fix: improve docker image security

sovity · Jul 24, 2023 · 752ddca · 752ddca
1 parent 049f051
commit 752ddca
Showing 1 changed file with 7 additions and 8 deletions.
diff --git a/connector/Dockerfile b/connector/Dockerfile
@@ -1,13 +1,12 @@
-FROM gradle:7.6.0-jdk17 AS build
+FROM gradle:7-jdk17-alpine AS build
 
 ARG BUILD_ARGS
 
 COPY --chown=gradle:gradle . /home/gradle/project/
 WORKDIR /home/gradle/project/
 RUN --mount=type=cache,target=/home/gradle/.gradle/caches gradle build --no-daemon $BUILD_ARGS
 
-# -buster is required to have apt available
-FROM openjdk:17-slim-buster
+FROM eclipse-temurin:17-alpine
 
 ARG EDC_LAST_COMMIT_INFO_ARG="The docker container was built outside of github actions and you didn't provide the build arg EDC_LAST_COMMIT_INFO_ARG, so there's no last commit info."
 ENV EDC_LAST_COMMIT_INFO=$EDC_LAST_COMMIT_INFO_ARG
@@ -18,11 +17,11 @@ ENV EDC_BUILD_DATE=$EDC_BUILD_DATE_ARG
 # Optional JVM arguments, such as memory settings
 ARG JVM_ARGS=""
 
-# Install curl, then delete apt indexes to save image space
-RUN apt update \
-    && apt install -y curl \
-    && rm -rf /var/cache/apt/archives /var/lib/apt/lists \
-    && touch /emtpy-properties-file.properties
+# Install curl for healthcheck
+RUN apk update && apk install --no-cache -y curl
+
+# Create empty properties file to avoid errors when loading properties
+RUN touch /emtpy-properties-file.properties
 
 WORKDIR /app