Skip to content

Dockerfile tweaks #5657

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
nscuro merged 1 commit into from
Jan 3, 2026
Merged

Dockerfile tweaks #5657

nscuro merged 1 commit into from
Jan 3, 2026

Conversation

@nscuro
Copy link
Member

@nscuro nscuro commented Jan 2, 2026

Description

  • Uses recommended JSON array notation for CMD directives.
  • Suppresses warnings for sun.misc.Unsafe usage (for Lucene) emitted by Java 25.
  • Removes undesired || true and || exit 1 occurrences as they don't provide any benefit.
  • Specifies --chown for COPY directives to make ownership more explicit.
  • Switches from wget to curl for health check as it has the same flags in Alpine and Debian, which wget does not have.

Addressed Issue

N/A

Additional Details

N/A

Checklist

  • I have read and understand the contributing guidelines
  • This PR fixes a defect, and I have provided tests to verify that the fix is effective
  • This PR implements an enhancement, and I have provided tests to verify that it works as intended
  • This PR introduces changes to the database model, and I have added corresponding update logic
  • This PR introduces new or alters existing behavior, and I have updated the documentation accordingly

@nscuro nscuro added this to the 4.14.0 milestone Jan 2, 2026
@nscuro nscuro added the enhancement New feature or request label Jan 2, 2026
Copilot AI review requested due to automatic review settings January 2, 2026 14:48
@owasp-dt-bot
Copy link

owasp-dt-bot commented Jan 2, 2026
edited
Loading

Snyk checks have passed. No issues have been found so far.

Status Scanner Critical High Medium Low Total (0)
Open Source Security 0 0 0 0 0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

Copilot AI reviewed Jan 2, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR modernizes the Dockerfile configurations for Dependency-Track with several improvements focused on best practices and compatibility.

Key changes:

  • Converts CMD and HEALTHCHECK directives to JSON array notation for better signal handling
  • Adds --sun-misc-unsafe-memory-access=allow flag to suppress Lucene-related warnings in Java 25
  • Replaces wget with curl for health checks to maintain consistent command-line flags across Alpine and Debian base images
  • Removes unnecessary || true and || exit 1 error handling from user/group creation commands
  • Adds explicit --chown flags to COPY directives for clearer ownership management

Reviewed changes

Copilot reviewed 4 out of 4 changed files in this pull request and generated 2 comments.

File Description
src/main/docker/Dockerfile Updates Debian-based Dockerfile with JSON array notation, curl installation, --chown flags, and Java 25 unsafe memory access flag
src/main/docker/Dockerfile.alpine Updates Alpine-based Dockerfile with JSON array notation, curl installation, --chown flags, and Java 25 unsafe memory access flag
src/main/docker/docker-compose.yml Comments out healthcheck configuration (now handled by Dockerfile) with Podman Compose compatibility note and updates curl syntax
dev/docker-compose.yml Changes image tag to snapshot-alpine variant and removes healthcheck override

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@nscuro
Dockerfile tweaks
a6f962a 
* Uses recommended JSON array notation for `CMD` directives.
* Suppresses warnings for `sun.misc.Unsafe` usage (for Lucene) emitted by Java 25.
* Removes undesired `|| true` and `|| exit 1` occurrences as they don't provide any benefit.
* Specifies `--chown` for COPY directives to make ownership more explicit.
* Switches from `wget` to `curl` for health check as it has the same flags in Alpine and Debian, which wget does not have.

Signed-off-by: nscuro <[email protected]>
@nscuro nscuro force-pushed the dockerfile-tweaks branch from 7aa42d2 to a6f962a Compare January 2, 2026 14:57
@codacy-production
Copy link

codacy-production bot commented Jan 2, 2026

Coverage summary from Codacy

See diff coverage on Codacy

Coverage variation Diff coverage
+0.00% (target: -1.00%) (target: 70.00%)
Coverage variation details
Coverable lines Covered lines Coverage
Common ancestor commit (7e3c0bd) 24511 19939 81.35%
Head commit (a6f962a) 24511 (+0) 19939 (+0) 81.35% (+0.00%)

Coverage variation is the difference between the coverage for the head and common ancestor commits of the pull request branch: <coverage of head commit> - <coverage of common ancestor commit>

Diff coverage details
Coverable lines Covered lines Diff coverage
Pull request (#5657) 0 0 ∅ (not applicable)

Diff coverage is the percentage of lines that are covered by tests out of the coverable lines that the pull request added or modified: <covered lines added or modified>/<coverable lines added or modified> * 100%

See your quality gate settings    Change summary preferences

@nscuro nscuro merged commit 07f104a into DependencyTrack:master Jan 3, 2026
11 checks passed
@nscuro nscuro deleted the dockerfile-tweaks branch January 3, 2026 11:43
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

4.14.0

Development

Successfully merging this pull request may close these issues.

2 participants

@nscuro @owasp-dt-bot