fix: Use node image instead of curl download

Dockerfile.development

@@ -22,27 +22,19 @@ RUN --mount=type=cache,target=/usr/local/cargo/registry \
 # Setting up build directories
 FROM --platform=${BUILDPLATFORM} cgr.dev/chainguard/glibc-dynamic:latest-dev
 
+# Node image
+FROM cgr.dev/chainguard/node:latest-dev AS node
+
 WORKDIR /app
 
 COPY --from=base --chown=nonroot:nonroot /usr/app/bin/openzeppelin-relayer /app/openzeppelin-relayer
 
-# Install plugin dependencies
-ARG TARGETARCH
-ENV NODE_VERSION=v20.19.2
-
-# Install Node.js
-USER root
-RUN apk add --no-cache curl && \
-    curl -fsSL https://nodejs.org/download/release/${NODE_VERSION}/node-${NODE_VERSION}-linux-${TARGETARCH}.tar.xz \
-    | tar -xJ --strip-components=1 -C /usr/local
-ENV PATH="/usr/local/bin:$PATH"
-
 # Install pnpm and ts-node
+USER root
 RUN npm install -g pnpm ts-node typescript
 
 # Copy plugins folder and install dependencies
-COPY ./plugins /app/plugins
-RUN chown -R nonroot:nonroot /app/plugins
+COPY --chown=nobody ./plugins /app/plugins
 WORKDIR /app/plugins
 RUN pnpm install --frozen-lockfile
 
@@ -54,5 +46,7 @@ ENV METRICS_PORT=8081
 
 EXPOSE ${APP_PORT}/tcp ${METRICS_PORT}/tcp
 
+USER nobody
+
 # starting up
 ENTRYPOINT ["/app/openzeppelin-relayer"]

Dockerfile.production

@@ -17,28 +17,21 @@ RUN --mount=type=cache,target=/usr/local/cargo/registry \
 # Setting up build directories
 FROM --platform=${BUILDPLATFORM} cgr.dev/chainguard/glibc-dynamic:latest
 
+# Node image
+FROM cgr.dev/chainguard/node:latest AS node
+ENV NODE_ENV=production
+
 WORKDIR /app
 COPY --from=base --chown=nonroot:nonroot /usr/app/bin/openzeppelin-relayer /app/openzeppelin-relayer
 COPY --from=base /usr/lib/libssl.so.3 /usr/lib/libssl.so.3
 COPY --from=base /usr/lib/libcrypto.so.3 /usr/lib/libcrypto.so.3
 
-# Install plugin dependencies
-ARG TARGETARCH
-ENV NODE_VERSION=v20.19.2
-
-# Install Node.js
-USER root
-RUN apk add --no-cache curl && \
-    curl -fsSL https://nodejs.org/download/release/${NODE_VERSION}/node-${NODE_VERSION}-linux-${TARGETARCH}.tar.xz \
-    | tar -xJ --strip-components=1 -C /usr/local
-ENV PATH="/usr/local/bin:$PATH"
-
 # Install pnpm and ts-node
+USER root
 RUN npm install -g pnpm ts-node typescript
 
 # Copy plugins folder and install dependencies
-COPY ./plugins /app/plugins
-RUN chown -R nonroot:nonroot /app/plugins
+COPY --chown=nobody ./plugins /app/plugins
 WORKDIR /app/plugins
 RUN pnpm install --frozen-lockfile
 
@@ -51,5 +44,7 @@ ENV METRICS_PORT=8081
 
 EXPOSE ${APP_PORT}/tcp ${METRICS_PORT}/tcp
 
+USER nobody
+
 # starting up
 ENTRYPOINT ["/app/openzeppelin-relayer"]