🔒️(front) improve docker image security
Cyberwatch reported security issues with the frontend Docker image.
This commit is contained in:
Jacques ROUSSEL
committed by
Manuel Raynaud
Manuel Raynaud
parent
3f2d84bf62
commit
d1f73f18cd
@@ -50,19 +50,7 @@ ENV NEXT_PUBLIC_PUBLISH_AS_MIT=${PUBLISH_AS_MIT}
|
||||
RUN yarn build
|
||||
|
||||
# ---- Front-end image ----
|
||||
FROM nginxinc/nginx-unprivileged:1.27-alpine AS frontend-production
|
||||
|
||||
# Remove the upgrade part once nginx has published
|
||||
# a new image that fixes the CVE related to libxml2
|
||||
ARG UID=101
|
||||
USER root
|
||||
|
||||
# Upgrade system packages to install security updates
|
||||
RUN apk update && \
|
||||
apk upgrade && \
|
||||
rm -rf /var/cache/apk/*
|
||||
|
||||
USER $UID
|
||||
FROM nginxinc/nginx-unprivileged:alpine3.21 AS frontend-production
|
||||
|
||||
# Un-privileged user running the application
|
||||
ARG DOCKER_USER
|
||||
|
||||
Reference in New Issue
Block a user