⏪️ Merge pull request gchq#501 from Lissy93/revert-495-master

[REVERRT] Add group and user in dockerfile to run container as unprivileged Fixes: gchq#499
BRAVO68WEB · Feb 20, 2022 · f2c5de7 · f2c5de7
2 parents 57bbee7 + 4701eed
commit f2c5de7
Showing 1 changed file with 5 additions and 21 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -30,32 +30,16 @@ FROM node:16.13.2-alpine
 # Define some ENV Vars
 ENV PORT=80 \
   DIRECTORY=/app \
-  IS_DOCKER=true \
-  USER=docker \
-  UID=12345 \
-  GID=23456
-
-# Install tini for initialization and tzdata for setting timezone
-RUN apk add --no-cache tzdata tini \
-  # Add group
-    && addgroup --gid ${GID} "${USER}" \ 
-  # Add user
-    && adduser \
-    --disabled-password \
-    --ingroup "${USER}" \
-    --gecos "" \
-    --home "${DIRECTORY}" \
-    --no-create-home \
-    --uid "$UID" \
-    "$USER"
-
-USER ${USER}
+  IS_DOCKER=true
 
 # Create and set the working directory
 WORKDIR ${DIRECTORY}
 
+# Install tini for initialization and tzdata for setting timezone
+RUN apk add --no-cache tzdata tini
+
 # Copy built application from build phase
-COPY --from=BUILD_IMAGE --chown=${USER}:${USER} /app ./
+COPY --from=BUILD_IMAGE /app ./
 
 # Finally, run start command to serve up the built application
 ENTRYPOINT [ "/sbin/tini", "--" ]