-
Notifications
You must be signed in to change notification settings - Fork 87
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
* Fixed libcurl vulnerability * updated test cases * Update application.yml * Updated test cases
- Loading branch information
Showing
4 changed files
with
10 additions
and
20 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,55 +1,49 @@ | ||
| FROM alpine:3.18.2 AS java8 | ||
| FROM alpine:3.18.4 AS java8 | ||
|
|
||
| WORKDIR app | ||
| RUN apk update && \ | ||
| apk upgrade && \ | ||
| apk upgrade | ||
| RUN apk add openjdk8=8.372.07-r0 --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community | ||
| ENV JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk | ||
| RUN apk --no-cache add curl | ||
| RUN apk add sudo | ||
| RUN apk add libstdc++ | ||
| RUN apk add glib | ||
| RUN apk add krb5 pcre | ||
| RUN apk add bash | ||
| RUN curl -L "https://sca-downloads.s3.amazonaws.com/cli/latest/ScaResolver-musl64.tar.gz" -o "ScaResolver.tar.gz" && tar -vxzf ScaResolver.tar.gz && sudo mv ScaResolver Configuration.yml /app && rm ScaResolver.tar.gz | ||
| RUN wget "https://sca-downloads.s3.amazonaws.com/cli/latest/ScaResolver-musl64.tar.gz" -O "ScaResolver.tar.gz" && tar -xvzf ScaResolver.tar.gz && mv ScaResolver Configuration.yml /app && rm ScaResolver.tar.gz | ||
| COPY build/libs/*.jar cx-flow.jar | ||
| ENTRYPOINT ["java", "-Xms512m", "-Xmx2048m", "-Djava.security.egd=file:/dev/./urandom", "-Dspring.profiles.active=web", "-jar", "cx-flow.jar"] | ||
| EXPOSE 8080 | ||
|
|
||
|
|
||
| FROM alpine:3.18.2 AS java11 | ||
| FROM alpine:3.18.4 AS java11 | ||
|
|
||
| WORKDIR app | ||
| RUN apk update && \ | ||
| apk upgrade | ||
| RUN apk add openjdk11=11.0.20_p8-r2 --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community | ||
| ENV JAVA_HOME=/usr/lib/jvm/java-11-openjdk | ||
| RUN apk --no-cache add curl | ||
| RUN apk add sudo | ||
| RUN apk add libstdc++ | ||
| RUN apk add glib | ||
| RUN apk add krb5 pcre | ||
| RUN apk add bash | ||
| RUN curl -L "https://sca-downloads.s3.amazonaws.com/cli/latest/ScaResolver-musl64.tar.gz" -o "ScaResolver.tar.gz" && tar -vxzf ScaResolver.tar.gz && sudo mv ScaResolver Configuration.yml /app && rm ScaResolver.tar.gz | ||
| RUN wget "https://sca-downloads.s3.amazonaws.com/cli/latest/ScaResolver-musl64.tar.gz" -O "ScaResolver.tar.gz" && tar -xvzf ScaResolver.tar.gz && mv ScaResolver Configuration.yml /app && rm ScaResolver.tar.gz | ||
| COPY build/libs/java11/*.jar cx-flow.jar | ||
| ENTRYPOINT ["java", "-Xms512m", "-Xmx2048m","-Djava.security.egd=file:/dev/./urandom", "-Dspring.profiles.active=web", "-jar", "cx-flow.jar"] | ||
| EXPOSE 8080 | ||
|
|
||
| FROM alpine:3.18.2 AS cxgo8 | ||
| FROM alpine:3.18.4 AS cxgo8 | ||
|
|
||
| WORKDIR app | ||
| RUN apk update && \ | ||
| apk upgrade | ||
| RUN apk add openjdk8=8.302.08-r2 --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community | ||
| ENV JAVA_HOME=/usr/lib/jvm/java-1.8-openjdk | ||
| RUN apk --no-cache add curl | ||
| RUN apk add sudo | ||
| RUN apk add libstdc++ | ||
| RUN apk add glib | ||
| RUN apk add krb5 pcre | ||
| RUN apk add bash | ||
| RUN curl -L "https://sca-downloads.s3.amazonaws.com/cli/latest/ScaResolver-musl64.tar.gz" -o "ScaResolver.tar.gz" && tar -vxzf ScaResolver.tar.gz && sudo mv ScaResolver Configuration.yml /app && rm ScaResolver.tar.gz | ||
| RUN wget "https://sca-downloads.s3.amazonaws.com/cli/latest/ScaResolver-musl64.tar.gz" -O "ScaResolver.tar.gz" && tar -xvzf ScaResolver.tar.gz && mv ScaResolver Configuration.yml /app && rm ScaResolver.tar.gz | ||
| COPY build/libs/cxgo/*.jar cx-flow.jar | ||
| ENTRYPOINT ["java", "-Xms512m", "-Xmx2048m", "-Djava.security.egd=file:/dev/./urandom", "-Dspring.profiles.active=cxgo", "-jar", "cx-flow.jar"] | ||
| EXPOSE 8080 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters