summaryrefslogtreecommitdiffstats
path: root/docker/Dockerfile
diff options
context:
space:
mode:
authorMichaelMorris <michael.morris@est.tech>2020-03-15 17:03:03 +0000
committerMichaelMorris <michael.morris@est.tech>2020-03-15 17:03:11 +0000
commit82210d4e35df8ea097cf0a8060127df1fa4cd2e8 (patch)
tree4821a20fa947d5346e883ca0451390041515a33b /docker/Dockerfile
parent290b3dd99d324b9fdb3de4d55fd6eaed17fc13ad (diff)
Run pods as non-root user
Change-Id: I039195f4de688f9106ebbae9d4f16d8425c223ea Issue-ID: SDC-2798 Signed-off-by: MichaelMorris <michael.morris@est.tech>
Diffstat (limited to 'docker/Dockerfile')
-rw-r--r--docker/Dockerfile8
1 files changed, 5 insertions, 3 deletions
diff --git a/docker/Dockerfile b/docker/Dockerfile
index fcbf836..757a602 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -24,11 +24,13 @@ RUN mkdir -p /run/nginx /run/gunicorn && \
chmod 0770 /var/lib/nginx/tmp /run/gunicorn && \
chmod 0664 /run/nginx/nginx.pid
-COPY app /srv/
+USER nginx
-COPY docker/docker-entrypoint.sh /srv/
+COPY --chown=nginx:nginx app /srv/
-COPY nginx/nginx.conf /etc/nginx/nginx.conf
+COPY --chown=nginx:nginx docker/docker-entrypoint.sh /srv/
+
+COPY --chown=nginx:nginx nginx/nginx.conf /etc/nginx/nginx.conf
RUN chmod +x /srv/tosca_server.py && \
chmod +x /srv/docker-entrypoint.sh