From c1b0459f868ebba494f601757e8cace0fe5b06a2 Mon Sep 17 00:00:00 2001
From: Fredrik Lundhag <f@mekk.com>
Date: Thu, 22 Aug 2024 22:08:25 +0200
Subject: [PATCH] Fix docker vulnerabilites by upgrading node image (#551)

* fix: Dockerfile to reduce vulnerabilities (#29)

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-ALPINE315-ZLIB-2976173
- https://snyk.io/vuln/SNYK-ALPINE315-OPENSSL-3314621
- https://snyk.io/vuln/SNYK-ALPINE315-OPENSSL-3314622
- https://snyk.io/vuln/SNYK-ALPINE315-OPENSSL-3314629
- https://snyk.io/vuln/SNYK-ALPINE315-OPENSSL-3368753

Co-authored-by: snyk-bot <snyk-bot@snyk.io>

* Do rebase outside of the make instead

* Use 22-alpine for docker

---------

Co-authored-by: snyk-bot <snyk-bot@snyk.io>
---
 Dockerfile | 4 ++--
 Makefile   | 1 -
 2 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index e7eb6e334..c2488dc4a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,11 +1,11 @@
-FROM node:17.8-alpine3.15
+FROM node:22-alpine
 
 EXPOSE 8061
 
 WORKDIR /iframely
 
 # Create new non-root user
-RUN addgroup -S iframelygroup && adduser -S iframely -G iframelygroup
+RUN addgroup --system iframelygroup && adduser --system iframely -G iframelygroup
 RUN apk add g++ make python3
 
 # This will change the config to `config.<VALUE>.js` and the express server to change its behaviour.
diff --git a/Makefile b/Makefile
index a755791da..f1b991a40 100644
--- a/Makefile
+++ b/Makefile
@@ -7,7 +7,6 @@ PUBLISHPORT := ${EXPOSEPORT}
 
 build:
 	git checkout main 
-	git pull --rebase upstream main
 	git branch -f tag-${VERSION}
 	git checkout tag-${VERSION}
 	docker \