From ec657d39ee34a1bd7423244d66cab8dc4515f081 Mon Sep 17 00:00:00 2001
From: anilb <epipav@gmail.com>
Date: Wed, 1 Apr 2026 13:38:59 +0200
Subject: [PATCH] fix: use node20-bookworm-slim runner to fix temporalio glibc
 compatibility

Signed-off-by: anilb <epipav@gmail.com>
---
 workers/temporal/vulnerability_enrichment_worker/Dockerfile | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/workers/temporal/vulnerability_enrichment_worker/Dockerfile b/workers/temporal/vulnerability_enrichment_worker/Dockerfile
index 19ac6990e..3193d5d6a 100644
--- a/workers/temporal/vulnerability_enrichment_worker/Dockerfile
+++ b/workers/temporal/vulnerability_enrichment_worker/Dockerfile
@@ -15,13 +15,15 @@ COPY ./workers/temporal/vulnerability_enrichment_worker ./workers/temporal/vulne
 
 RUN pnpm i --frozen-lockfile
 
-FROM node:24-alpine AS runner
+FROM node:20-bookworm-slim AS runner
 
 WORKDIR /usr/insights/app
 RUN npm install -g corepack@latest && \
     corepack enable pnpm && \
     corepack prepare pnpm@10.12.4 --activate && \
-    apk add --no-cache ca-certificates
+    apt update && \
+    apt install -y ca-certificates --no-install-recommends && \
+    rm -rf /var/lib/apt/lists/*
 
 COPY --from=builder /usr/insights/app/node_modules ./node_modules
 COPY --from=builder /usr/insights/app/submodules ./submodules