abhioncbr commented on issue #13461: URL: https://github.com/apache/pinot/issues/13461#issuecomment-2355431107
Thanks @xiangfu0. I think part of the problem can be resolved by building the pinot-base-runtime images once daily. If I am interpreting the [data correctly](https://github.com/apachepinot/pinot-fork/actions/workflows/build-pinot-base-runtime-docker-image.yml), before today's run, we ran the build image six months ago. Is that correct? Secondly, I am not sure why we are installing these packages ` procps vim less wget curl git python sysstat perf libtasn1 zstd` ([reference](https://github.com/apache/pinot/blob/master/docker/images/pinot-base/pinot-base-runtime/amazoncorretto.dockerfile#L28)). Some of the vulnerabilities are coming from these packages. I am trying to understand why we need it. I am planning to remove some of these packages, or if required, we can build a new Pinot image, say `Pinot-slim`, with the minimum required packages installed. Please comment If it makes sense. Thanks -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: commits-unsubscr...@pinot.apache.org For additional commands, e-mail: commits-h...@pinot.apache.org
