set app user gid/uid to 1000
This commit is contained in:
parent
905ca545c7
commit
9fcc8e36b0
28
Dockerfile
28
Dockerfile
|
@ -4,41 +4,57 @@
|
||||||
# License https://gitlab.com/timvisee/send/blob/master/LICENSE
|
# License https://gitlab.com/timvisee/send/blob/master/LICENSE
|
||||||
##
|
##
|
||||||
|
|
||||||
|
|
||||||
# Build project
|
# Build project
|
||||||
FROM node:16.13-alpine3.13 AS builder
|
FROM node:16.13-alpine3.13 AS builder
|
||||||
|
|
||||||
|
RUN set -x \
|
||||||
|
# Change node uid/gid
|
||||||
|
&& apk --no-cache add shadow \
|
||||||
|
&& groupmod -g 1001 node \
|
||||||
|
&& usermod -u 1001 -g 1001 node
|
||||||
|
|
||||||
RUN set -x \
|
RUN set -x \
|
||||||
# Add user
|
# Add user
|
||||||
&& addgroup --gid 10001 app \
|
&& addgroup --gid 1000 app \
|
||||||
&& adduser --disabled-password \
|
&& adduser --disabled-password \
|
||||||
--gecos '' \
|
--gecos '' \
|
||||||
--ingroup app \
|
--ingroup app \
|
||||||
--home /app \
|
--home /app \
|
||||||
--uid 10001 \
|
--uid 1000 \
|
||||||
app
|
app
|
||||||
|
|
||||||
COPY --chown=app:app . /app
|
COPY --chown=app:app . /app
|
||||||
|
|
||||||
USER app
|
USER app
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
RUN set -x \
|
RUN set -x \
|
||||||
# Build
|
# Build
|
||||||
&& PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true npm ci \
|
&& PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true npm ci \
|
||||||
&& npm run build
|
&& npm run build
|
||||||
|
|
||||||
|
|
||||||
# Main image
|
# Main image
|
||||||
FROM node:16.13-alpine3.13
|
FROM node:16.13-alpine3.13
|
||||||
|
|
||||||
|
RUN set -x \
|
||||||
|
# Change node uid/gid
|
||||||
|
&& apk --no-cache add shadow \
|
||||||
|
&& groupmod -g 1001 node \
|
||||||
|
&& usermod -u 1001 -g 1001 node
|
||||||
|
|
||||||
RUN set -x \
|
RUN set -x \
|
||||||
# Add user
|
# Add user
|
||||||
&& addgroup --gid 10001 app \
|
&& addgroup --gid 1000 app \
|
||||||
&& adduser --disabled-password \
|
&& adduser --disabled-password \
|
||||||
--gecos '' \
|
--gecos '' \
|
||||||
--ingroup app \
|
--ingroup app \
|
||||||
--home /app \
|
--home /app \
|
||||||
--uid 10001 \
|
--uid 1000 \
|
||||||
app
|
app
|
||||||
|
|
||||||
USER app
|
USER app
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
|
||||||
COPY --chown=app:app package*.json ./
|
COPY --chown=app:app package*.json ./
|
||||||
COPY --chown=app:app app app
|
COPY --chown=app:app app app
|
||||||
COPY --chown=app:app common common
|
COPY --chown=app:app common common
|
||||||
|
|
Loading…
Reference in New Issue