Description of problem: Not all of our images are built on top of ubi8-minimal which exposes us to a higher risk for hitting security issues. we should aim to use ubi8-minimal in all of our images, unless there is a good reason not to (missing functionality) Version-Release number of selected component (if applicable): 2.0 How reproducible: 100% Steps to Reproduce: 1. Check on which base image our images are built on 2. 3. Actual results: some are not built on ubi8-minimal Expected results: all should be built on ubi8-minimal Additional info:
@Federico, how can we make sure all teams align?
Do you have enough accurate information from the gate reports? (Make sure with Liora that there are no whitelists, etc.) You can file bugs on each image and discuss those in the relevant meetings.
Checked with Liora, they are not whitelisting. There are currently 2 images which are not built on minimal container kubevirt-template-validator-container kubevirt-metrics-collector-container once we confirm that both can/should be on minimal, we can track it in separate bugs, but not a must imo, as it's only 2 and managed under the same team
Since we postponed, we can close: cnv-2.1 images are already been updated to use ubi8-minimal as base build image
Indeed I do not see this issue in 2.1