⬆️(docker) upgrade node images to alpine 3.21

We need to upgrade our images to alpine 3.21 in order to fix a CVE
related to libxml2. We also upgrade node to version 24

Author: lunika

CHANGELOG.md

@@ -21,6 +21,7 @@ and this project adheres to
 - 📝(frontend) Update documentation
 - ✅(frontend) Improve tests coverage
 - ⬆️(docker) upgrade backend image to python 3.13 #973
+- ⬆️(docker) upgrade node images to alpine 3.21
 
 
 ### Removed

src/frontend/Dockerfile

@@ -1,4 +1,9 @@
-FROM node:20-alpine AS frontend-deps
+FROM node:24-alpine AS frontend-deps
+
+# Upgrade system packages to install security updates
+RUN apk update && \
+  apk upgrade && \
+  rm -rf /var/cache/apk/*
 
 WORKDIR /home/frontend/
 
@@ -45,7 +50,19 @@ ENV NEXT_PUBLIC_PUBLISH_AS_MIT=${PUBLISH_AS_MIT}
 RUN yarn build
 
 # ---- Front-end image ----
-FROM nginxinc/nginx-unprivileged:1.26-alpine AS frontend-production
+FROM nginxinc/nginx-unprivileged:1.27-alpine AS frontend-production
+
+# Remove the upgrade part once nginx has published
+# a new image that fixes the CVE related to libxml2
+ARG UID=101
+USER root
+
+# Upgrade system packages to install security updates
+RUN apk update && \
+  apk upgrade && \
+  rm -rf /var/cache/apk/*
+
+USER $UID
 
 # Un-privileged user running the application
 ARG DOCKER_USER

src/frontend/servers/y-provider/Dockerfile

@@ -1,4 +1,11 @@
-FROM node:20-alpine AS y-provider-builder
+FROM node:22.9-alpine AS base
+
+# Upgrade system packages to install security updates
+RUN apk update && \
+  apk upgrade && \
+  rm -rf /var/cache/apk/*
+
+FROM base AS y-provider-builder
 
 WORKDIR /home/frontend/
 
@@ -15,7 +22,7 @@ COPY ./src/frontend/servers/y-provider ./servers/y-provider
 WORKDIR /home/frontend/servers/y-provider
 RUN yarn build
 
-FROM node:20-alpine AS y-provider
+FROM base AS y-provider
 
 WORKDIR /home/frontend/