From 62da387d3ae52b706b2338275cae101270a11c83 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Karol=20S=C3=B3jko?= <karolsojko@gmail.com>
Date: Wed, 14 Oct 2020 13:53:51 +0200
Subject: [PATCH] fix: run Docker without root

---
 Dockerfile | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 3d1e946b0..d30fa70d9 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,10 @@
 FROM ruby:2.7.1-alpine
 
+ARG UID=1000
+ARG GID=1000
+
+RUN addgroup -S webapp -g $GID && adduser -D -S webapp -G webapp -u $UID
+
 RUN apk add --update --no-cache \
     alpine-sdk \
     nodejs \
@@ -10,15 +15,19 @@ RUN apk add --update --no-cache \
 
 WORKDIR /app/
 
-COPY package.json package-lock.json Gemfile Gemfile.lock /app/
+RUN chown -R $UID:$GID .
 
-COPY vendor /app/vendor
+USER webapp
+
+COPY --chown=$UID:$GID package.json package-lock.json Gemfile Gemfile.lock /app/
+
+COPY --chown=$UID:$GID vendor /app/vendor
 
 RUN npm ci
 
 RUN gem install bundler && bundle install
 
-COPY . /app/
+COPY --chown=$UID:$GID . /app/
 
 RUN npm run bundle