Merge branch 'improve-dockerfile' into 'master'
Docker: Set app user gid/uid to 1000 See merge request timvisee/send!22
This commit is contained in:
commit
b41c8087f9
1 changed files with 22 additions and 6 deletions
28
Dockerfile
28
Dockerfile
|
@ -4,41 +4,57 @@
|
|||
# License https://gitlab.com/timvisee/send/blob/master/LICENSE
|
||||
##
|
||||
|
||||
|
||||
# Build project
|
||||
FROM node:16.13-alpine3.13 AS builder
|
||||
|
||||
RUN set -x \
|
||||
# Change node uid/gid
|
||||
&& apk --no-cache add shadow \
|
||||
&& groupmod -g 1001 node \
|
||||
&& usermod -u 1001 -g 1001 node
|
||||
|
||||
RUN set -x \
|
||||
# Add user
|
||||
&& addgroup --gid 10001 app \
|
||||
&& addgroup --gid 1000 app \
|
||||
&& adduser --disabled-password \
|
||||
--gecos '' \
|
||||
--ingroup app \
|
||||
--home /app \
|
||||
--uid 10001 \
|
||||
--uid 1000 \
|
||||
app
|
||||
|
||||
COPY --chown=app:app . /app
|
||||
|
||||
USER app
|
||||
WORKDIR /app
|
||||
|
||||
RUN set -x \
|
||||
# Build
|
||||
&& PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true npm ci \
|
||||
&& npm run build
|
||||
|
||||
|
||||
# Main image
|
||||
FROM node:16.13-alpine3.13
|
||||
|
||||
RUN set -x \
|
||||
# Change node uid/gid
|
||||
&& apk --no-cache add shadow \
|
||||
&& groupmod -g 1001 node \
|
||||
&& usermod -u 1001 -g 1001 node
|
||||
|
||||
RUN set -x \
|
||||
# Add user
|
||||
&& addgroup --gid 10001 app \
|
||||
&& addgroup --gid 1000 app \
|
||||
&& adduser --disabled-password \
|
||||
--gecos '' \
|
||||
--ingroup app \
|
||||
--home /app \
|
||||
--uid 10001 \
|
||||
--uid 1000 \
|
||||
app
|
||||
|
||||
USER app
|
||||
WORKDIR /app
|
||||
|
||||
COPY --chown=app:app package*.json ./
|
||||
COPY --chown=app:app app app
|
||||
COPY --chown=app:app common common
|
||||
|
|
Loading…
Reference in a new issue