From 8101f974a02a95b8d1b704f13e3c8741b47914b2 Mon Sep 17 00:00:00 2001
From: Martin Buchleitner <mbuchleitner@infralovers.com>
Date: Thu, 9 Nov 2023 08:45:33 +0100
Subject: [PATCH] feat: not run as root (#21)

Signed-off-by: Martin Buchleitner <mbuchleitner@infralovers.com>
---
 Dockerfile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index fb38ffe..2b74bd4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -32,4 +32,8 @@ COPY --from=vault /bin/vault /usr/local/bin/vault
 # hadolint ignore=DL3013
 RUN pip3 install --no-cache-dir azure-cli pre-commit
 
+RUN addgroup -S build && adduser -S build -G build
+
+USER build
+
 ENTRYPOINT ["/bin/bash"]