Skip to content

Commit

Permalink
Merge pull request #18 from TheSecretOrganization/9-run-containers-as…
Browse files Browse the repository at this point in the history 
…-non-root-user

updated Django to run as non-root
  • Loading branch information
@antoineverin
antoineverin authored Aug 5, 2024
2 parents 5fda119 + d48d4d9 commit 89611ca
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions django/Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,11 @@ WORKDIR /app
EXPOSE 8000
VOLUME [ "/app" ]

RUN groupadd -r appUser && useradd -r -g appUser appUser
RUN chown appUser:appUser /app
RUN mkdir /static
RUN chown appUser:appUser /static

ENV PYTHONDONTWRITEBYTECODE 1
ENV PYTHONUNBUFFERED=1

Expand All @@ -16,4 +21,6 @@ RUN pip install --no-cache-dir -r requirements.txt
COPY conf/entrypoint.sh /entrypoint.sh
RUN chmod a+x /entrypoint.sh

USER appUser

CMD [ "/entrypoint.sh" ]

0 comments on commit 89611ca

Please sign in to comment.