diff options
author | MichaelMorris <michael.morris@est.tech> | 2020-03-15 17:03:03 +0000 |
---|---|---|
committer | MichaelMorris <michael.morris@est.tech> | 2020-03-15 17:03:11 +0000 |
commit | 82210d4e35df8ea097cf0a8060127df1fa4cd2e8 (patch) | |
tree | 4821a20fa947d5346e883ca0451390041515a33b /docker/Dockerfile | |
parent | 290b3dd99d324b9fdb3de4d55fd6eaed17fc13ad (diff) |
Run pods as non-root user
Change-Id: I039195f4de688f9106ebbae9d4f16d8425c223ea
Issue-ID: SDC-2798
Signed-off-by: MichaelMorris <michael.morris@est.tech>
Diffstat (limited to 'docker/Dockerfile')
-rw-r--r-- | docker/Dockerfile | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/docker/Dockerfile b/docker/Dockerfile index fcbf836..757a602 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -24,11 +24,13 @@ RUN mkdir -p /run/nginx /run/gunicorn && \ chmod 0770 /var/lib/nginx/tmp /run/gunicorn && \ chmod 0664 /run/nginx/nginx.pid -COPY app /srv/ +USER nginx -COPY docker/docker-entrypoint.sh /srv/ +COPY --chown=nginx:nginx app /srv/ -COPY nginx/nginx.conf /etc/nginx/nginx.conf +COPY --chown=nginx:nginx docker/docker-entrypoint.sh /srv/ + +COPY --chown=nginx:nginx nginx/nginx.conf /etc/nginx/nginx.conf RUN chmod +x /srv/tosca_server.py && \ chmod +x /srv/docker-entrypoint.sh |