From e8adf17d10549708f6459d989cefa100a26d06f1 Mon Sep 17 00:00:00 2001
From: Huabing Zhao <zhaohuabing@gmail.com>
Date: Thu, 11 Apr 2019 02:09:56 +0000
Subject: Run kube2ms registrator as non-root user

Change-Id: I2165e080af7c6027548288432c8437503903ee12
Issue-ID: MSB-322
Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
---
 build/docker/Dockerfile | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/build/docker/Dockerfile b/build/docker/Dockerfile
index f25e592..511964d 100644
--- a/build/docker/Dockerfile
+++ b/build/docker/Dockerfile
@@ -1,4 +1,9 @@
 FROM alpine:3.3
 COPY kube2msb /bin/
 
+RUN addgroup -g 1000 msb && \
+    adduser -D -u 1000 -G msb msb && \
+    chown msb:msb /bin/kube2msb
+USER msb
+
 ENTRYPOINT /bin/kube2msb --kube_master_url=${KUBE_MASTER_URL} --auth_token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) --msb_url=${MSB_URL}
-- 
cgit 1.2.3-korg