# Completely stolen from the log4shell vulnerable app
FROM gradle:7.3.1-jdk17 AS builder
COPY --chown=gradle:gradle ./coffeeCorporation/ /home/gradle/src
WORKDIR /home/gradle/src
RUN gradle bootJar --no-daemon

FROM openjdk:8u181-jdk-alpine
EXPOSE 8080
RUN mkdir /app
ENV JAVA_TOOL_OPTIONS="-Dcom.sun.jndi.ldap.object.trustURLCodebase=true -DenableJndiLookup=true -DformatMsgNoLookups=false"
COPY --from=builder /home/gradle/src/build/libs/*.jar /app/coffeeCorporation.jar
COPY flag.txt flag.txt
CMD ["java", "-jar", "/app/coffeeCorporation.jar"]
