.drone.yml aktualisiert

.drone.yml

@@ -26,7 +26,7 @@ steps:
         fi
 
   - name: security-scan
-    image: ghcr.io/aquasecurity/trivy:0.69.3
+    image: aquasec/trivy:0.58.2
     commands:
       - trivy image --input image.tar --severity HIGH,CRITICAL --exit-code 1
 
@@ -46,8 +46,8 @@ steps:
       #- git remote set-url origin https://git.efi.th-nuernberg.de/gitea/freudenreichan/EinfuehrungInDocker_Pipeline2
 
       # Repo clonen
-      - git clone https://git.efi.th-nuernberg.de/gitea/freudenreichan/EinfuehrungInDocker_Pipeline2.git
+      - git clone https://git.efi.th-nuernberg.de/gitea/kuerzdoerferta96614/EinfuehrungInDocker_Pipeline2.git
-      - cd EinfuehrungInDocker_Pipeline
+      - cd EinfuehrungInDocker_Pipeline2
 
       # Branch wechseln oder erstellen
       - git checkout drone-artifacts || git checkout -b drone-artifacts

Dockerfile

@@ -1,22 +1,29 @@
-# Base-Image
+FROM alpine:3.13 AS builder
-FROM ubuntu:latest
 
-# Pakete installieren
+RUN apk add --no-cache build-base
-RUN apt-get update
-RUN apt-get install -y build-essential gcc curl vim net-tools
 
-# Arbeitsverzeichnis setzen
 WORKDIR /app
-
-# alles kopieren
 COPY . .
-
-# Code kompilieren
 RUN gcc -o deployment deployment.c
 
-# Verzeichnis für Ausgabe anlegen
+FROM alpine:3.13
-RUN mkdir /output
 
-# Ausgabe wird ins Container-Dateisystem geschrieben
+RUN addgroup -g 1000 appgroup && \
-ENTRYPOINT ["/bin/bash", "-c"]
+    adduser -D -u 1000 -G appgroup appuser
+
+WORKDIR /app
+
+COPY --from=builder /app/deployment /app/deployment
+
+RUN mkdir /output && \
+    chown -R appuser:appgroup /app /output
+
+USER appuser
+
+VOLUME /output
+
+HEALTHCHECK --interval=30s --timeout=5s --start-period=10s --retries=3 \
+    CMD ps | grep -q '[d]eployment' || exit 1
+
+ENTRYPOINT ["/bin/sh", "-c"]
 CMD ["./deployment 10 > /output/output.txt && tail -f /output/output.txt"]