-
Notifications
You must be signed in to change notification settings - Fork 2
Expand file tree
/
Copy pathDockerfile-patched
More file actions
31 lines (23 loc) · 1.02 KB
/
Dockerfile-patched
File metadata and controls
31 lines (23 loc) · 1.02 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
#Build w/Maven 3.9.3-AmazonCorretto-20
FROM maven:3.9.2-amazoncorretto-20 as builder
COPY src /usr/src/app/src
COPY pom-patched.xml /usr/src/app/pom.xml
RUN mvn -f /usr/src/app/pom.xml clean package
# Use an official OpenJDK runtime as a parent image
FROM amazoncorretto:20-alpine
#Update apk upgrade libcrypto3 and libssl explicitly to 3.0.9-r1
RUN apk update && apk add musl==1.2.3-r5 ca-certificates-bundle==20230506-r0 libcrypto3==3.0.9-r1 libssl3==3.0.9-r1 musl-utils==1.2.3-r5
# Set the working directory to /app
WORKDIR /app
# Copy the fat jar into the container at /app
COPY --from=builder /usr/src/app/target/text4shell-poc.jar /app
# Document Port 8080 Listening of application
EXPOSE 8080
# Create a non-root user and group
RUN addgroup acme_group && adduser -D -H -G acme_group acme_user
# Change the ownership of the application files to the non-root user
RUN chown -R acme_user:acme_group /app
#Set user to run as acme_user
USER acme_user
# Run jar file when the container launches
CMD ["java", "-jar", "text4shell-poc.jar"]