Skip to content

Commit f2c5de7

Browse files
authored
⏪️ Merge pull request #501 from Lissy93/revert-495-master
[REVERRT] Add group and user in dockerfile to run container as unprivileged Fixes: #499
2 parents 57bbee7 + 4701eed commit f2c5de7

File tree

1 file changed

+5
-21
lines changed

1 file changed

+5
-21
lines changed

Dockerfile

+5-21
Original file line numberDiff line numberDiff line change
@@ -30,32 +30,16 @@ FROM node:16.13.2-alpine
3030
# Define some ENV Vars
3131
ENV PORT=80 \
3232
DIRECTORY=/app \
33-
IS_DOCKER=true \
34-
USER=docker \
35-
UID=12345 \
36-
GID=23456
37-
38-
# Install tini for initialization and tzdata for setting timezone
39-
RUN apk add --no-cache tzdata tini \
40-
# Add group
41-
&& addgroup --gid ${GID} "${USER}" \
42-
# Add user
43-
&& adduser \
44-
--disabled-password \
45-
--ingroup "${USER}" \
46-
--gecos "" \
47-
--home "${DIRECTORY}" \
48-
--no-create-home \
49-
--uid "$UID" \
50-
"$USER"
51-
52-
USER ${USER}
33+
IS_DOCKER=true
5334

5435
# Create and set the working directory
5536
WORKDIR ${DIRECTORY}
5637

38+
# Install tini for initialization and tzdata for setting timezone
39+
RUN apk add --no-cache tzdata tini
40+
5741
# Copy built application from build phase
58-
COPY --from=BUILD_IMAGE --chown=${USER}:${USER} /app ./
42+
COPY --from=BUILD_IMAGE /app ./
5943

6044
# Finally, run start command to serve up the built application
6145
ENTRYPOINT [ "/sbin/tini", "--" ]

0 commit comments

Comments
 (0)