From 331f517d758b477075a42b9b30660cb6670111fe Mon Sep 17 00:00:00 2001
From: emilweth <7402764+emilweth@users.noreply.github.com>
Date: Sun, 22 Jan 2023 08:18:50 +0100
Subject: [PATCH] feat(docker): run as non root user (#1380)

---
 Dockerfile | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index f45aaf26..389fef03 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -29,6 +29,16 @@ RUN pnpm build
 
 FROM base AS runner
 
+ARG UID=911
+ARG GID=911
+
+# Create a dedicated user and group
+RUN set -eux; \
+    addgroup -g $UID elk; \
+    adduser -u $GID -D -G elk elk;
+
+USER elk
+
 ENV NODE_ENV=production
 
 COPY --from=builder /elk/.output ./.output