studio/docs
Archived
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

🔒️(front) improve docker image security

Browse Source 
Cyberwatch reported security issues with the frontend Docker image.
This commit is contained in:
Jacques ROUSSEL
2025-05-21 10:49:01 +02:00
committed by Manuel Raynaud
parent 3f2d84bf62
commit d1f73f18cd
1 changed files with 1 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/frontend/Dockerfile
View File

@@ -50,19 +50,7 @@ ENV NEXT_PUBLIC_PUBLISH_AS_MIT=${PUBLISH_AS_MIT}
RUN yarn build RUN yarn build
# ---- Front-end image ---- # ---- Front-end image ----
FROM nginxinc/nginx-unprivileged:1.27-alpine AS frontend-production FROM nginxinc/nginx-unprivileged:alpine3.21 AS frontend-production
# Remove the upgrade part once nginx has published
# a new image that fixes the CVE related to libxml2
ARG UID=101
USER root
# Upgrade system packages to install security updates
RUN apk update && \
apk upgrade && \
rm -rf /var/cache/apk/*
USER $UID
# Un-privileged user running the application # Un-privileged user running the application
ARG DOCKER_USER ARG DOCKER_USER