From 6f049728c34dc3856787d35eec32b241a73b1e8d Mon Sep 17 00:00:00 2001 From: Joshua Seals Date: Mon, 18 Sep 2023 16:38:48 -0400 Subject: [PATCH] Updated dockerfile to be more verbose, adding helxui user and group --- Dockerfile | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 9b4ad079..4df61ce9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -9,8 +9,8 @@ ENV REACT_APP_WORKSPACES_ENABLED=$REACT_APP_WORKSPACES_ENABLED # Copy and install requirements WORKDIR /usr/src/app COPY --chown=node:node "package*.json" /usr/src/app/ -RUN npm i -g npm@latest -RUN npm ci +RUN npm install -g npm@latest +RUN npm clean-install COPY --chown=node:node . /usr/src/app RUN npm run build @@ -20,18 +20,18 @@ RUN npm run build ######################## FROM nginx:1.25.1-alpine-slim -COPY nginx/default.conf /etc/nginx/conf.d/default.conf -COPY nginx/nginx.conf /etc/nginx/nginx.conf -COPY --from=builder /usr/src/app/build/ /usr/share/nginx/static/ -# RUN mv /usr/share/nginx/static/frontend/index.html /usr/share/nginx/html/ -RUN apk upgrade -RUN apk add bash +# Ensure a rootless container +RUN addgroup -g 1000 -S helxui && \ + adduser -u 1000 -h /helxui -G helxui -S helxui -WORKDIR /usr/src/app -COPY bin /usr/src/app/bin +COPY --chown=helxui:helxui nginx/default.conf /etc/nginx/conf.d/default.conf +COPY --chown=helxui:helxui nginx/nginx.conf /etc/nginx/nginx.conf +COPY --from=builder --chown=helxui:helxui /usr/src/app/build/ /usr/share/nginx/static/ +COPY --chown=helxui:helxui bin /usr/src/app/bin ENV PATH="/usr/src/app/bin:${PATH}" - +# RUN mv /usr/share/nginx/static/frontend/index.html /usr/share/nginx/html/ +WORKDIR /usr/src/app EXPOSE 80 CMD ["start_server", "/usr/share/nginx/static/frontend/env.json"] \ No newline at end of file