From de957da33e453e5c7fff7495366002a868ac8ec2 Mon Sep 17 00:00:00 2001
From: Jan Vlug <jan.public@famvlug.nl>
Date: Tue, 9 May 2023 14:39:28 +0200
Subject: [PATCH 1/4] Use sp harbor proxy

---
 Dockerfile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4af297d..f93a781 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 # ----
-FROM maven:3.8.3-openjdk-17-slim AS BUILD_IMAGE
+FROM harbor.cicd.s15m.nl/docker-hub-proxy/library/maven:3.8.3-openjdk-17-slim AS BUILD_IMAGE
 
 WORKDIR /var/build/widoco
 
@@ -15,4 +15,4 @@ WORKDIR /usr/local/widoco
 
 COPY --from=BUILD_IMAGE /var/build/widoco/JAR/widoco.jar .
 
-ENTRYPOINT ["sh", "-c", "java ${JAVA_OPTS} -jar widoco.jar ${0} ${@}"]
\ No newline at end of file
+ENTRYPOINT ["sh", "-c", "java ${JAVA_OPTS} -jar widoco.jar ${0} ${@}"]

From f44606ca6e3e5d95231888a5c7cb80d197b684e2 Mon Sep 17 00:00:00 2001
From: Jan Vlug <jan.public@famvlug.nl>
Date: Thu, 4 Jan 2024 13:24:02 +0100
Subject: [PATCH 2/4] Make example work with SELinux

---
 README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index ceb698e..6011b5b 100644
--- a/README.md
+++ b/README.md
@@ -125,8 +125,8 @@ with host directories. For instance:
 
 ```bash
 docker run -ti --rm \
-  -v `pwd`/test:/usr/local/widoco/in \
-  -v `pwd`/target/generated-doc:/usr/local/widoco/out \
+  -v `pwd`/test:/usr/local/widoco/in:Z \
+  -v `pwd`/target/generated-doc:/usr/local/widoco/out:Z \
   dgarijo/widoco -ontFile in/bne.ttl -outFolder out -rewriteAll
 ```
 

From 33526ded7cd8adad59036c7800549326ff972a7f Mon Sep 17 00:00:00 2001
From: Jan Vlug <jan.public@famvlug.nl>
Date: Thu, 4 Jan 2024 13:25:07 +0100
Subject: [PATCH 3/4] Run widoco unpriviliged

---
 Dockerfile | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index bf26dd5..907c259 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,6 +14,12 @@ FROM openjdk:17-slim
 RUN apt-get update
 RUN apt-get install -y libfreetype6 fontconfig
 
+RUN useradd widoco
+RUN mkdir -p /usr/local/widoco
+RUN chown -R widoco:widoco /usr/local/widoco
+
+USER widoco
+
 WORKDIR /usr/local/widoco
 
 COPY --from=BUILD_IMAGE /var/build/widoco/JAR/widoco.jar .

From 73eb8dff2a1e2c18d03fe1763dbee7776b4fc81e Mon Sep 17 00:00:00 2001
From: Jan Vlug <jan.public@famvlug.nl>
Date: Thu, 4 Jan 2024 13:29:17 +0100
Subject: [PATCH 4/4] Revert to original base image

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index 907c259..38d5c65 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 # ----
-FROM harbor.cicd.s15m.nl/docker-hub-proxy/library/maven:3.8.3-openjdk-17-slim AS BUILD_IMAGE
+FROM maven:3.8.3-openjdk-17-slim AS BUILD_IMAGE
 
 WORKDIR /var/build/widoco