Draft: Remove unnecessary glibc-related RPM packages
The goal of this changeset is to remove from the container image unnecessary glibc-related RPMs in which security vulnerabilities were found by the scanning pipeline. Given that the RPMs are not actually required by the container at runtime, it should be safe to remove them.
Summary of the change:
- Added
removeUnnecessaryPackages()inscripts/install_external.shto removeglibc-develandglibc-langpack-en.
The list of RPMs deleted after adding this change is the following:
binutils-2.30-79.el8.x86_64
cpp-8.3.1-5.1.el8.x86_64
gcc-8.3.1-5.1.el8.x86_64
gcc-gdb-plugin-8.3.1-5.1.el8.x86_64
glibc-devel-2.28-127.el8_3.2.x86_64
glibc-headers-2.28-127.el8_3.2.x86_64
glibc-langpack-en-2.28-127.el8_3.2.x86_64
isl-0.16.1-6.el8.x86_64
kernel-headers-4.18.0-240.15.1.el8_3.x86_64
libgomp-8.3.1-5.1.el8.x86_64
libmpc-1.0.2-9.el8.x86_64
libxcrypt-devel-4.1.1-4.el8.x86_64