ci: remove hard coded creds used for testing to silence trivy
This commit is contained in:
parent
a245d88f8c
commit
249afa7cb9
@ -34,7 +34,9 @@ RUN curl -fsSL https://get.pulumi.com/ | sh -s -- --version $(pip show pulumi --
|
||||
RUN cd /root/.pulumi/bin && rm -f *dotnet *yaml *go *java && strip pulumi* || true
|
||||
|
||||
# Remove AWS keys from docstring to prevent trivy alerts later
|
||||
RUN sed -i -e 's/AKIA.*//' /venv/lib/python${RUNTIME_VERSION}/site-packages/pulumi_aws/lightsail/bucket_access_key.py
|
||||
RUN sed -i -e 's/AKIA.*//' \
|
||||
/venv/lib/python${RUNTIME_VERSION}/site-packages/pulumi_aws/lightsail/bucket_access_key.py \
|
||||
/venv/lib/python${RUNTIME_VERSION}/site-packages/pulumi_aws/glue/connection.py
|
||||
|
||||
# Now build the final runtime, incl. running rootless containers
|
||||
FROM python:${RUNTIME_VERSION}-alpine${DISTRO_VERSION}
|
||||
|
Loading…
Reference in New Issue
Block a user