[SERVER-84715] Try out microdnf + install_weak_deps=0 to reduce mongo container deps Created: 10/Jan/24 Updated: 22/Jan/24 |
|
| Status: | Backlog |
| Project: | Core Server |
| Component/s: | None |
| Affects Version/s: | None |
| Fix Version/s: | None |
| Type: | Improvement | Priority: | Minor - P4 |
| Reporter: | Zack Winter | Assignee: | Unassigned |
| Resolution: | Unresolved | Votes: | 0 |
| Labels: | None | ||
| Remaining Estimate: | Not Specified | ||
| Time Spent: | Not Specified | ||
| Original Estimate: | Not Specified | ||
| Issue Links: |
|
||||||||
| Assigned Teams: |
Build
|
||||||||
| Participants: | |||||||||
| Description |
|
The number of dependencies pulled in by mongo-container frequently trigger security vulnerability scanners. To reduce our exposure, we may be able to leverage the "install_weak_deps" dnf option to avoid having to pull in python as a transitive dependency, ex: microdnf install <pkgs> --setopt=install_weak_deps=0 See https://github.com/mongodb/mongodb-kubernetes-operator/blob/master/scripts/dev/templates/agent/Dockerfile.ubi#L6 for an example The references here would need to be updated: https://github.com/10gen/mongo-container/blob/master/7.0/ubi8/Dockerfile.base.j2#L18 |