cameleer-server

cameleer/cameleer-server

Fork 0

Commit Graph

Author	SHA1	Message	Date
hsiegeln	7e7bd06bca	docs(handoff): runtime-base image hardening — Chainguard JRE switch for SaaS team One-line FROM swap from eclipse-temurin:21-jre-alpine to cgr.dev/chainguard/jre:openjdk-21 plus deletion of the dead ENTRYPOINT. Wins: glibc (fixes hidden Netty/Snappy/JNI compatibility risk on musl), daily rebuilds, signed images + SBOM, near-zero baseline CVEs by design. No cameleer-server orchestrator change required; runtime contract unchanged. Distroless and jlink/scratch covered as optional/not-recommended follow-ups with rationale. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-04-28 09:34:09 +02:00

Author

SHA1

Message

Date

hsiegeln

7e7bd06bca

docs(handoff): runtime-base image hardening — Chainguard JRE switch for SaaS team

One-line FROM swap from eclipse-temurin:21-jre-alpine to
cgr.dev/chainguard/jre:openjdk-21 plus deletion of the dead ENTRYPOINT.
Wins: glibc (fixes hidden Netty/Snappy/JNI compatibility risk on musl),
daily rebuilds, signed images + SBOM, near-zero baseline CVEs by design.
No cameleer-server orchestrator change required; runtime contract
unchanged. Distroless and jlink/scratch covered as optional/not-recommended
follow-ups with rationale.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-04-28 09:34:09 +02:00

1 Commits