Dockerfile aktualisiert

.drone.yml

@@ -26,7 +26,7 @@ steps:
         fi
 
   - name: security-scan
-    image: aquasec/trivy:latest
+    image: ghcr.io/aquasecurity/trivy:0.69.3
     commands:
       - trivy image --input image.tar --severity HIGH,CRITICAL --exit-code 1
 

Dockerfile

@@ -1,22 +1,27 @@
-# Base-Image
-FROM ubuntu:latest
+FROM alpine:3.21 AS build
 
-# Pakete installieren
-RUN apt-get update
-RUN apt-get install -y build-essential gcc curl vim net-tools
+RUN apk add --no-cache gcc musl-dev
 
-# Arbeitsverzeichnis setzen
 WORKDIR /app
-
-# alles kopieren
 COPY . .
-
-# Code kompilieren
 RUN gcc -o deployment deployment.c
 
-# Verzeichnis für Ausgabe anlegen
-RUN mkdir /output
+FROM alpine:3.21
 
-# Ausgabe wird ins Container-Dateisystem geschrieben
-ENTRYPOINT ["/bin/bash", "-c"]
-CMD ["./deployment 10 > /output/output.txt && tail -f /output/output.txt"]
+RUN adduser -D -u 1000 appuser
+
+WORKDIR /app
+
+RUN mkdir /output && chown appuser:appuser /output
+
+COPY --from=build /app/deployment .
+RUN chown appuser:appuser ./deployment
+
+VOLUME ["/output"]
+
+USER appuser
+
+HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
+  CMD test -f /output/output.txt || exit 1
+
+CMD ["sh", "-c", "./deployment 10 > /output/output.txt"]