Skip to content

Commit dfee959

Browse files
tariq1890tariq1890
committed
[Dockerfile] use official K8s URL to download kubectl
This change ensures that the latest stable kubectl binary is downloaded whenever the container image is built. The current URL - https://storage.googleapis.com/kubernetes-release/release/stable.txt no longer returns the latest stable release, so we are now switching to the actively maintained download URL of upstream Kubernetes. This change should address the CVE-2024-34156 Signed-off-by: Tariq Ibrahim <[email protected]>
1 parent 19bba14 commit dfee959

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

docker/Dockerfile

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -102,7 +102,7 @@ COPY hack/must-gather.sh /usr/bin/gather
102102

103103
# Install must-gather dependency: `kubectl`
104104
ARG TARGETARCH
105-
RUN OS_ARCH=${TARGETARCH/x86_64/amd64} && OS_ARCH=${OS_ARCH/aarch64/arm64} && curl -LO https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/${OS_ARCH}/kubectl
105+
RUN OS_ARCH=${TARGETARCH/x86_64/amd64} && OS_ARCH=${OS_ARCH/aarch64/arm64} && curl -LO https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/${OS_ARCH}/kubectl
106106
RUN chmod +x ./kubectl
107107
RUN mv ./kubectl /usr/local/bin
108108

0 commit comments

Comments
 (0)