Sicherheitscheck update

2026-04-22 19:59:10 +02:00 · 2026-04-22 19:59:10 +02:00 · 32d5fa1ccc
commit 32d5fa1ccc
parent 65af3e65c9
1 changed files with 19 additions and 3 deletions
--- a/22
+++ b/22
@ -1,8 +1,7 @@
 # Base-Image
-FROM alpine:latest 
+FROM alpine:latest AS builder

 # Pakete installieren
-RUN apk upgrade --no-cache
 RUN apk add --no-cache build-base

 # Arbeitsverzeichnis setzen
@ -14,8 +13,25 @@ COPY . .
 # Code kompilieren
 RUN gcc -o deployment deployment.c

+# Stage 2
+FROM alpine:latest
+
+RUN apk upgrade --no-cache
+
+RUN addgroup -S stdgroup && adduser -S stduser -G stdgroup
+
+WORKDIR /app
+
+COPY --from=builder /app/deployment .
+
+
 # Verzeichnis für Ausgabe anlegen
-RUN mkdir /output
+RUN mkdir /output && chown stduser:stdgroup /output
+
+VOLUME ["/output"]
+USER stduser
+
+HEALTHCHECK --interval=30s --timeout=5s --start-period=15s --retries=3 CMD test -f /output/output.txt || exit 1

 # Ausgabe wird ins Container-Dateisystem geschrieben
 ENTRYPOINT ["/bin/bash", "-c"]