Skip to content

Commit d911a2b

Browse files
sir-gonsir-gon
authored
Merge pull request #222 from sir-gon/develop
[REFACTOR] [CONFIG] Dockerfile optimizations
2 parents 30828d9 + 626bd28 commit d911a2b

File tree

1 file changed

+19
-15
lines changed

1 file changed

+19
-15
lines changed

Dockerfile

Lines changed: 19 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1,23 +1,24 @@
11
###############################################################################
22
FROM gradle:8.10.0-jdk22-alpine AS base
33

4-
ENV WORKDIR=/app
5-
WORKDIR ${WORKDIR}
4+
RUN apk add --update --no-cache make \
5+
# FIX CVE-2024-5535
6+
&& apk upgrade --update --no-cache openssl libcrypto3 libssl3 \
7+
# FIX CVE-2024-5535 CVE-2024-4741
8+
&& apk upgrade --update --no-cache --available
69

7-
RUN apk add --update --no-cache make
8-
RUN apk upgrade --update --no-cache openssl libcrypto3 libssl3 # FIX CVE-2024-5535
9-
RUN apk upgrade --update --no-cache --available # FIX CVE-2024-5535 CVE-2024-4741
10+
ENV WORKDIR=/app
11+
WORKDIR ${WORKDIR}
1012

1113
###############################################################################
1214
FROM base AS lint
1315

1416
ENV WORKDIR=/app
1517
WORKDIR ${WORKDIR}
1618

17-
RUN apk add --update --no-cache make nodejs npm
18-
RUN apk add --update --no-cache yamllint
19-
20-
RUN npm install -g --ignore-scripts markdownlint-cli
19+
RUN apk add --update --no-cache make nodejs npm\
20+
&& apk add --update --no-cache yamllint \
21+
&& npm install -g --ignore-scripts markdownlint-cli
2122

2223
# [!TIP] Use a bind-mount to "/app" to override following "copys"
2324
# for lint and test against "current" sources in this stage
@@ -94,19 +95,22 @@ CMD ["make", "test"]
9495
## WORKDIR and USER are maintained
9596
##
9697
FROM eclipse-temurin:22.0.2_9-jre-alpine AS production
97-
RUN apk upgrade --update --no-cache openssl libcrypto3 libssl3 # FIX CVE-2024-5535
98-
RUN apk upgrade --update --no-cache --available # FIX CVE-2024-5535 CVE-2024-4741
98+
99+
RUN apk add --update --no-cache make \
100+
# FIX CVE-2024-5535
101+
&& apk upgrade --update --no-cache openssl libcrypto3 libssl3 \
102+
# FIX CVE-2024-5535 CVE-2024-4741
103+
&& apk upgrade --update --no-cache --available
99104

100105
ENV LOG_LEVEL=INFO
101106
ENV BRUTEFORCE=false
102107
ENV WORKDIR=/app
103108
WORKDIR ${WORKDIR}
104109

105-
RUN adduser -D worker
106-
RUN mkdir -p /app
107-
RUN chown worker:worker /app
110+
RUN adduser -D worker \
111+
&& mkdir -p /app \
112+
&& chown worker:worker /app
108113

109-
RUN apk add --update --no-cache make
110114
COPY ./Makefile ${WORKDIR}/
111115
COPY --from=builder /app/algorithm-exercises-java/build/libs/algorithm-exercises-java.jar ${WORKDIR}/algorithm-exercises-java.jar
112116

0 commit comments

Comments
 (0)