Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(debian): clean apt caches #74

Merged
merged 1 commit into from
Jan 28, 2025
Merged

fix(debian): clean apt caches #74

merged 1 commit into from
Jan 28, 2025
+3 −0

Conversation

DDtKey
Copy link
Contributor

@DDtKey DDtKey commented Jan 23, 2025
edited
Loading

First of all, thanks for the maintenance!

Here is a minor fix of not cleaned apt caches, see DKL-DI-0005

Currently, the following FATAL issues are found by dockle:

> docker run --rm -v /var/run/docker.sock:/var/run/docker.sock goodwithtech/dockle:v0.4.15 --exit-code=1 --exit-level=warn clamav/clamav-debian:1.4

FATAL   - DKL-DI-0005: Clear apt-get caches
        * Use 'rm -rf /var/lib/apt/lists' after 'apt-get install|update' : RUN /bin/sh -c apt-get update && apt-get install -y         libbz2-1.0         libcurl4         libssl3         libjson-c5         libmilt
er1.0.1         libncurses6         libpcre2-8-0         libxml2         zlib1g         tzdata         netcat-openbsd     &&     rm -rf /var/cache/apt/archives &&     groupadd -g 1000 "clamav" &&     useradd -m -g
 clamav -s /bin/false --home-dir /var/lib/clamav -u 1000 -c "Clam Antivirus" clamav &&     install -d -m 755 -g "clamav" -o "clamav" "/var/log/clamav" &&     chown -R clamav:clamav /var/lib/clamav # buildkit

This PR eliminates this issue

@DDtKey DDtKey force-pushed the debian/clear-caches-and-add-user branch from ee360a1 to b8c83b1 Compare January 23, 2025 22:17
rsundriyal
rsundriyal approved these changes Jan 28, 2025
View reviewed changes
Copy link
Contributor

@rsundriyal rsundriyal left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good.

@DDtKey @val-ms
fix(debian): clean apt caches and add user
ecb4576 
First of all, thanks for the maintainance!

Minor fixe here:

1. apt caches not cleaned
It's some sort of best-practices, see [DKL-DI-0005](https://github.com/goodwithtech/dockle/blob/master/CHECKPOINT.md#dkl-di-0005)
Also it reduces the image size and additionally
@val-ms val-ms force-pushed the debian/clear-caches-and-add-user branch from b8c83b1 to ecb4576 Compare January 28, 2025 19:17
@val-ms val-ms merged commit 658ba84 into Cisco-Talos:main Jan 28, 2025
@val-ms
Copy link
Collaborator

val-ms commented Jan 28, 2025

I also did a local build and compared the size with a recently build 1.4 image and confirmed it a fair bit smaller. @DDtKey thank you for the help!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rsundriyal rsundriyal rsundriyal approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@DDtKey @val-ms @rsundriyal