Update Dockerfile
Runs as non-root user Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This commit is contained in:
Znmin
@@ -26,10 +26,13 @@ RUN npm run build
|
|||||||
#--- STAGE 3: Production runtime environment
|
#--- STAGE 3: Production runtime environment
|
||||||
FROM node:lts-alpine3.23 AS production
|
FROM node:lts-alpine3.23 AS production
|
||||||
WORKDIR /app
|
WORKDIR /app
|
||||||
|
RUN addgroup -S appuser && adduser -S appuser -G appuser
|
||||||
COPY --from=build /app/.next ./.next
|
COPY --from=build /app/.next ./.next
|
||||||
COPY --from=build /app/package.json ./package.json
|
COPY --from=build /app/package.json ./package.json
|
||||||
COPY --from=build /app/package-lock.json ./package-lock.json
|
COPY --from=build /app/package-lock.json ./package-lock.json
|
||||||
COPY --from=build /app/public ./public
|
COPY --from=build /app/public ./public
|
||||||
COPY --from=build /app/node_modules ./node_modules
|
COPY --from=build /app/node_modules ./node_modules
|
||||||
|
RUN chown -R appuser:appuser /app
|
||||||
|
USER appuser
|
||||||
EXPOSE 3000
|
EXPOSE 3000
|
||||||
CMD ["npm", "run", "start"]
|
CMD ["npm", "run", "start"]
|
||||||
|
|||||||
Reference in New Issue
Block a user