Skip to content

Commit

Permalink
Merge pull request #521 from boozallen/518-cve-remediation
Browse files Browse the repository at this point in the history 
#518 Resolve CVEs within hive metastore docker image
  • Loading branch information
@carter-cundiff
carter-cundiff authored Jan 3, 2025
2 parents 1cd838a + 0bfb94c commit 4a95e9b
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 0 deletions.
1 change: 1 addition & 0 deletions extensions/extensions-docker/aissemble-hive-service/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@
<outputDirectory>${dockerbuild.jars.directory}</outputDirectory>
<includeTypes>jar</includeTypes>
<excludeTransitive>true</excludeTransitive>
<includeArtifactIds>delta-hive_2.12,mysql-connector-java</includeArtifactIds>
</configuration>
<executions>
<execution>
Expand Down
5 changes: 5 additions & 0 deletions extensions/extensions-docker/aissemble-hive-service/src/main/resources/docker/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,11 @@ RUN groupadd -rf hive --gid=1000 && \

ADD ${JARS_DIR}/* $HIVE_HOME/lib/

# Remove jars with open vulnerabilities. These jars are included in the apache hive image but not necessary
# when running the hive metastore only
RUN rm ${HIVE_HOME}/lib/avatica-1.12.0.jar ${HIVE_HOME}/lib/htrace-core-3.1.0-incubating.jar \
${HADOOP_HOME}/share/hadoop/yarn/timelineservice/lib/htrace-core-3.1.0-incubating.jar

USER hive

ENTRYPOINT ["/opt/hive/bin/hive", "--skiphadoopversion", "--skiphbasecp", "--verbose", "--service", "metastore"]

0 comments on commit 4a95e9b

Please sign in to comment.