Do not install weak dependencies such as logrotate#687
Do not install weak dependencies such as logrotate#687Miciah wants to merge 1 commit intoopenshift:masterfrom
Conversation
When installing the haproxy-router image's package dependencies, specify --setopt=install_weak_deps=0 to avoid install weak dependencies. In particular, this commit avoids installing the rsyslog-logrotate package, which is a weak dependency of the rsyslog package. The rsyslog-logrotate package requires the logrotate package; the router does not need either of these packages. Installing these unnecessary packages enlarges the size and attack surface of the container image. * hack/Dockerfile.debug: * images/router/haproxy/Dockerfile: * images/router/haproxy/Dockerfile.ocp: * images/router/haproxy/Dockerfile.rhel: Specify the --setopt=install_weak_deps=0 option for yum install.
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here. DetailsNeeds approval from an approver in each of these files:Approvers can indicate their approval by writing |
|
@Miciah: all tests passed! Full PR test history. Your PR dashboard. DetailsInstructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here. |
|
/assign |
2 participants
When installing the haproxy-router image's package dependencies, specify
--setopt=install_weak_deps=0to avoid install weak dependencies.In particular, this change avoids installing the rsyslog-logrotate package, which is a weak dependency of the rsyslog package. The rsyslog-logrotate package requires the logrotate package; the router does not need either of these packages. Installing these unnecessary packages enlarges the size and attack surface of the container image.