build(Containerfile): do not run as root inside the container

2024-02-01 20:00:47 +01:00 · 2024-02-01 20:00:47 +01:00 · caa7146c22
commit caa7146c22
parent 82f40bcaea
1 changed files with 5 additions and 1 deletions
--- a/6
+++ b/6
@ -20,7 +20,10 @@ RUN case "$(apk --print-arch)" in \

 FROM alpine:3.19
 WORKDIR /app
-RUN mkdir /app/wwwroot
+
+RUN mkdir wwwroot data && \
+	adduser -D appuser && \
+	chown appuser:appuser data

 # /* removes directory structure
 COPY --from=builder /release/* /app
@ -28,5 +31,6 @@ COPY ./about.html /app/about.html
 COPY --from=frontend-builder /build/dist /app/wwwroot

 ENV WWW_DIR /app/wwwroot
+USER appuser
 EXPOSE 8080
 CMD [ "./pastabble" ]