PeopleService (.NET): decrease container size and improve security posture

[mathieu-benoit]

For the PeopleService (.NET) container: decrease container size and improve security posture: from 1.53GB to 111MB uncompressed on disk (-1.4GB saved) --> saving time to build and run the container (locally and on Kubernetes).

Towards helping for this #231.

On a security standpoint, by using the multi-stage build approach and having a distroless base image (noble-chiseled), this is also reducing the number of packages included in the container: with Syft, from 4,064 packages to 10 packages:

NAME             VERSION                  TYPE   
base-files       13ubuntu10.1             deb     
ca-certificates  20240203                 deb     
gcc-14           14.2.0-4ubuntu2~24.04    deb     
gcc-14-base      14.2.0-4ubuntu2~24.04    deb     
libc6            2.39-0ubuntu8.3          deb     
libgcc-s1        14.2.0-4ubuntu2~24.04    deb     
libssl3t64       3.0.13-0ubuntu3.4        deb     
libstdc++6       14.2.0-4ubuntu2~24.04    deb     
openssl          3.0.13-0ubuntu3.4        deb     
zlib1g           1:1.3.dfsg-3.1ubuntu2.1  deb

Which is consequently reducing the number of CVEs too, with Trivy, from 1051 to 3:

peopleservice:before (debian 12.8):
Total: 1051 (UNKNOWN: 25, LOW: 364, MEDIUM: 567, HIGH: 92, CRITICAL: 3)

peopleservice:after (ubuntu 24.04):
Total: 3 (UNKNOWN: 0, LOW: 3, MEDIUM: 0, HIGH: 0, CRITICAL: 0)

Tested locally with this new Dockerfile:

cd people-service
docker build -t peopleservice:after .
docker run -d -p 8080:18089 peopleservice:after
curl http://localhost:8080/People/GetPerson?LogonId=user01

Getting a successful response:

{"logonId":"user01","fullName":"Alice Johnson","email":"[email protected]","employeeId":"E0001","department":"HR","photoUrl":"https://example.com/pthotos/user01.jpg"}

[netlify]

✅ Deploy Preview for lucky-concha-f3599f canceled.

Name	Link
🔨 Latest commit	4d66dbc
🔍 Latest deploy log	https://app.netlify.com/sites/lucky-concha-f3599f/deploys/677ca66fd49af30008146506