From 0847a36a2f6448c82c72a2ca1411382deb3f6b08 Mon Sep 17 00:00:00 2001 From: Carmine Vassallo Date: Thu, 2 Nov 2023 12:17:48 +0100 Subject: [PATCH] SONAR-20918 Fix security hotspot docker:S6500 --- 10/community/Dockerfile | 2 +- 10/datacenter/app/Dockerfile | 2 +- 10/datacenter/search/Dockerfile | 2 +- 10/developer/Dockerfile | 2 +- 10/enterprise/Dockerfile | 2 +- 9/community/Dockerfile | 2 +- 9/datacenter/app/Dockerfile | 2 +- 9/datacenter/search/Dockerfile | 2 +- 9/developer/Dockerfile | 2 +- 9/enterprise/Dockerfile | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/10/community/Dockerfile b/10/community/Dockerfile index 965a3a28..25d2e859 100644 --- a/10/community/Dockerfile +++ b/10/community/Dockerfile @@ -24,7 +24,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25 diff --git a/10/datacenter/app/Dockerfile b/10/datacenter/app/Dockerfile index 2a9e7534..d80564f7 100644 --- a/10/datacenter/app/Dockerfile +++ b/10/datacenter/app/Dockerfile @@ -26,7 +26,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu iproute2; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu iproute2; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25 diff --git a/10/datacenter/search/Dockerfile b/10/datacenter/search/Dockerfile index 03cbdc8f..c7dfab06 100644 --- a/10/datacenter/search/Dockerfile +++ b/10/datacenter/search/Dockerfile @@ -26,7 +26,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu iproute2; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu iproute2; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25 diff --git a/10/developer/Dockerfile b/10/developer/Dockerfile index 97dd0d7a..54a13526 100644 --- a/10/developer/Dockerfile +++ b/10/developer/Dockerfile @@ -24,7 +24,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25 diff --git a/10/enterprise/Dockerfile b/10/enterprise/Dockerfile index 49e67773..f85352a4 100644 --- a/10/enterprise/Dockerfile +++ b/10/enterprise/Dockerfile @@ -24,7 +24,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25 diff --git a/9/community/Dockerfile b/9/community/Dockerfile index aeff9d7a..841bb79e 100644 --- a/9/community/Dockerfile +++ b/9/community/Dockerfile @@ -23,7 +23,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25 diff --git a/9/datacenter/app/Dockerfile b/9/datacenter/app/Dockerfile index 6eb67498..a13a7d3c 100644 --- a/9/datacenter/app/Dockerfile +++ b/9/datacenter/app/Dockerfile @@ -25,7 +25,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu iproute2; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu iproute2; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25 diff --git a/9/datacenter/search/Dockerfile b/9/datacenter/search/Dockerfile index c00c3a63..6c4135ee 100644 --- a/9/datacenter/search/Dockerfile +++ b/9/datacenter/search/Dockerfile @@ -25,7 +25,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu iproute2; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu iproute2; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25 diff --git a/9/developer/Dockerfile b/9/developer/Dockerfile index 0c4387a1..1ee7197c 100644 --- a/9/developer/Dockerfile +++ b/9/developer/Dockerfile @@ -23,7 +23,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25 diff --git a/9/enterprise/Dockerfile b/9/enterprise/Dockerfile index ba8cd3a1..a3529287 100644 --- a/9/enterprise/Dockerfile +++ b/9/enterprise/Dockerfile @@ -23,7 +23,7 @@ RUN set -eux; \ groupadd --system --gid 1000 sonarqube; \ useradd --system --uid 1000 --gid sonarqube sonarqube; \ apt-get update; \ - apt-get install -y gnupg unzip curl bash fonts-dejavu; \ + apt-get --no-install-recommends -y install gnupg unzip curl bash fonts-dejavu; \ echo "networkaddress.cache.ttl=5" >> "${JAVA_HOME}/conf/security/java.security"; \ sed --in-place --expression="s?securerandom.source=file:/dev/random?securerandom.source=file:/dev/urandom?g" "${JAVA_HOME}/conf/security/java.security"; \ # pub 2048R/D26468DE 2015-05-25