diff --git a/Dockerfile b/Dockerfile index 71277617..dfc9d411 100644 --- a/Dockerfile +++ b/Dockerfile @@ -10,14 +10,18 @@ WORKDIR /opt/payid COPY . . +# create a group and user +RUN addgroup -S appgroup && adduser -S appuser -G appgroup + # postgresql-client is needed if/when we run "wait-for-postgres.sh" (in ./scripts) to make sure Postgres is ready to execute SQL scripts. RUN apk --no-cache add postgresql-client~=12 &&\ npm cache clean --force &&\ npm install &&\ - npm run build &&\ - ls -al /opt/payid/build/ &&\ - ls -al /opt/payid/build/src + npm run build EXPOSE 8080 8081 -CMD ["node", "/opt/payid/build/src/index.js"] \ No newline at end of file +# run all future commands as this user +USER appuser + +CMD ["node", "/opt/payid/build/src/index.js"]