Can we move the base to centos8?
khuongduybui opened this issue · 2 comments
I appended RUN yum --security update -y to my Dockerfile after FROM FROM stevemcgrath/nessus_scanner:8.12.0 but my WhiteSource scan result still lists 61 vulnerable packages.
I tried moving the base to centos 8 while keeping the Tenable repos at releasever=7 and it seemed to work.
It probably installs fine. It likely even works fine. Whether it's kosher to do this is a different story.
I didn't quickly find Tenable publicly hosting yum repos serving up the CentOS 8 builds, but they make them available on their downloads page. The RPM could be pulled, checked into source, and used to install to CentOS 8. However, that'd shift the onus of updating the version of Nessus being installed more to this repo via PRs rather than simply being pulled from the yum repo on rebuild of the Dockerfile.