@@ -22,21 +22,48 @@ ENV DOTNET_SYSTEM_GLOBALIZATION_INVARIANT=false \
2222# Install dependencies and clean up
2323RUN curl -sSL ${PS_PACKAGE_URL} -o /tmp/powershell.rpm \
2424 && dnf install -y /tmp/powershell.rpm \
25+ # remove powershell package
26+ && rm /tmp/powershell.rpm \
2527 && dnf install -y \
2628 # less is needed for help
27- less \
29+ less \
2830 # Needed to run localdef
29- glibc-locale-source \
31+ glibc-locale-source \
3032 # Invoke-WebRequest doesn't work correctly without this
31- compat-openssl10 \
32- ca-certificates \
33- gssntlmssp \
33+ compat-openssl10 \
34+ ca-certificates \
35+ gssntlmssp \
36+ && ln -sf /opt/microsoft/powershell/7-preview/pwsh /usr/bin/pwsh \
37+ # For whatever reason FEDORA-2019-27e7b92407 has to be patched manually
38+ # to do this, upgrade libmodulemd1, if it is installed
39+ && pwsh \
40+ -NoLogo \
41+ -NoProfile \
42+ -Command " \
43+ \$ module = (dnf list installed libmodulemd1 | Select-String -SimpleMatch libmodulemd1); \
44+ if(\$ module) { \
45+ dnf upgrade -y libmodulemd1 \
46+ }" \
47+ # This installs most security advisories
3448 && dnf upgrade-minimal -y --security \
49+ # query and install any remaining security advisories
50+ && pwsh \
51+ -NoLogo \
52+ -NoProfile \
53+ -Command " \
54+ (dnf updateinfo list -q --security) | \
55+ Foreach-Object { \
56+ \$ advisory=(\$ _ -split ' ')[0]; \
57+ Write-Host '******* Patching *********'; \
58+ Write-Host \$ advisory; \
59+ Write-Host '************************'; \
60+ dnf upgrade -y --advisory=\$ advisory \
61+ }" \
62+ && echo "verifying all security advisories are installed..." \
63+ && dnf updateinfo list -q --security \
64+ && echo "end - verifying all security advisories are installed..." \
3565 && dnf clean all \
3666 && localedef --charmap=UTF-8 --inputfile=en_US $LANG \
37- # remove powershell package
38- && rm /tmp/powershell.rpm \
39- && ln -sf /opt/microsoft/powershell/7-preview/pwsh /usr/bin/pwsh \
4067 # intialize powershell module cache
4168 && pwsh \
4269 -NoLogo \
0 commit comments