fleet/tools/fleet-docker/Dockerfile

FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c
LABEL maintainer="Fleet Developers"

RUN apk --update add ca-certificates
RUN apk --no-cache add jq

# Create fleet group and user
RUN addgroup -S fleet && adduser -S fleet -G fleet

USER fleet

COPY fleet /usr/bin/

CMD ["fleet", "serve"]
Update alpine to patch vulnerability with severity "HIGH" (#26593) The vulnerability was posted by a prospect. Posting manual command until we get #25902 done. ```sh trivy image --ignore-unfixed --pkg-types os,library --severity CRITICAL,HIGH --show-suppressed fleetdm/fleet:v4.64.1 [...] fleetdm/fleet:v4.64.1 (alpine 3.21.0) Total: 2 (HIGH: 2, CRITICAL: 0) ┌────────────┬────────────────┬──────────┬────────┬───────────────────┬───────────────┬──────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │ ├────────────┼────────────────┼──────────┼────────┼───────────────────┼───────────────┼──────────────────────────────────────────────────────────┤ │ libcrypto3 │ CVE-2024-12797 │ HIGH │ fixed │ 3.3.2-r4 │ 3.3.3-r0 │ openssl: RFC7250 handshakes with unauthenticated servers │ │ │ │ │ │ │ │ don't abort as expected │ │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2024-12797 │ ├────────────┤ │ │ │ │ │ │ │ libssl3 │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ │ └────────────┴────────────────┴──────────┴────────┴───────────────────┴───────────────┴──────────────────────────────────────────────────────────┘ ``` 2025-02-25 21:33:24 +00:00			`FROM alpine:3.21.3@sha256:a8560b36e8b8210634f77d9f7f9efd7ffa463e380b75e2e74aff4511df3ef88c`
Drew bakerfdm remove email mentions (#8641) * Remove email address for redudancy Call to actions at the bottom of the page offer better forms of communication to join the community, trial Fleet, or ask questions. * Remove email mention * Remove email mention * Remove email mention 2022-11-10 16:59:08 +00:00			`LABEL maintainer="Fleet Developers"`
Implement release automation (#1215) - Use goreleaser to automate release process. - Add new dockerfiles for fleet (with fleetctl) and fleetctl (only). - Add GitHub Action Workflow to run goreleaser on new tag. - Update NPM to match new archive naming. 2021-06-26 01:40:26 +00:00
			`RUN apk --update add ca-certificates`
add jq to docker images (#6531) 2022-07-19 16:02:51 +00:00			`RUN apk --no-cache add jq`
Implement release automation (#1215) - Use goreleaser to automate release process. - Add new dockerfiles for fleet (with fleetctl) and fleetctl (only). - Add GitHub Action Workflow to run goreleaser on new tag. - Update NPM to match new archive naming. 2021-06-26 01:40:26 +00:00
			`# Create fleet group and user`
			`RUN addgroup -S fleet && adduser -S fleet -G fleet`

			`USER fleet`

			`COPY fleet /usr/bin/`

			`CMD ["fleet", "serve"]`