Details
-
Improvement
-
Status: Resolved
-
Major
-
Resolution: Fixed
-
None
-
None
Description
Rohit Verma on the mailing list raised using a "more hardened base image like distroless".
I'll admit that I'm personally not a huge fan of "FROM bitnami/tomcat:7.0.94" myself! Any contributions you'd like to make on this front would be very very welcome, from my side.
https://github.com/GoogleContainerTools/distroless is a great alternative. (BTW https://access.redhat.com/containers/?tab=images#/registry.access.redhat.com/redhat-openjdk-18/openjdk18-openshift is a another great choice, if you're into something supported.)
Your mission, should you choose to accept it and work on this issue, would be to raise a PR modifying our Dockerfile, but then still have the related test at the end of .travis.yml pass - everything (container, Docker Compose, Kubernetes) should, obviously, still "work as is", even if you go for changing the base image. Makes sense and sounds fair?
PS: What we really should do at some point is move away from 1990s style WAR-in-Tomcat, and make java -jar fineract.war work instead (and then use that in the container)... people working on this could also contribute, before or after, to FINERACT-730. (On a related front, there's also FINERACT-764, but both are probably independent enough from each other to be tackled separately.)
Attachments
Issue Links
- blocks
-
FINERACT-978 java.lang.reflect.InvocationTargetException at jdk.internal.reflect.NativeMethodAccessorImpl.invoke0 (Native Method) Caused by: java.lang.IllegalStateException: Logback configuration error detected:
-
- Resolved
-
-
-
- Closed
-
-
FINERACT-882 Include UI in Fineract Kubernetes example deployment descriptor
-
- Open
-
-
-
- Open
-
- is blocked by
-
-
- Resolved
-
- is duplicated by
-
-
- Closed
-
-
-
- Closed
-
- relates to
-
-
- Open
-
- links to