Run kube2ms registrator as non-root user

Change-Id: I2165e080af7c6027548288432c8437503903ee12 Issue-ID: MSB-322 Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
author: Huabing Zhao <zhaohuabing@gmail.com> 2019-04-11 02:09:56 +0000
committer: Huabing Zhao <zhaohuabing@gmail.com> 2019-04-11 02:11:20 +0000
commit: e8adf17d10549708f6459d989cefa100a26d06f1 (patch)
tree: c1c058c499a2684d3980b333da5aab601cf43bc5
parent: 8f8a661e782185b48741947ddd2a48a9a9afce33 (diff)
1 files changed, 5 insertions, 0 deletions
diff --git a/build/docker/Dockerfile b/build/docker/Dockerfile
index f25e592..511964d 100644
--- a/build/docker/Dockerfile
+++ b/build/docker/Dockerfile
@@ -1,4 +1,9 @@
 FROM alpine:3.3
 COPY kube2msb /bin/
 
+RUN addgroup -g 1000 msb && \
+    adduser -D -u 1000 -G msb msb && \
+    chown msb:msb /bin/kube2msb
+USER msb
+
 ENTRYPOINT /bin/kube2msb --kube_master_url=${KUBE_MASTER_URL} --auth_token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) --msb_url=${MSB_URL}
author	Huabing Zhao <zhaohuabing@gmail.com>	2019-04-11 02:09:56 +0000
committer	Huabing Zhao <zhaohuabing@gmail.com>	2019-04-11 02:11:20 +0000
commit	e8adf17d10549708f6459d989cefa100a26d06f1 (patch)
tree	c1c058c499a2684d3980b333da5aab601cf43bc5
parent	8f8a661e782185b48741947ddd2a48a9a9afce33 (diff)