dc99a291fb
Update node problem detector to 0.8.16 which is built with golang.org/x/net v0.21.0 and therefore compatible with cve-2023-44487. The cve requires v0.17.0 or higher of golng.org/x/net/http2. https://github.com/kubernetes/node-problem-detector/blob/v0.8.16/go.mod#L83 Change-Id: I779799b2c45d0569058068fe5bf3251ed2c98ffc
20 lines
849 B
Docker
20 lines
849 B
Docker
ARG FROM=docker.io/ubuntu:focal
|
|
FROM ${FROM}
|
|
|
|
ARG NPD_VERSION="v0.8.16"
|
|
ARG NPD_SRC_URL="https://github.com/kubernetes/node-problem-detector/releases/download/${NPD_VERSION}"
|
|
|
|
RUN apt-get update ;\
|
|
apt-get upgrade -y ;\
|
|
apt-get install --no-install-recommends -y wget ca-certificates ;\
|
|
#Create a Temp dir to download and extract the package
|
|
TMP_DIR=$(mktemp --directory) ;\
|
|
wget -q ${NPD_SRC_URL}/node-problem-detector-${NPD_VERSION}-linux_amd64.tar.gz -O ${TMP_DIR}/node-problem-detector-${NPD_VERSION}.tar.gz ;\
|
|
mkdir -p /opt/node-problem-detector/ ;\
|
|
tar zxf ${TMP_DIR}/node-problem-detector-${NPD_VERSION}.tar.gz -C /opt/node-problem-detector ;\
|
|
#Cleanup the directories
|
|
apt-get autoremove --purge ca-certificates ;\
|
|
apt-get clean ;\
|
|
rm -rf /var/lib/apt/lists/* /root/.cache ;\
|
|
rm -rf ${TMP_DIR}
|