feat(docker): do not run container as root
Using a non root user to execute the application. We don't need to be root
This commit is contained in:
parent
03853bdb7a
commit
987208dd03
|
@ -1,4 +1,4 @@
|
|||
FROM golang:1.17 AS build
|
||||
FROM reg.cadoles.com/dh/library/golang:1.17 AS build
|
||||
|
||||
ARG HTTP_PROXY=
|
||||
ARG HTTPS_PROXY=
|
||||
|
@ -23,12 +23,15 @@ RUN npm install \
|
|||
&& echo "---" > ./misc/release/config-patch.yml \
|
||||
&& make ARCH_TARGETS=amd64 release
|
||||
|
||||
|
||||
FROM busybox
|
||||
|
||||
COPY --from=build /src/release/fake-sms-linux-amd64 /app
|
||||
RUN adduser -D -h /app sms
|
||||
|
||||
COPY --from=build /src/release/fake-sms-linux-amd64 /app
|
||||
RUN chown -R sms:sms /app
|
||||
|
||||
USER sms
|
||||
WORKDIR /app
|
||||
|
||||
RUN mkdir -p /app
|
||||
|
||||
CMD ["bin/fake-sms", "--config", "config.yml"]
|
Loading…
Reference in New Issue