Skip to content

Commit 3f2f790

Browse files
chingor13chingor13
authored
build: update base image and upgrade dependencies (#5785)
1 parent 52322da commit 3f2f790

File tree

2 files changed

+47
-7
lines changed

2 files changed

+47
-7
lines changed

packages/auto-approve/Dockerfile

Lines changed: 17 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -14,9 +14,22 @@
1414

1515
# Use a multi-stage docker build to limit production dependencies.
1616

17-
# Use the official lightweight Node.js 14 image.
18-
# https://hub.docker.com/_/node
19-
FROM node:18.20.5-slim AS BUILD
17+
# Stage 0: Node.js Base Image
18+
FROM marketplace.gcr.io/google/debian12:latest AS NODE_BASE
19+
20+
# Install Node.js v18 and npm.
21+
RUN apt-get update && \
22+
apt-get upgrade -y && \
23+
apt-get install -y curl && \
24+
curl -fsSL https://deb.nodesource.com/setup_18.x | bash - && \
25+
apt-get install -y nodejs && \
26+
rm -rf /var/lib/apt/lists/*
27+
28+
# Remove unnecessary cross-spawn from npm to resolve CVE-2024-21538
29+
RUN rm -rf /usr/lib/node_modules/npm/node_modules/cross-spawn/
30+
31+
# Stage 1: Build
32+
FROM NODE_BASE AS BUILD
2033

2134
# Create and change to the app directory.
2235
WORKDIR /usr/src/app
@@ -34,10 +47,7 @@ COPY . ./
3447

3548
RUN npm run compile
3649

37-
FROM node:18.20.5-slim
38-
39-
# Remove unnecessary cross-spawn from npm to resolve CVE-2024-21538
40-
RUN rm -r /usr/local/lib/node_modules/npm/node_modules/cross-spawn/
50+
FROM NODE_BASE
4151

4252
# Create and change to the app directory.
4353
WORKDIR /usr/src/app

packages/auto-approve/cloudbuild-test.yaml

Lines changed: 30 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,30 @@
1+
# Copyright 2025 Google LLC
2+
#
3+
# Licensed under the Apache License, Version 2.0 (the "License");
4+
# you may not use this file except in compliance with the License.
5+
# You may obtain a copy of the License at
6+
#
7+
# http://www.apache.org/licenses/LICENSE-2.0
8+
#
9+
# Unless required by applicable law or agreed to in writing, software
10+
# distributed under the License is distributed on an "AS IS" BASIS,
11+
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12+
# See the License for the specific language governing permissions and
13+
# limitations under the License.
14+
15+
steps:
16+
- name: gcr.io/cloud-builders/docker
17+
id: "build-docker"
18+
waitFor: ["-"]
19+
dir: packages/auto-approve
20+
args:
21+
- "build"
22+
- "-f"
23+
- "Dockerfile"
24+
- "-t"
25+
- "gcr.io/$PROJECT_ID/auto-approve"
26+
- "."
27+
28+
logsBucket: 'gs://auto-approve-deploy-logs'
29+
options:
30+
logging: GCS_ONLY

0 commit comments

Comments
 (0)