Updating dockerfile to use latest go-discover version and suppressing the alpine CVE's#333
Merged
paras-gupta2 merged 3 commits intorelease/0.9.xfrom Mar 17, 2026
Merged
Updating dockerfile to use latest go-discover version and suppressing the alpine CVE's#333paras-gupta2 merged 3 commits intorelease/0.9.xfrom
paras-gupta2 merged 3 commits intorelease/0.9.xfrom
Conversation
There was a problem hiding this comment.
Pull request overview
Updates the build container to pull a newer go-discover to address reported CVEs, and tweaks Alpine package upgrade behavior in the release image stage.
Changes:
- Switch
go installforgo-discoverfrom a pinned commit to@latest. - Add
apk updatebeforeapk upgradein therelease-defaultstage.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
You can also share your feedback on Copilot code review. Take the survey.
paras-gupta2
temporarily deployed
to
dockerhub/hashicorpdev
GitHub Actions
Inactive
paras-gupta2
temporarily deployed
to
dockerhub/hashicorpdev
GitHub Actions
Inactive
paras-gupta2
changed the title
paras-gupta2
temporarily deployed
to
dockerhub/hashicorpdev
GitHub Actions
Inactive
anilvpatel
approved these changes
Mar 17, 2026
|
For posterity, validated that all the CVEs listed are included in https://security.alpinelinux.org/branch/3.23-main |
mickael-hc
reviewed
Mar 17, 2026
| RUN CGO_ENABLED=0 go install github.com/hashicorp/go-discover/cmd/discover@f3e097417ebe7089c1999fd32983e0d0b1a3e220 | ||
|
|
||
| FROM docker.mirror.hashicorp.services/alpine:3.23 AS release-default | ||
| RUN apk upgrade --no-cache |
There was a problem hiding this comment.
Not sure why this was removed, it may be useful in the future
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Changes proposed in this PR:
How I've tested this PR:
How I expect reviewers to test this PR:
Checklist:
PCI review checklist
I have documented a clear reason for, and description of, the change I am making.
If applicable, I've documented a plan to revert these changes if they require more than reverting the pull request.
If applicable, I've documented the impact of any changes to security controls.
Examples of changes to security controls include using new access control methods, adding or removing logging pipelines, etc.