Merge branch 'improve-dockerfile' into 'master'

Docker: Set app user gid/uid to 1000

See merge request timvisee/send!22
This commit is contained in:
Tim Visée 2022-03-28 19:41:20 +00:00
commit b41c8087f9

View file

@ -4,41 +4,57 @@
# License https://gitlab.com/timvisee/send/blob/master/LICENSE # License https://gitlab.com/timvisee/send/blob/master/LICENSE
## ##
# Build project # Build project
FROM node:16.13-alpine3.13 AS builder FROM node:16.13-alpine3.13 AS builder
RUN set -x \
# Change node uid/gid
&& apk --no-cache add shadow \
&& groupmod -g 1001 node \
&& usermod -u 1001 -g 1001 node
RUN set -x \ RUN set -x \
# Add user # Add user
&& addgroup --gid 10001 app \ && addgroup --gid 1000 app \
&& adduser --disabled-password \ && adduser --disabled-password \
--gecos '' \ --gecos '' \
--ingroup app \ --ingroup app \
--home /app \ --home /app \
--uid 10001 \ --uid 1000 \
app app
COPY --chown=app:app . /app COPY --chown=app:app . /app
USER app USER app
WORKDIR /app WORKDIR /app
RUN set -x \ RUN set -x \
# Build # Build
&& PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true npm ci \ && PUPPETEER_SKIP_CHROMIUM_DOWNLOAD=true npm ci \
&& npm run build && npm run build
# Main image # Main image
FROM node:16.13-alpine3.13 FROM node:16.13-alpine3.13
RUN set -x \
# Change node uid/gid
&& apk --no-cache add shadow \
&& groupmod -g 1001 node \
&& usermod -u 1001 -g 1001 node
RUN set -x \ RUN set -x \
# Add user # Add user
&& addgroup --gid 10001 app \ && addgroup --gid 1000 app \
&& adduser --disabled-password \ && adduser --disabled-password \
--gecos '' \ --gecos '' \
--ingroup app \ --ingroup app \
--home /app \ --home /app \
--uid 10001 \ --uid 1000 \
app app
USER app USER app
WORKDIR /app WORKDIR /app
COPY --chown=app:app package*.json ./ COPY --chown=app:app package*.json ./
COPY --chown=app:app app app COPY --chown=app:app app app
COPY --chown=app:app common common COPY --chown=app:app common common