Security error in Dockerfile in inner-circle-ui

Sonar security check is connected only in inner-circle-ui, so in other services nothing blocks the pipelines and such issues don’t appear.

Things to pay attention to:

- [x] <img width="598" height="138" alt="Image" src="https://github.com/user-attachments/assets/b6292378-6463-4714-8a2b-83e03d28239c" />
This issue is solved on our side by having a dockerignore file, but Sonar scans files separately, so we just need to mark it as safe.

- [x] <img width="601" height="116" alt="Image" src="https://github.com/user-attachments/assets/50def601-ed36-4af9-a5be-0abe90170af7" />
We found a solution, which is presented in the PR: https://github.com/TourmalineCore/inner-circle-ui/pull/88

In this solution, we switch the Docker image to nginx-unprivileged, which doesn’t use a root user by default. Since using port 80 requires root privileges, we changed the ports to 8080 instead.

To make this work, you also need to override the container port in local-env, in the values-ui.yaml.gotmpl file, and set it to 8080.

We decided to keep this research as an experiment for now, since migrating all services to port 8080 would take a lot of time and resources.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Security error in Dockerfile in inner-circle-ui #239

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Security error in Dockerfile in inner-circle-ui #239

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions