From 6fa655eeb9bacc75b65481579eaf5772c9ccf81d Mon Sep 17 00:00:00 2001 From: vitaliichyrka Date: Wed, 25 Jun 2025 17:32:59 +0300 Subject: [PATCH 1/5] updated busybox, git-lfs, pam packages, systemd --- Dockerfile | 17 ++++++++++------- service.yaml | 2 +- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1b0e779..d8b625f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,26 +1,29 @@ #moving to ubuntu instead of debian to solve high vulnerabilities -FROM ubuntu:noble-20240605 +FROM ubuntu:noble-20250529 RUN apt-get update && \ apt-get install -y curl bash openssl git && \ apt-get clean RUN curl -s https://packagecloud.io/install/repositories/github/git-lfs/script.deb.sh | bash && \ - apt-get install git-lfs=3.5.1 && \ + apt-get install git-lfs=3.6.1 && \ git lfs install #installing busybox -ARG BUSYBOX_VERSION=1:1.36.1-6ubuntu3 +ARG BUSYBOX_VERSION=1:1.36.1-6ubuntu3.1 + +RUN apt-get update && \ + apt-get install busybox=${BUSYBOX_VERSION} && \ + ln -s /bin/busybox /usr/bin/[[ && \ + apt-get reinstall -y libpam-modules systemd -RUN apt-get install busybox=${BUSYBOX_VERSION} && \ - ln -s /bin/busybox /usr/bin/[[ COPY ./start.sh /run/start.sh RUN chmod +x /run/start.sh -# USER nodeuser + RUN addgroup --gid 3000 nodegroup \ && adduser --uid 3000 --home /home/nodeuser --ingroup nodegroup --shell /bin/sh --gecos "" --disabled-password nodeuser -USER nodeuser +#USER nodeuser CMD ["/run/start.sh"] diff --git a/service.yaml b/service.yaml index d76f22a..37f508a 100644 --- a/service.yaml +++ b/service.yaml @@ -1 +1 @@ -version: 10.3.1 +version: 10.3.2 From 58b36172eca2157d7da823cd92965fc01c687475 Mon Sep 17 00:00:00 2001 From: vitaliichyrka Date: Sat, 28 Jun 2025 08:22:20 +0300 Subject: [PATCH 2/5] corrected user --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d8b625f..ee16180 100644 --- a/Dockerfile +++ b/Dockerfile @@ -24,6 +24,6 @@ RUN chmod +x /run/start.sh RUN addgroup --gid 3000 nodegroup \ && adduser --uid 3000 --home /home/nodeuser --ingroup nodegroup --shell /bin/sh --gecos "" --disabled-password nodeuser -#USER nodeuser +USER nodeuser CMD ["/run/start.sh"] From 9760aa9019e9f63ad908fdf494518b0f48273557 Mon Sep 17 00:00:00 2001 From: vitaliichyrka Date: Tue, 1 Jul 2025 07:38:53 +0300 Subject: [PATCH 3/5] EMPTY From c946c9e00188e6cdbf6e534cd0b3d8d531378272 Mon Sep 17 00:00:00 2001 From: vitaliichyrka Date: Thu, 3 Jul 2025 11:54:16 +0300 Subject: [PATCH 4/5] updated ubuntu --- Dockerfile | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index ee16180..6f3ee5f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ #moving to ubuntu instead of debian to solve high vulnerabilities -FROM ubuntu:noble-20250529 +FROM ubuntu:noble-20250619 RUN apt-get update && \ apt-get install -y curl bash openssl git && \ @@ -14,8 +14,7 @@ ARG BUSYBOX_VERSION=1:1.36.1-6ubuntu3.1 RUN apt-get update && \ apt-get install busybox=${BUSYBOX_VERSION} && \ - ln -s /bin/busybox /usr/bin/[[ && \ - apt-get reinstall -y libpam-modules systemd + ln -s /bin/busybox /usr/bin/[[ COPY ./start.sh /run/start.sh From 717130473344beecae628aee72cdcad23b4d8ae2 Mon Sep 17 00:00:00 2001 From: vitaliichyrka Date: Thu, 3 Jul 2025 11:56:43 +0300 Subject: [PATCH 5/5] updated ubuntu --- Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 6f3ee5f..46b5ad2 100644 --- a/Dockerfile +++ b/Dockerfile @@ -16,11 +16,9 @@ RUN apt-get update && \ apt-get install busybox=${BUSYBOX_VERSION} && \ ln -s /bin/busybox /usr/bin/[[ - COPY ./start.sh /run/start.sh RUN chmod +x /run/start.sh - RUN addgroup --gid 3000 nodegroup \ && adduser --uid 3000 --home /home/nodeuser --ingroup nodegroup --shell /bin/sh --gecos "" --disabled-password nodeuser USER nodeuser