docs: replaces openjdk-alpine with slim image on SAST docs
What does this MR do?
Replaces openjdk-alpine maven:3.6-jdk-8-alpine with slim image maven:3.6-jdk-8-slim on SAST docs.
As a minor change, globally defined image was moved to job-specific one since globally defined image has been inherited in only build job. cf. deprecation of globally defined image
Why
https://github.com/carlossg/docker-maven/commit/6251fd3dfc1a3ec50c7c38a112acc5d6b3579dc5 deprecated alpine-based openjdk followed by the upstream policy change at https://github.com/docker-library/openjdk/pull/322. So with maven:3.6-jdk-8-alpine tag, we have not got any update on OpenJDK for 2 years. We can use maven:3.6-jdk-8-slim tag to get the JDK updates.
Considerations
slim image could be larger than alpine image:
$ docker pull maven:3.6-jdk-8-alpine
...
$ docker pull maven:3.6-jdk-8-slim
...
$ docker image list maven
REPOSITORY TAG IMAGE ID CREATED SIZE
maven 3.6-jdk-8-slim 2b7040144035 3 weeks ago 306MB
maven 3.6-jdk-8-alpine 7445f83cd169 22 months ago 122MBActually 2.5x increased in the size, but there is no other solution than this, so this could be acceptable since this is a single job among the pipeline.
Related issues
Closes #323898 (closed)
Author's checklist (required)
-
Follow the Documentation Guidelines and Style Guide. - If you have Developer permissions or higher:
-
Ensure that the product tier badge is added to doc's h1. -
Apply the documentation label, plus: - The corresponding DevOps stage and group labels, if applicable.
-
development guidelines when changing docs under
doc/development/*,CONTRIBUTING.md, orREADME.md. -
development guidelines and Documentation guidelines when changing docs under
development/documentation/*. - development guidelines and Description templates (.gitlab/*) when creating/updating issue and MR description templates.
-
Assign the designated Technical Writer.
-
Do not add the feature, frontend, backend, ~"bug", or database labels if you are only updating documentation. These labels will cause the MR to be added to code verification QA issues.
When applicable:
-
Update the permissions table. -
Link docs to and from the higher-level index page, plus other related docs where helpful. -
Add the product tier badge accordingly. -
Add GitLab's version history note(s). -
Add/update the feature flag section.
Review checklist
All reviewers can help ensure accuracy, clarity, completeness, and adherence to the Documentation Guidelines and Style Guide.
1. Primary Reviewer
-
Review by a code reviewer or other selected colleague to confirm accuracy, clarity, and completeness. This can be skipped for minor fixes without substantive content changes.
2. Technical Writer
-
Technical writer review. If not requested for this MR, must be scheduled post-merge. To request for this MR, assign the writer listed for the applicable DevOps stage. -
Ensure docs metadata are present and up-to-date. -
Ensure Technical Writing and documentation are added. -
Add the corresponding docs::scoped label. -
If working on UI text, add the corresponding UI Textscoped label. -
Add twdoing when starting work on the MR. -
Add twfinished if Technical Writing team work on the MR is complete but it remains open.
-
For more information about labels, see Technical Writing workflows - Labels.
For suggestions that you are confident don't need to be reviewed, change them locally and push a commit directly to save others from unneeded reviews. For example:
- Clear typos, like
this is a typpo. - Minor issues, like single quotes instead of double quotes, Oxford commas, and periods.
For more information, see our documentation on Merging a merge request.
3. Maintainer
-
Review by assigned maintainer, who can always request/require the above reviews. Maintainer's review can occur before or after a technical writer review. -
Ensure a release milestone is set. -
If there has not been a technical writer review, create an issue for one using the Doc Review template.