mirror of
https://github.com/VictoriaMetrics/VictoriaMetrics.git
synced 2024-11-21 14:44:00 +00:00
747c39d714
libcrypto3 and libssl3 in Alpine 3.18.0 have versions `3.1.0-r4` which contains CVE-2023-2650: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2650 Use ALpine image 3.18.2 which contains fixed versions of libssl3 and libcrypto3: 3.1.1-r0 NB: In Openshift these containers are marked as vulnerabilities because of these CVEs.
18 lines
537 B
Text
18 lines
537 B
Text
FROM golang:1.20.5 as build-web-stage
|
|
COPY build /build
|
|
|
|
WORKDIR /build
|
|
COPY web/ /build/
|
|
RUN GOOS=linux GOARCH=amd64 CGO_ENABLED=0 go build -o web-amd64 github.com/VictoriMetrics/vmui/ && \
|
|
GOOS=windows GOARCH=amd64 CGO_ENABLED=0 go build -o web-windows github.com/VictoriMetrics/vmui/
|
|
|
|
FROM alpine:3.18.2
|
|
USER root
|
|
|
|
COPY --from=build-web-stage /build/web-amd64 /app/web
|
|
COPY --from=build-web-stage /build/web-windows /app/web-windows
|
|
RUN adduser -S -D -u 1000 web && chown -R web /app
|
|
|
|
USER web
|
|
EXPOSE 8080
|
|
ENTRYPOINT ["/app/web"]
|