feat(docker): do not run container as root

Using a non root user to execute the application.
We don't need to be root
This commit is contained in:
Philippe Caseiro 2024-02-26 11:54:51 +01:00
parent 03853bdb7a
commit 987208dd03
1 changed files with 7 additions and 4 deletions

View File

@ -1,4 +1,4 @@
FROM golang:1.17 AS build
FROM reg.cadoles.com/dh/library/golang:1.17 AS build
ARG HTTP_PROXY=
ARG HTTPS_PROXY=
@ -23,12 +23,15 @@ RUN npm install \
&& echo "---" > ./misc/release/config-patch.yml \
&& make ARCH_TARGETS=amd64 release
FROM busybox
COPY --from=build /src/release/fake-sms-linux-amd64 /app
RUN adduser -D -h /app sms
COPY --from=build /src/release/fake-sms-linux-amd64 /app
RUN chown -R sms:sms /app
USER sms
WORKDIR /app
RUN mkdir -p /app
CMD ["bin/fake-sms", "--config", "config.yml"]