Vulnerability Check fails for the image based on "ibmliberty"
I've created a docker image that is based on "ibmliberty".However when I try to create a container from that image, I'm getting "Deployment Blocked" error. When I try to create container from pure "ibmliberty" image, vulnerability assessment says it's safe to deploy that image. I really don't understand how vulnerability check works because there is nothing different between the image that I have created and the "ibmliberty" image. You can see my dockerfile below. and vulnerability assessment output. I've spent hours to figure out the reason and tried to upgrade the packages in the dockerfile, however nothing solved my problem including updating the packages that causes vulnerability assessment fail.
FROM registry.ng.bluemix.net/ibmliberty:latest
RUN apt-get purge -y openssh-server
RUN apt-get purge -y openssh-sftp-server
RUN apt-get -y autoremove
EXPOSE 9080
EXPOSE 22
Here is the vulnerability assessment output for my image: 
And here is the vulnerability assessment for ibmliberty image: 
Hi. I am sorry for the delay. I will be able to help you with this. I am investigating this now.
It works now. This is the Dockerfile I used. Try this and let me know how it goes.
FROM registry.ng.bluemix.net/ibmliberty:latest
RUN apt-get purge -y openssh-server
RUN apt-get purge -y openssh-sftp-server
RUN apt-get -y autoremove
RUN apt-get update -y
RUN apt-get upgrade -y
EXPOSE 9080
EXPOSE 22
I tried this method before, and tried it again but it did not work. It's still saying that ibmliberty image is safe to deploy but the image that is created from the dockerfile above is blocked.
It was because the original ibmliberty image already contained vulnerabilities. It was scanned sometime ago and back then it was clean. After then, new vulnerabilities were discovered, but the image was not rescanned yet. So, for you to make it work, just add this line to the Dockerfile.
RUN apt-get update -y
I did more testing and adding that line doesn't seem to fix it. Give me a little more time.
Thanks! I've already update and upgrade commands but nothing seems to work. I'll be waiting for your response.
Do you mean you tried now and didn't work? I just pushed this container image to the bluemix and it's working for me. See the screenshot.
Now I tried again, deleting the last image, renaming the image name and it worked! Thanks a lot.
I think I have to provide --no-cache option as well when building the image.