From 249afa7cb9d0b8465cfc7639cd741fec79e1148b Mon Sep 17 00:00:00 2001
From: Stefan Reimer <stefan@zero-downtime.net>
Date: Fri, 30 Aug 2024 11:11:44 +0000
Subject: [PATCH] ci: remove hard coded creds used for testing to silence trivy

---
 Dockerfile | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index b508634..5ab2cee 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -34,7 +34,9 @@ RUN curl -fsSL https://get.pulumi.com/ | sh -s -- --version $(pip show pulumi --
 RUN cd /root/.pulumi/bin && rm -f *dotnet *yaml *go *java && strip pulumi* || true
 
 # Remove AWS keys from docstring to prevent trivy alerts later
-RUN sed -i -e 's/AKIA.*//' /venv/lib/python${RUNTIME_VERSION}/site-packages/pulumi_aws/lightsail/bucket_access_key.py
+RUN sed -i -e 's/AKIA.*//' \
+    /venv/lib/python${RUNTIME_VERSION}/site-packages/pulumi_aws/lightsail/bucket_access_key.py \
+    /venv/lib/python${RUNTIME_VERSION}/site-packages/pulumi_aws/glue/connection.py
 
 # Now build the final runtime, incl. running rootless containers
 FROM python:${RUNTIME_VERSION}-alpine${DISTRO_VERSION}