Container uses netbsd yq binary
Summary
The image includes yq
, which we'd like to use for a Renovate post upgrade task. However, the image downloads the NetBSD binary here, which we cannot use (it results in a segmentation fault). I saw in a PR that it was going to be changed to the Linux binary, but it was reverted back to the NetBSD binary here. My question: is the NetBSD binary used by design or can it be switched to the Linux binary?
Steps to reproduce
> docker run -d --rm --name renovate-test registry1.dso.mil/ironbank/container-hardening-tools/renovate/renovate:latest sleep 999
8b1bc17f8aed26d2de56a0d87fec7f89405b65839ae6158a7a39707ca6d661f1
> docker exec -it renovate-test bash
[node@8b1bc17f8aed renovate]$ yq
Segmentation fault (core dumped)
[node@8b1bc17f8aed renovate]$
What is the current bug behavior?
yq
fails with a segmentation fault.
What is the expected correct behavior?
yq
executes normally.
Possible fixes
Switch to the Linux binary as seen in this PR.