Skip to content

chore(deps): update docker #10212

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
renovate-bot wants to merge 2 commits into
base: main
Choose a base branch
from
Open

chore(deps): update docker #10212

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
e9f5498
chore(deps): update docker
renovate-bot Feb 1, 2026
5b07312
fix: use a more current image + remove extraneous comments
iennae Feb 3, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
14 changes: 1 addition & 13 deletions auth/src/main/java/com/google/cloud/auth/samples/customcredentials/aws/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,33 +1,21 @@
# Build the application
FROM maven:3.9-eclipse-temurin-17 AS builder

WORKDIR /app

# Copy only the build config first (for better layer caching)
COPY pom.xml .
COPY src ./src

# 'clean package': Compiles the code and creates the thin jar in /app/target
# 'dependency:copy-dependencies': Copies all JARs to /app/target/libs
# We explicitly set -DoutputDirectory so we know EXACTLY where they are.
RUN mvn clean package dependency:copy-dependencies \
-DoutputDirectory=target/libs \
-DskipTests

# Run the application
FROM eclipse-temurin:17-jre-focal
FROM eclipse-temurin:17.0.17_10-jre
Copy link
Contributor

@iennae iennae Feb 3, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

eclipse-temurin:17-jre-focal has a few vulnerabilities and hasn't been updated in 10 months and is a floating tag that is based on the ubuntu os

17.0.17_10-jre was recently released and has 0 vulnerabilities but is generally a minimal distribution


# Security: Create a non-root user
RUN useradd -m appuser
USER appuser
WORKDIR /app

# Copy the Thin Jar
COPY --from=builder --chown=appuser:appuser /app/target/auth-1.0.jar app.jar

# Copy the Dependencies (The libraries)
COPY --from=builder --chown=appuser:appuser /app/target/libs lib/

# Run with Classpath
# We add 'app.jar' and everything in 'lib/' to the classpath.
CMD ["java", "-cp", "app.jar:lib/*", "com.google.cloud.auth.samples.customcredentials.aws.CustomCredentialSupplierAwsWorkload"]
2 changes: 1 addition & 1 deletion run/image-processing/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@
# It's important to use JDK 8u191 or above that has container support enabled.
# https://hub.docker.com/_/eclipse-temurin/
# https://docs.docker.com/develop/develop-images/multistage-build/#use-multi-stage-builds
FROM eclipse-temurin:17.0.16_8-jre
FROM eclipse-temurin:17.0.17_10-jre

# Install Imagemagick into the container image.
# For more on system packages review the system packages tutorial.
Expand Down
2 changes: 1 addition & 1 deletion run/system-package/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
# [START cloudrun_system_package_dockerfile]
# Use the Official eclipse-temurin image for a lean production stage of our multi-stage build.
# https://hub.docker.com/_/eclipse-temurin/
FROM eclipse-temurin:17.0.16_8-jre
FROM eclipse-temurin:17.0.17_10-jre

RUN apt-get update -y && apt-get install -y \
graphviz \
Expand Down