From fe634e7de1ef20682c216054cbb21a50c9f03dba Mon Sep 17 00:00:00 2001
From: Kevin Thomas <me@kevinthomas.dev>
Date: Sat, 4 Dec 2021 23:03:17 -0800
Subject: [PATCH] Update Dockerfile to use non-root user

---
 Dockerfile | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index f9e660d..70c1d6d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,9 +1,15 @@
 FROM node:14-alpine
 LABEL maintainer="me@kevinthomas.dev"
+RUN deluser --remove-home node \
+  && addgroup -S noisedash -g 1440 \
+  && adduser -S -G noisedash -u 1440 noisedash
+RUN mkdir /var/noisedash
+RUN chown noisedash:noisedash /var/noisedash
+USER noisedash
 WORKDIR /var/noisedash
-COPY package*.json ./
+COPY --chown=noisedash:noisedash package*.json ./
 RUN npm install
-COPY . .
+COPY --chown=noisedash:noisedash . .
 ENV NODE_ENV production
 RUN npm run build
 EXPOSE 1432