAST image has recently changed. In one statement Firefox was installed (apt-get install), in a subsequent statement it was removed (apt-get remove), and finally, it was downloaded and installed (wget ...). Combining this into a single statement made a meaningful reduction to the size of the DAST image.
The resulting way that Firefox was installed was using aptitude, i.e. apt-get install firefox. This is necessary because the runtime dependencies of Firefox are installed at the same time.
Unfortunately, the Firefox team remove old versions of Firefox from the aptitude repositories. This is to ensure that as many users as possible get the latest image, and therefore the latest security updates. The Firefox team recently released version 82, and removed 81 from the aptitude repositories. This broke the DAST build.
This MR updates the Firefox install to install Firefox (including dependencies), remove Firefox (leaving dependencies) before finally installing the specific version required. This all happens in one Docker layer, so there should be minimal impact on the final size of the image.
What are the relevant issue numbers?
n/a
Does this MR meet the acceptance criteria?
-
Changelog entry added -
Documentation created/updated for GitLab EE, if necessary -
Documentation created/updated for this project, if necessary -
Documentation reviewed by technical writer or follow-up review issue created -
Tests added for this feature/bug -
Job definition updated, if necessary -
Job definition example -
Vendored CI Templates (also in CE)
-
-
Conforms to the code review guidelines -
Conforms to the Go guidelines -
Security reports checked/validated by reviewer