From d10344bb061dbfea48a00a695907995e48c17502 Mon Sep 17 00:00:00 2001 From: martintatum Date: Fri, 20 Dec 2024 14:56:46 +0100 Subject: [PATCH] ALL-9118 - Upgrade Node, NPM and other libraries dockerfile sonar fix --- Dockerfile | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 2d9cbb2..8b3171c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,9 @@ FROM node:18.20.5-alpine3.20 AS builder -# Create app directory +# Create a non-root user and group +RUN groupadd -r appgroup && useradd -r -g appgroup appuser +# Create app directory WORKDIR /usr/src/app RUN apk --virtual build-dependencies add \ @@ -25,6 +27,12 @@ COPY . . RUN yarn build +# Change ownership of the application files to the non-root user +RUN chown -R appuser:appgroup /usr/src/app + +# Switch to the non-root user +USER appuser + ENTRYPOINT ["node", "/usr/src/app/dist/index.js"] CMD ["daemon"]