Run service-twitter as non-root user
authorMichael Winsauer <e1429715@student.tuwien.ac.at>
Sat, 10 Nov 2018 03:24:22 +0000 (04:24 +0100)
committerMichael Winsauer <e1429715@student.tuwien.ac.at>
Sat, 10 Nov 2018 03:24:22 +0000 (04:24 +0100)
service-twitter/Dockerfile

index 0e27ce0f0d8204e93bd4b2d6eae46d3696fb73d8..724791119741b3d1b292a56d1615433a2c6751cc 100644 (file)
@@ -13,6 +13,9 @@ MAINTAINER Michael Winsauer <e1429715@student.tuwien.ac.at>
 VOLUME /tmp
 EXPOSE 8084
 
+RUN ["useradd", "--no-create-home", "twitter"]
+USER twitter:twitter
+
 COPY --from=service-twitter-builder /build/target/service-twitter-0.1.0-SNAPSHOT.jar /app/service-twitter.jar
 
 WORKDIR /app