Skip to content

Commit c8c892a

Browse files
rayaisaiahrayaisaiah
authored
forwardport: [NPM] [Vulnerability] Resolve stdlib CVEs by Updating go Version from… (#4166)
[NPM] [Vulnerability] Resolve stdlib CVEs by Updating go Version from 1.23 -> 1.25.5 and Update Base Windows Image (#4153) * update go version to resolve stdlib cves in npm * bump go to 1.25.5 * updated windows base image to resolve cves * Revert "[NPM] [Backport] Remove NPM Windows 2022 Tests from the NPM Conformance Tests + Clean Up NPM release/v1.4 (#3917)" This reverts commit c0e7aeb. * Partial revert: restore NPM manifests, keep pipeline test changes * revert windows conformance tests
1 parent 2d2db4c commit c8c892a

File tree

2 files changed

+5
-5
lines changed

2 files changed

+5
-5
lines changed

npm/linux.Dockerfile

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,10 @@
1-
FROM mcr.microsoft.com/oss/go/microsoft/golang:1.24-azurelinux3.0 AS builder
1+
FROM mcr.microsoft.com/oss/go/microsoft/golang:1.25.5 AS builder
22
ARG VERSION
33
ARG NPM_AI_PATH
44
ARG NPM_AI_ID
55
WORKDIR /usr/local/src
66
COPY . .
7-
RUN CGO_ENABLED=0 go build -v -o /usr/local/bin/azure-npm -ldflags "-s -w -X main.version="$VERSION" -X "$NPM_AI_PATH"="$NPM_AI_ID"" -gcflags="-dwarflocationlists=true" npm/cmd/*.go
7+
RUN MS_GO_NOSYSTEMCRYPTO=1 CGO_ENABLED=0 go build -v -o /usr/local/bin/azure-npm -ldflags "-s -w -X main.version="$VERSION" -X "$NPM_AI_PATH"="$NPM_AI_ID"" -gcflags="-dwarflocationlists=true" npm/cmd/*.go
88

99
FROM mcr.microsoft.com/mirror/docker/library/ubuntu:24.04 as linux
1010
COPY --from=builder /usr/local/bin/azure-npm /usr/bin/azure-npm

npm/windows.Dockerfile

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,14 @@
11
ARG OS_VERSION
2-
FROM --platform=linux/amd64 mcr.microsoft.com/oss/go/microsoft/golang:1.24-azurelinux3.0 AS builder
2+
FROM --platform=linux/amd64 mcr.microsoft.com/oss/go/microsoft/golang:1.25.5 AS builder
33
ARG VERSION
44
ARG NPM_AI_PATH
55
ARG NPM_AI_ID
66
WORKDIR /usr/local/src
77
COPY . .
8-
RUN GOOS=windows CGO_ENABLED=0 go build -v -o /usr/local/bin/azure-npm.exe -ldflags "-s -w -X main.version="$VERSION" -X "$NPM_AI_PATH"="$NPM_AI_ID"" -gcflags="-dwarflocationlists=true" npm/cmd/*.go
8+
RUN MS_GO_NOSYSTEMCRYPTO=1 GOOS=windows CGO_ENABLED=0 go build -v -o /usr/local/bin/azure-npm.exe -ldflags "-s -w -X main.version="$VERSION" -X "$NPM_AI_PATH"="$NPM_AI_ID"" -gcflags="-dwarflocationlists=true" npm/cmd/*.go
99

1010
# intermediate for win-ltsc2022
11-
FROM mcr.microsoft.com/windows/servercore@sha256:45952938708fbde6ec0b5b94de68bcdec3f8c838be018536b1e9e5bd95e6b943 as windows
11+
FROM mcr.microsoft.com/windows/servercore@sha256:3a2a2fdfbae2f720f6fe26f2d7680146712ce330f605b02a61d624889735c72e as windows
1212
COPY --from=builder /usr/local/src/npm/examples/windows/kubeconfigtemplate.yaml kubeconfigtemplate.yaml
1313
COPY --from=builder /usr/local/src/npm/examples/windows/setkubeconfigpath.ps1 setkubeconfigpath.ps1
1414
COPY --from=builder /usr/local/src/npm/examples/windows/setkubeconfigpath-capz.ps1 setkubeconfigpath-capz.ps1

0 commit comments

Comments
 (0)