# The steps in this Dockerfile are copied from an existing image for reference:
# https://hub.docker.com/r/piesecurity/apache-struts2-cve-2017-5638/dockerfile
# In this line, we import that image so we can use the vulnerable app inside.
# Otherwise, the Dockerfile lines are the same.
FROM piesecurity/apache-struts2-cve-2017-5638 as struts

FROM tomcat:7

MAINTAINER piesecurity <admin@pie-secure.org>

RUN set -ex \
	&& rm -rf /usr/local/tomcat/webapps/* \
	&& chmod a+x /usr/local/tomcat/bin/*.sh

# Here, we copy from the multistage build image above; the original image copies locally.
COPY --from=struts /usr/local/tomcat/webapps/ROOT.war /usr/local/tomcat/webapps/ROOT.war

EXPOSE 8080

# Change: Add ps for convenience, so we can quickly view what's running
# in the container.
RUN apt-get update && \
    apt-get install -y psmisc