cicd(dockerfile): restrict package upgrade to vulnerable dependencies

eclipse-tractusx · Feb 16, 2023 · 9b46bf9 · 9b46bf9
1 parent e6d1481
commit 9b46bf9
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 2 deletions.
diff --git a/bpdm-gate/Dockerfile b/bpdm-gate/Dockerfile
@@ -5,7 +5,8 @@ RUN mvn -B -U clean package -pl bpdm-gate -am -DskipTests
 
 FROM eclipse-temurin:17-jre-alpine
 COPY --from=build /home/app/bpdm-gate/target/bpdm-gate.jar /usr/local/lib/bpdm/app.jar
-RUN apk upgrade
+RUN apk update
+RUN apk upgrade --no-cache libssl3 libcrypto3
 RUN addgroup -S bpdm && adduser -S bpdm -G bpdm
 USER bpdm
 WORKDIR /usr/local/lib/bpdm

diff --git a/bpdm-pool/Dockerfile b/bpdm-pool/Dockerfile
@@ -5,7 +5,8 @@ RUN mvn -B -U clean package -pl bpdm-pool -am -DskipTests
 
 FROM eclipse-temurin:17-jre-alpine
 COPY --from=build /home/app/bpdm-pool/target/bpdm-pool.jar /usr/local/lib/bpdm/app.jar
-RUN apk upgrade
+RUN apk update
+RUN apk upgrade --no-cache libssl3 libcrypto3
 RUN addgroup -S bpdm && adduser -S bpdm -G bpdm
 USER bpdm
 WORKDIR /usr/local/lib/bpdm