From abb643f4d880cd770efa4b9132bb778f7229cc86 Mon Sep 17 00:00:00 2001 From: Nicko Guyer Date: Wed, 10 Jan 2024 13:51:23 -0500 Subject: [PATCH] Change Dockerfile to use non-root user Signed-off-by: Nicko Guyer --- Dockerfile | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b877e70..20e7998 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,6 +1,10 @@ FROM node:16-alpine3.15 as firefly-dataexchange-builder -ADD . /firefly-dataexchange-https +ADD --chown=1001:0 . /firefly-dataexchange-https WORKDIR /firefly-dataexchange-https +RUN mkdir /.npm \ + && chgrp -R 0 /.npm \ + && chmod -R g+rwX /.npm +USER 1001 RUN npm install RUN npm run build @@ -12,4 +16,6 @@ COPY --from=firefly-dataexchange-builder /firefly-dataexchange-https/package*.js RUN npm install --production EXPOSE 3000 EXPOSE 3001 +USER 1001 + CMD [ "node", "./build/index.js" ] \ No newline at end of file