fix security issue of the base image for slim. (#344)

This commit is contained in:
paderlol 2023-06-02 09:46:16 +08:00 committed by GitHub
parent 2ba66d0a6d
commit ac214ac776
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 9 additions and 11 deletions

View File

@ -1,5 +1,5 @@
FROM centos:7.9.2009
MAINTAINER pader "huangmnlove@163.com"
LABEL maintainer="pader <huangmnlove@163.com>"
# set environment
ENV MODE="cluster" \
@ -27,13 +27,12 @@ WORKDIR $BASE_DIR
RUN set -x \
&& yum update -y \
&& yum install -y java-1.8.0-openjdk java-1.8.0-openjdk-devel wget iputils nc vim libcurl
RUN wget --no-check-certificate https://github.com/alibaba/nacos/releases/download/${NACOS_VERSION}${HOT_FIX_FLAG}/nacos-server-${NACOS_VERSION}.tar.gz -P /home
RUN tar -xzvf /home/nacos-server-${NACOS_VERSION}.tar.gz -C /home \
&& rm -rf /home/nacos-server-${NACOS_VERSION}.tar.gz /home/nacos/bin/* /home/nacos/conf/*.properties /home/nacos/conf/*.example /home/nacos/conf/nacos-mysql.sql
RUN yum autoremove -y wget \
&& ln -snf /usr/share/zoneinfo/$TIME_ZONE /etc/localtime && echo $TIME_ZONE > /etc/timezone \
&& yum install -y java-1.8.0-openjdk java-1.8.0-openjdk-devel iputils nc vim libcurl \
&& yum clean all
RUN curl -SL https://github.com/alibaba/nacos/releases/download/${NACOS_VERSION}${HOT_FIX_FLAG}/nacos-server-${NACOS_VERSION}.tar.gz -o /home/nacos-server.tar.gz \
&& tar -xzvf /home/nacos-server.tar.gz -C /home \
&& rm -rf /home/nacos-server.tar.gz /home/nacos/bin/* /home/nacos/conf/*.properties /home/nacos/conf/*.example /home/nacos/conf/nacos-mysql.sql \
&& ln -snf /usr/share/zoneinfo/$TIME_ZONE /etc/localtime && echo $TIME_ZONE > /etc/timezone
@ -44,8 +43,7 @@ ADD conf/application.properties conf/application.properties
# set startup log dir
RUN mkdir -p logs \
&& cd logs \
&& touch start.out \
&& touch logs/start.out \
&& ln -sf /dev/stdout start.out \
&& ln -sf /dev/stderr start.out
RUN chmod +x bin/docker-startup.sh

View File

@ -8,7 +8,7 @@ RUN set -x \
&& tar -xzvf /var/tmp/nacos-server.tar.gz -C /home \
&& rm -rf /var/tmp/nacos-server.tar.gz /home/nacos/bin/* /home/nacos/conf/*.properties /home/nacos/conf/*.example /home/nacos/conf/nacos-mysql.sql
FROM openjdk:8-jre-slim
FROM adoptopenjdk/openjdk8:jre8u372-b07
# set environment
ENV MODE="cluster" \
@ -18,7 +18,7 @@ ENV MODE="cluster" \
CLUSTER_CONF="/home/nacos/conf/cluster.conf" \
FUNCTION_MODE="all" \
NACOS_USER="nacos" \
JAVA="/usr/local/openjdk-8/bin/java" \
JAVA="/opt/java/openjdk/bin/java" \
JVM_XMS="1g" \
JVM_XMX="1g" \
JVM_XMN="512m" \