Replies: 1 comment
-
|
Posting here for anyone that stumbles across the discussion and not the issue: PrefectHQ/server#197 (comment) |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hello,
We are evaluating prefect core to replace our workflow management. As part of security protocol all container images are scanned which included all the 5 docker containers of prefect core (server, Apollo, ui, Hasura/graphql & Postgres:11). All of these containers seem to have vulnerabilities and most of them are medium to low.
However, the ones which are critical & high needs to be resolved before we can use them for prod, based on our observation these packages are system libs (like linux kernel, shadow, glibc etc. something which prefect doesn’t directly use). Is it possible to update the base image to say Ubuntu 20.4 (in our tests between Debian and ubuntu, the latter seems to have just about 16 [1 medium rest all low vulnerabilities])?
Screen shots -
PS - Scans have been made using GCP’s vulnerability scan service in GCR
Any other recommended approach we could follow to over come this issue is greatly appreciated. 🙂
Slack reference
Beta Was this translation helpful? Give feedback.
All reactions