From 6e89ffa3e9557db8771b68363624168afc04f71f Mon Sep 17 00:00:00 2001 From: kshitijrajsharma Date: Mon, 20 Nov 2023 14:17:56 +0545 Subject: [PATCH] Change default user back to appuser --- Dockerfile | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index 10741bd5..380f0528 100644 --- a/Dockerfile +++ b/Dockerfile @@ -20,17 +20,17 @@ RUN gdal-config --version | awk -F'[.]' '{print $1"."$2}' COPY setup.py . COPY requirements.txt . COPY README.md . -RUN pip install --no-cache-dir --upgrade pip \ - && pip install --no-cache-dir GDAL=="$(gdal-config --version)" \ - && pip install --no-cache-dir -r requirements.txt \ - && pip install --no-cache-dir -e . +RUN pip install --user --no-cache-dir --upgrade pip \ + && pip install --user --no-cache-dir GDAL=="$(gdal-config --version)" \ + && pip install --user --no-cache-dir -r requirements.txt \ + && pip install --user --no-cache-dir -e . FROM base as runner -WORKDIR /root # Change the working directory to /root +WORKDIR /home/appuser ENV PIP_NO_CACHE_DIR=1 ENV PYTHONUNBUFFERED=1 -ENV PATH="/root/.local/bin:$PATH" -ENV PYTHON_LIB="/root/.local/lib/python$PYTHON_VERSION/site-packages" +ENV PATH="/home/appuser/.local/bin:$PATH" +ENV PYTHON_LIB="/home/appuser/.local/lib/python$PYTHON_VERSION/site-packages" RUN apt-get update \ && apt-get -y upgrade \ @@ -39,6 +39,7 @@ RUN apt-get update \ && apt-get clean \ && rm -rf /var/lib/apt/lists/* +COPY --from=builder /root/.local /home/appuser/.local COPY README.md . COPY config.txt.sample ./config.txt COPY setup.py . @@ -49,15 +50,15 @@ COPY src/ ./src/ FROM ghcr.io/hotosm/tippecanoe:main as tippecanoe-builder FROM runner as prod -# USER root # Change the user to root # Copy tippecanoe binaries from the tippecanoe stage COPY --from=tippecanoe-builder /usr/local/bin/tippecanoe* /usr/local/bin/ COPY --from=tippecanoe-builder /usr/local/bin/tile-join /usr/local/bin/ -# Remove the useradd and chown commands related to appuser -# RUN useradd --system --uid 900 --home-dir /home/appuser --shell /bin/false appuser \ -# && chown -R appuser:appuser /home/appuser +RUN useradd --system --uid 900 --home-dir /home/appuser --shell /bin/false appuser \ + && chown -R appuser:appuser /home/appuser + +USER appuser #CMD ["/bin/bash"] CMD ["uvicorn", "API.main:app", "--reload", "--host", "0.0.0.0", "--port", "8000", "--no-use-colors", "--proxy-headers"]