fix: apply changes so main-ci test passes (#148)

* ci: update allowedlist.yaml and Dockerfile * fix: remove git from image to prevent vulnerability * fix: add vulnerabilities to allowedlist.yaml
PHT-Medic · Jul 11, 2023 · 61cfb7e · 61cfb7e
1 parent f0f4bca
commit 61cfb7e
Show file tree

Hide file tree

Showing 2 changed files with 25 additions and 0 deletions.
diff --git a/.github/containerscan/allowedlist.yaml b/.github/containerscan/allowedlist.yaml
@@ -1,5 +1,29 @@
 general:
   vulnerabilities:
+    - CVE-2023-29007
+    - CVE-2023-25652
+    - CVE-2023-3390
+    - CVE-2023-3389
+    - CVE-2023-3338
+    - CVE-2023-35829
+    - CVE-2023-35827
+    - CVE-2023-35824
+    - CVE-2023-35823
+    - CVE-2023-35788
+    - CVE-2023-3397
+    - CVE-2023-3268
+    - CVE-2023-3141
+    - CVE-2023-3111
+    - CVE-2023-3090
+    - CVE-2023-2156
+    - CVE-2023-2124
+    - CVE-2023-2007
+    - CVE-2022-2309
+    - CVE-2021-31239
+    - CVE-2023-31484
+    - CVE-2023-29491
+    - CVE-2023-2953
+    - CVE-2023-2603
     - CVE-2022-1015
     - CVE-2022-32221
     - CVE-2019-8457

diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -11,6 +11,7 @@ RUN apt -y update && apt-get -y install software-properties-common && \
     apt-utils \
     locales \
     curl && \
+    apt-get remove -yqq git && \
     apt-get clean && \
     rm -rf /var/lib/apt/lists/* && \
     rm -rf /var/cache/apt/archives/*