Dockerfile updates, and npm audit fix

samuelberston · Nov 19, 2024 · a9a3fc3 · a9a3fc3
1 parent 9fb7c56
commit a9a3fc3
Show file tree

Hide file tree

Showing 3 changed files with 16 additions and 11 deletions.
diff --git a/backend/Dockerfile b/backend/Dockerfile
@@ -1,4 +1,4 @@
-FROM node:20-alpine 
+FROM node:20-alpine3.19
 
 # Set working directory
 WORKDIR /auth-server
@@ -8,15 +8,18 @@ RUN addgroup -S appgroup && adduser -S appuser -G appgroup
 
 # Install dependencies
 COPY package.json package-lock.json ./
-RUN npm install --production
+RUN npm ci --production
+RUN npm audit --audit-level=moderate && \
+    npm cache clean --force
 
 # Copy application code
-COPY . .
+COPY --chown=appuser:appgroup . .
 
 # Set ownership and permissions
-RUN chown -R appuser:appgroup /auth-server && \
-    mkdir logs && \
-    chown -R appuser:appgroup /auth-server/logs
+RUN mkdir logs && \
+    chown -R appuser:appgroup /auth-server/logs && \
+    chmod -R 550 /auth-server && \
+    chmod -R 770 /auth-server/logs
 
 # Switch to non-root user
 USER appuser

diff --git a/backend/package-lock.json b/backend/package-lock.json
diff --git a/frontend/Dockerfile b/frontend/Dockerfile
@@ -1,5 +1,5 @@
 # Use the official Node.js LTS image
-FROM node:20-alpine
+FROM node:20-alpine3.19
 
 # Create a non-root user
 RUN addgroup -S appgroup && adduser -S appuser -G appgroup
@@ -11,7 +11,9 @@ WORKDIR /usr/src/app
 COPY --chown=appuser:appgroup package*.json ./
 
 # Install dependencies
-RUN npm install --production
+RUN npm ci --production
+RUN npm audit --audit-level=moderate && \
+    npm cache clean --force
 
 # Copy the rest of the application code with correct ownership
 COPY --chown=appuser:appgroup . .