Do not recommend alpine

[sciurus]

Based on our IRC conversation, we do not want people to use the alpine variants of images.

[sciurus]

Thanks @jbuck ; fixed.

I noticed that the old Dockerfile installed the application as the app user. This meant the app user owned the node modules and thus could write to them, counter to our own recommendation that "this user is for privilege deescalation and should have read-only access to files". I've fixed that.

I still had to make the /app directory writable by the app user, otherwise npm run failed with a complaint that "npm update check failed"

[mostlygeek]

Curious, what are the problems supporting alpine containers?

[sciurus]

@mostlygeek "the alpine problem" section of https://kubedex.com/follow-up-container-scanning-comparison/ and https://irccloud.mozilla.com/file/Vpu2c8RQ/Screen%20Shot%202018-12-10%20at%2010.50.24.png go into the issues

[mostlygeek]

@sciurus those are very good reasons not to use alpine. The -slim packages seem like the right trade off between size and security then for us.

[sciurus]

@jbuck take another look when you get a change.