[bre-936] harden kc container (#220)

* hardening dockerfile * test noble image * add version pins
4 months ago · b9961fed1b
2 changed files with 7 additions and 7 deletions
--- a/src/KeyConnector/Dockerfile
+++ b/src/KeyConnector/Dockerfile
@ -1,13 +1,13 @@
				@@ -1,13 +1,13 @@
-FROM mcr.microsoft.com/dotnet/aspnet:8.0
+FROM mcr.microsoft.com/dotnet/aspnet:8.0-noble

 LABEL com.bitwarden.product="bitwarden"

 RUN apt-get update \
    && apt-get install -y --no-install-recommends \
-    gosu=1.14* \
-    curl=7.88.1* \
-    libc6-dev=2.36* \
-    opensc=0.23.0* \
+    gosu=1.17* \
+    curl=8.5.0* \
+    libc6-dev=2.39* \
+    opensc=0.25.0* \
    && rm -rf /var/lib/apt/lists/*

 # Install YubiHSM2 SDK
@ -31,4 +31,4 @@ RUN chmod +x /entrypoint.sh
				@@ -31,4 +31,4 @@ RUN chmod +x /entrypoint.sh

 HEALTHCHECK CMD curl -f http://localhost:5000/health || exit 1

-ENTRYPOINT ["/entrypoint.sh"]
+ENTRYPOINT ["/entrypoint.sh"]
--- a/src/KeyConnector/entrypoint.sh
+++ b/src/KeyConnector/entrypoint.sh
@ -1,4 +1,4 @@
				@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/bin/sh

 # Setup