From 3ad5d16f9f61f72a725f6e91a0ad8138ee5b7316 Mon Sep 17 00:00:00 2001 From: Aleksey Kashapov Date: Thu, 6 Jul 2023 10:24:28 +0300 Subject: [PATCH] OPS-268: Setups user in `Dockerfile` (#24) * Update valitydev/erlang-workflows action to v1.0.12 * OPS-268: Setups user in `Dockerfile` --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/erlang-checks.yaml | 2 +- Dockerfile | 8 ++++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/.github/workflows/erlang-checks.yaml b/.github/workflows/erlang-checks.yaml index 9350394..1363c9f 100644 --- a/.github/workflows/erlang-checks.yaml +++ b/.github/workflows/erlang-checks.yaml @@ -30,7 +30,7 @@ jobs: run: name: Run checks needs: setup - uses: valitydev/erlang-workflows/.github/workflows/erlang-parallel-build.yml@v1.0.2 + uses: valitydev/erlang-workflows/.github/workflows/erlang-parallel-build.yml@v1.0.12 with: otp-version: ${{ needs.setup.outputs.otp-version }} rebar-version: ${{ needs.setup.outputs.rebar-version }} diff --git a/Dockerfile b/Dockerfile index ec0732d..64717a7 100644 --- a/Dockerfile +++ b/Dockerfile @@ -23,6 +23,8 @@ RUN rebar3 compile && \ FROM docker.io/library/erlang:${OTP_VERSION}-slim ARG SERVICE_NAME +ARG USER_UID=1001 +ARG USER_GID=$USER_UID # Set env ENV CHARSET=UTF-8 @@ -36,6 +38,12 @@ COPY --from=builder /build/_build/prod/rel/${SERVICE_NAME} /opt/${SERVICE_NAME} RUN echo "#!/bin/sh" >> /entrypoint.sh && \ echo "exec /opt/${SERVICE_NAME}/bin/${SERVICE_NAME} foreground" >> /entrypoint.sh && \ chmod +x /entrypoint.sh + +# Setup user +RUN groupadd --gid ${USER_GID} ${SERVICE_NAME} && \ + useradd --uid ${USER_UID} --gid ${USER_GID} -M ${SERVICE_NAME} +USER ${SERVICE_NAME} + ENTRYPOINT [] CMD ["/entrypoint.sh"]