Draft: Secure the frontend container image
!!! DO NOT MERGE YET !!!
This MR introduces a more secure base image of nginx
that is unprivileged, and fixes some security vulnerabilities.
Depends on: https://code.europa.eu/oots/devops/oots-common-services-containers/-/merge_requests/24
Please Note: Breaking changes ahead...
This will introduce breaking changes, as the default port is changed to 8080
for security reasons.
We will probably have to update some manifests here:
- https://code.europa.eu/oots/common-services/cs-devops
- https://code.europa.eu/oots/devops/oots-common-services-containers
- https://code.europa.eu/oots/devops/oots-common-services-orchestration
From a functional point of view, the user would not know the difference, but our containers would be significantly more secure.