From e3f374f5bc3c385374593455243c88e2f7dfc00d Mon Sep 17 00:00:00 2001
From: Isman Firmansyah <iromli@users.noreply.github.com>
Date: Thu, 7 Apr 2022 04:38:49 +0700
Subject: [PATCH] feat: remove Jython's pip from images (#1176)

---
 docker-jans-auth-server/Dockerfile | 3 +++
 docker-jans-scim/Dockerfile        | 2 +-
 2 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/docker-jans-auth-server/Dockerfile b/docker-jans-auth-server/Dockerfile
index 641acdbcb2c..031fbc7aad2 100644
--- a/docker-jans-auth-server/Dockerfile
+++ b/docker-jans-auth-server/Dockerfile
@@ -48,6 +48,9 @@ RUN wget -q https://github.com/fabioz/PyDev.Debugger/archive/refs/tags/pydev_deb
     && /opt/jython/bin/pip install . \
     && rm -rf /tmp/pydev_debugger* /tmp/PyDev.Debugger-*
 
+# uninstall Jython pip and easy_install to reduce vulnerabilities
+RUN /opt/jython/bin/pip uninstall -y pip
+
 # ===========
 # Auth server
 # ===========
diff --git a/docker-jans-scim/Dockerfile b/docker-jans-scim/Dockerfile
index ed5387153cf..a79009e70c6 100644
--- a/docker-jans-scim/Dockerfile
+++ b/docker-jans-scim/Dockerfile
@@ -38,7 +38,7 @@ EXPOSE 8080
 ARG JYTHON_VERSION=2.7.3
 RUN wget -q https://ox.gluu.org/maven/org/gluufederation/jython-installer/${JYTHON_VERSION}/jython-installer-${JYTHON_VERSION}.jar -O /tmp/jython-installer.jar \
     && mkdir -p /opt/jython \
-    && java -jar /tmp/jython-installer.jar -v -s -d /opt/jython \
+    && java -jar /tmp/jython-installer.jar -v -s -d /opt/jython -e ensurepip \
     && rm -f /tmp/jython-installer.jar /tmp/*.properties
 
 # ====