chore: Update openssl to address a security vulnerability (#162)

* chore: Update openssl to address a security vulnerability * chore: remove --no-cache
Unleash · Jan 25, 2024 · ae471e5 · ae471e5
1 parent 9868698
commit ae471e5
Showing 1 changed file with 7 additions and 2 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -8,10 +8,16 @@ RUN yarn install --frozen-lockfile --ignore-scripts
 
 RUN yarn build
 
-RUN yarn install --production  --frozen-lockfile --ignore-scripts --prefer-offline
+RUN yarn install --production --frozen-lockfile --ignore-scripts --prefer-offline
 
 FROM node:18-alpine
 
+# Update OpenSSL to address CVE-2023-6237
+RUN apk update && \
+    apk upgrade openssl && \
+    apk add tini && \
+    rm -rf /var/cache/apk/*
+
 ENV NODE_ENV production
 
 WORKDIR /unleash-proxy
@@ -22,7 +28,6 @@ RUN rm -rf /usr/local/lib/node_modules/npm/
 
 RUN chown -R node:node /unleash-proxy
 
-RUN apk add --no-cache tini
 ENTRYPOINT ["/sbin/tini", "--"]
 
 EXPOSE 4242