From 9995246641fd543820f5fa4cc735bdff9d42d144 Mon Sep 17 00:00:00 2001
From: Stefan Reimer <stefan@zero-downtime.net>
Date: Fri, 27 Oct 2023 11:02:09 +0000
Subject: [PATCH] Silence trivy false positive trivy alerts

---
 Dockerfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 46fb2a0..5414e4e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -38,6 +38,8 @@ RUN pip install . --no-deps
 # minimal pulumi
 RUN cd /root/.pulumi/bin && rm -f *dotnet *yaml *go *java && strip pulumi* || true
 
+# Remove AWS keys from docstring to prevent trivy alerts later
+sed -i -e 's/AKIA.*//' /venv/lib/python${RUNTIME_VERSION}/site-packages/pulumi_aws/lightsail/bucket_access_key.py
 
 # Now build the final runtime, incl. running rootless containers
 FROM python:${RUNTIME_VERSION}-alpine${DISTRO_VERSION}