Security: Modify Dockerfiles to create and run as a non-default User - Githubissues

buerokratt / POC-DMR.Cross-functional-requirements

Cross-functional requirements to take into account when developing or planning to develop Bürokratt's custom base components

MIT License

1 stars 1 forks source link

Security: Modify Dockerfiles to create and run as a non-default User #83

Closed guypritchard closed 2 years ago

guypritchard commented 2 years ago

As per the Security Architecture

In the Dockerfile, create a user and run as that non-default user:

...
RUN adduser \
  --disabled-password \
  --home /app \
  --gecos '' app \
  && chown -R app /app
USER app
...

Acceptance Criteria

[x] Do this for CentOps - https://github.com/buerokratt/CentOps/pull/84
[x] Do this for .NET DMR - https://github.com/buerokratt/DMR/pull/62
[x] Do this for MockBot - https://github.com/buerokratt/Mock-Bot/pull/43
[x] Do this for MockClassifier - https://github.com/buerokratt/Mock-Classifier/pull/57

martinkearn commented 2 years ago

Releasing the ticket in case anyone else gets to it before I do