Skip to content

Commit

Permalink
change docker running user to non root
Browse files Browse the repository at this point in the history
  • Loading branch information
Roy committed Nov 28, 2024
1 parent c232dd5 commit a4d92a6
Showing 1 changed file with 6 additions and 1 deletion.
7 changes: 6 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,4 +27,9 @@ COPY etc /etc/itsdangerous
# USER app
COPY build/start_all.sh /scripts/start_all.sh
RUN chmod +x /scripts/start_all.sh
CMD ["/bin/sh","-c","/scripts/start_all.sh"]
RUN addgroup --system --gid 6000 apps && useradd --uid 6001 --gid 6000 app
RUN chown -R app:apps /etc/itsdangerous && chmod -R 755 /etc/itsdangerous
RUN chown -R app:apps /var/log/itsdangerous && chmod -R 755 /var/log/itsdangerous
RUN chown -R app:apps /tmp/artifacts && chmod -R 755 /tmp/artifacts
USER app
ENTRYPOINT ["/bin/sh", "/scripts/start_all.sh"]

0 comments on commit a4d92a6

Please sign in to comment.