From 457e55aa38e769d3aaff9f6564f1525baa3cca5e Mon Sep 17 00:00:00 2001 From: Nat Budin Date: Fri, 15 Sep 2023 08:37:34 -0700 Subject: [PATCH] Create the user before chowning things to it --- Dockerfile | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/Dockerfile b/Dockerfile index d4d514e..6fb116d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -43,13 +43,13 @@ RUN apt-get update -qq && \ apt-get install --no-install-recommends -y libpq5 libsqlite3-0 nodejs && \ rm -rf /var/lib/apt/lists /var/cache/apt/archives -# Copy built artifacts: gems, application -COPY --from=build /usr/local/bundle /usr/local/bundle -COPY --from=build --chown=rails:rails /rails /rails - # Run and own only the runtime files as a non-root user for security RUN useradd rails --create-home --shell /bin/bash USER rails:rails +# Copy built artifacts: gems, application +COPY --from=build /usr/local/bundle /usr/local/bundle +COPY --from=build --chown=rails:rails /rails /rails + EXPOSE 3000 CMD bundle exec rails server -b 0.0.0.0 -p $PORT