-
-
Save rousan/f392e2398e9c57f98c6dd658d7070d3d to your computer and use it in GitHub Desktop.
Dockerfile that attempts to run the app as non-root user. This creates a `node` user & sets permissions on app files. Note you cannot `chown` files in a docker 'volume' during the build process, but you can at runtime (as part of your `CMD`) but in that case you can't use the `USER` command to change the UID before `CMD` runs.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ### | |
| # Node.js app Docker file | |
| # | |
| # Some basic build instructions: | |
| # ``` | |
| # # you should delete node_modules b/c you don't want that copied during 'ADD' | |
| # docker build -t thom-nic/node-bootstrap . | |
| # # run a shell in the container to inspect the environment (as root): | |
| # docker run --rm -itu root thom-nic/node-bootstrap /bin/bash | |
| # ``` | |
| ### | |
| FROM dockerfile/nodejs | |
| MAINTAINER Thom Nichols "[email protected]" | |
| RUN useradd -ms /bin/bash node | |
| # copy the nice dotfiles that dockerfile/ubuntu gives us: | |
| RUN cd && cp -R .bash_profile .bashrc .gitconfig .profile scripts /home/node | |
| ADD . /home/node/app | |
| RUN chown -R node:node /home/node | |
| USER node | |
| ENV HOME /home/node | |
| WORKDIR /home/node/app | |
| #ENV NODE_ENV production | |
| RUN npm install | |
| EXPOSE 8888 | |
| CMD ["npm", "start"] |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment