based image on openjdk-8 and made security changes; changed nexus dns names

6.0.1/Dockerfile

-ARG BASE_REGISTRY=registry.access.redhat.com
-ARG BASE_IMAGE=ubi7/ubi
-ARG BASE_TAG=7.8
+ARG BASE_REGISTRY=nexus-docker-secure.levelup-dev.io
+ARG BASE_IMAGE=opensource/openjdk/openjdk
+ARG BASE_TAG=1.8
 
 # This builder image was pushed to Nexus using prebuild.sh and will be used to copy binaries from
-FROM nexus-docker.52.61.140.4.nip.io/builder-opensource/keycloak:6.0.1 AS builder
+FROM nexus-docker-secure.levelup-dev.io/builder-opensource/keycloak:6.0.1 AS builder
 
 # This is the base image
 FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
@@ -11,21 +11,21 @@ FROM ${BASE_REGISTRY}/${BASE_IMAGE}:${BASE_TAG}
 LABEL name="Keycloak" \
       description="Keycloak is an open source Identity and Access Management solution aimed at modern applications and services. It makes it easy to secure applications and services with little to no code." \
       vendor="Opensource" \
-      summary="Keycloak (Red Hat UBI)" \
+      summary="Keycloak Container" \
       maintainer="Red Hat <hojeda@redhat.com>" \
       version="6.0.1"
 
-ENV KEYCLOAK_VERSION=6.0.1 \
-    JDBC_POSTGRES_VERSION=42.2.5 \
-    JDBC_MYSQL_VERSION=5.1.46 \
-    JDBC_MARIADB_VERSION=2.2.3 \
-    LAUNCH_JBOSS_IN_BACKGROUND=1 \
-    PROXY_ADDRESS_FORWARDING=false \
-    JBOSS_HOME=/opt/jboss/keycloak \
-    LANG=en_US.UTF-8 \
-    KEYCLOAK_USER_NAME=jboss \
-    KEYCLOAK_USER_ID=1001 \
-    KEYCLOAK_HOME=/opt/jboss
+ENV KEYCLOAK_VERSION="6.0.1" \
+    JDBC_POSTGRES_VERSION="42.2.5" \
+    JDBC_MYSQL_VERSION="5.1.46" \
+    JDBC_MARIADB_VERSION="2.2.3" \
+    LAUNCH_JBOSS_IN_BACKGROUND="1" \
+    PROXY_ADDRESS_FORWARDING="false" \
+    JBOSS_HOME="/opt/jboss/keycloak" \
+    LANG="en_US.UTF-8" \
+    KEYCLOAK_USER_NAME="keycloak" \
+    KEYCLOAK_USER_ID="1000" \
+    KEYCLOAK_HOME="/opt/jboss"
 
 ARG GIT_REPO
 ARG GIT_BRANCH
@@ -35,17 +35,16 @@ ARG KEYCLOAK_DIST=https://downloads.jboss.org/keycloak/$KEYCLOAK_VERSION/keycloa
 COPY --from=builder /opt/jboss /opt/jboss
 
 # Create the user, fix file system ownership
-RUN useradd -M -s /usr/sbin/nologin --uid ${KEYCLOAK_USER_ID} --user-group ${KEYCLOAK_USER_NAME} && \
-    chown -R ${KEYCLOAK_USER_NAME}:${KEYCLOAK_USER_NAME} ${KEYCLOAK_HOME} && \
+RUN useradd -u $KEYCLOAK_USER_ID -g 0 -M -d /opt/jboss $KEYCLOAK_USER_NAME && \
+    chown -R ${KEYCLOAK_USER_NAME}:0 ${KEYCLOAK_HOME} && \
     chmod -R o-w /opt/jboss/keycloak
 
 # Install dependencies
-RUN yum install -y --disableplugin=subsciption-manager \
-                   --nogpgcheck \
-                   --disablerepo=unified_platform_ubi8_appstream \
-                   --disablerepo=unified_platform_ubi8_os \
-                   java-1.8.0-openjdk && \
-    yum clean all
+RUN yum update -y --disableplugin=subsciption-manager \
+                  --nogpgcheck \
+                  --disablerepo=unified_platform_ubi8_appstream \
+                  --disablerepo=unified_platform_ubi8_os && \
+    yum clean all && [ ! -d /var/cache/yum ] || rm -rf /var/cache/yum
 
 USER ${KEYCLOAK_USER_ID}
 

6.0.1/scripts/prebuild.sh

@@ -4,7 +4,7 @@ VERSION=6.0.1
 IMAGE_NAME=opensource/keycloak
 IMAGE_DIGEST=sha256:7caca7d35749ebeade412cdbca5a899e9a9d9a59a872f5d1185c59d993004694
 IMAGE_ID=3a6718ca4ee02c3a9e9f4a4982d40f04f3bbc2f4ee9b936459519ea125ab87a9
-NEXUS_REGISTRY=nexus-docker.52.61.140.4.nip.io
+NEXUS_REGISTRY=nexus-docker-secure.levelup-dev.io
 NEXUS_TAG=${NEXUS_REGISTRY}/builder-${IMAGE_NAME}:${VERSION}
 
 set -e