Skip to content

Commit d947089

Browse files
sarahchen6sarahchen6
authored
Merge pull request #100 from DataDog/sarahchen6/fix-security-vulnerabilities
Update docker and docker-compose versions
2 parents ffcf035 + c5c232a commit d947089

File tree

2 files changed

+8
-6
lines changed

2 files changed

+8
-6
lines changed

.github/dependabot.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,7 @@ updates:
88
- package-ecosystem: "github-actions"
99
directory: "/"
1010
schedule:
11-
interval: "monthly"
11+
interval: "weekly"
1212
groups:
1313
gh-actions-packages:
1414
patterns:

Dockerfile

Lines changed: 7 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -32,11 +32,12 @@ RUN <<-EOT
3232
sudo git config --system --add safe.directory "*"
3333

3434
sudo mkdir -p /tmp/docker-install
35-
sudo curl -fsSL "https://download.docker.com/linux/static/stable/$(uname -m)/docker-24.0.7.tgz" | sudo tar -xz -C /tmp/docker-install
35+
DOCKER_LATEST_VERSION=$(curl -s https://download.docker.com/linux/static/stable/$(uname -m)/ | grep -oP 'docker-\K([0-9]+\.[0-9]+\.[0-9]+)(?=\.tgz)' | sort -V | tail -n 1)
36+
sudo curl -fsSL "https://download.docker.com/linux/static/stable/$(uname -m)/docker-${DOCKER_LATEST_VERSION}.tgz" | sudo tar -xz -C /tmp/docker-install
3637
sudo mv /tmp/docker-install/docker/docker /usr/local/bin/
3738
sudo rm -rf /tmp/docker-install
3839
sudo mkdir -p /usr/local/lib/docker/cli-plugins
39-
sudo curl -fsSL "https://github.com/docker/compose/releases/download/v2.24.6/docker-compose-linux-$(uname -m)" -o /usr/local/lib/docker/cli-plugins/docker-compose
40+
sudo curl -fsSL "https://github.com/docker/compose/releases/latest/download/docker-compose-linux-$(uname -m)" -o /usr/local/lib/docker/cli-plugins/docker-compose
4041
sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
4142

4243
sudo apt-get clean
@@ -66,7 +67,7 @@ COPY --from=ghcr.io/graalvm/native-image-community:21-ol9 /usr/lib64/graalvm/gra
6667

6768
# See: https://gist.github.com/wavezhang/ba8425f24a968ec9b2a8619d7c2d86a6
6869
# Note it seems that latest Oracle JDK 8 are not available for download without an account.
69-
# Latest availble is jdk-8u381-linux-x64.tar.gz
70+
# Latest available is jdk-8u381-linux-x64.tar.gz
7071
RUN <<-EOT
7172
set -eux
7273
sudo mkdir -p /usr/lib/jvm/oracle8
@@ -126,11 +127,12 @@ RUN <<-EOT
126127
sudo git config --system --add safe.directory "*"
127128

128129
sudo mkdir -p /tmp/docker-install
129-
sudo curl -fsSL "https://download.docker.com/linux/static/stable/$(uname -m)/docker-24.0.7.tgz" | sudo tar -xz -C /tmp/docker-install
130+
DOCKER_LATEST_VERSION=$(curl -s https://download.docker.com/linux/static/stable/$(uname -m)/ | grep -oP 'docker-\K([0-9]+\.[0-9]+\.[0-9]+)(?=\.tgz)' | sort -V | tail -n 1)
131+
sudo curl -fsSL "https://download.docker.com/linux/static/stable/$(uname -m)/docker-${DOCKER_LATEST_VERSION}.tgz" | sudo tar -xz -C /tmp/docker-install
130132
sudo mv /tmp/docker-install/docker/docker /usr/local/bin/
131133
sudo rm -rf /tmp/docker-install
132134
sudo mkdir -p /usr/local/lib/docker/cli-plugins
133-
sudo curl -fsSL "https://github.com/docker/compose/releases/download/v2.24.6/docker-compose-linux-$(uname -m)" -o /usr/local/lib/docker/cli-plugins/docker-compose
135+
sudo curl -fsSL "https://github.com/docker/compose/releases/latest/download/docker-compose-linux-$(uname -m)" -o /usr/local/lib/docker/cli-plugins/docker-compose
134136
sudo chmod +x /usr/local/lib/docker/cli-plugins/docker-compose
135137

136138
sudo apt-get clean

0 commit comments

Comments
 (0)