EPMRPP-81362 || Fix security vulnerabilities (#58)

reportportal · Feb 17, 2023 · 4b1f164 · 4b1f164
1 parent e52c648
commit 4b1f164
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 5 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,9 +1,10 @@
-FROM alpine:latest
+FROM amazoncorretto:11.0.17
 LABEL version=5.7.3 description="EPAM Report portal. Service jobs" maintainer="Andrei Varabyeu <andrei_varabyeu@epam.com>, Hleb Kanonik <hleb_kanonik@epam.com>"
 ARG GH_TOKEN
-RUN apk -U -q upgrade && apk --no-cache -q add openjdk11 ca-certificates && \
-	echo 'exec java ${JAVA_OPTS} -jar service-jobs-5.7.3-exec.jar' > /start.sh && chmod +x /start.sh && \
-	wget --header="Authorization: Bearer ${GH_TOKEN}"  -q https://maven.pkg.github.com/reportportal/service-jobs/com/epam/reportportal/service-jobs/5.7.3/service-jobs-5.7.3-exec.jar
+ARG GH_URL=https://__:$GH_TOKEN@maven.pkg.github.com/reportportal/service-jobs/com/epam/reportportal/service-jobs/5.7.3/service-jobs-5.7.3-exec.jar
+RUN curl -O -L $GH_URL \
+    --output service-jobs-5.7.3-exec.jar && \
+    echo 'exec java ${JAVA_OPTS} -jar service-jobs-5.7.3-exec.jar' > /start.sh && chmod +x /start.sh
 ENV JAVA_OPTS="-Xmx512m -XX:+UseG1GC -XX:InitiatingHeapOccupancyPercent=70 -Djava.security.egd=file:/dev/./urandom"
 VOLUME ["/tmp"]
 EXPOSE 8080

diff --git a/build.gradle b/build.gradle
@@ -1,5 +1,5 @@
 plugins {
-    id 'org.springframework.boot' version '2.5.14'
+    id 'org.springframework.boot' version '2.7.0'
     id 'io.spring.dependency-management' version '1.0.11.RELEASE'
     id 'java'
 }
@@ -79,6 +79,8 @@ dependencies {
 //    implementation 'com.google.guava:guava:30.0-jre';
 
     compile "com.rabbitmq:http-client:2.1.0.RELEASE"
+    //Fix CVE
+    implementation 'com.fasterxml.jackson.core:jackson-databind:2.13.4.2'
 
     runtimeOnly 'org.postgresql:postgresql'