Upgrade to nodejs 16.13.1 LTS version to address security vulnerabilities
NCBI GitLab runs security scans of the bcms Docker image on every build in 'develop' branch. It currently reports 176 Critical and 1243 High vulnerabilities, mostly because of the old not supported versions of various Linux system libraries, Python and nodejs packages. NCBI DevOps / Systems are asking us to address these security issues before production deployment.
I've tried using 16.13.1-buster-slim
as a base image. Here are the changes in Dockerfile I made, seems the image has been built successfully but the resulting container fails to run. Please correct / update as needed. Once a new container builds and runs successfully in 'develop' branch, we will review the vulnerability report again.
# IMAGE FOR BUILDING
FROM node:16.13.1-buster-slim
RUN apt-get update && apt-get install -y git python3 make g++
# IMAGE FOR RUNNING
FROM node:16.13.1-buster-slim as server