diff --git a/kotsadm/api/deploy/Dockerfile b/kotsadm/api/deploy/Dockerfile index 02d73e017c..c1fedf9dad 100644 --- a/kotsadm/api/deploy/Dockerfile +++ b/kotsadm/api/deploy/Dockerfile @@ -35,25 +35,20 @@ RUN curl -L "https://github.com/replicatedhq/troubleshoot/releases/download/v0.9 mv /tmp/troubleshoot.so /lib/troubleshoot.so && \ rm -rf /tmp/* -RUN apt-get update && apt-get install -y --no-install-recommends \ - curl ca-certificates \ - && rm -rf /var/lib/apt/lists/* - ADD ./deploy/policy.json /etc/containers/policy.json RUN apt-get -y update && apt-get install -y --no-install-recommends \ libgpgme-dev libdevmapper-dev \ && rm -rf /var/lib/apt/lists/* -COPY --from=build /src/build /src/build -COPY --from=build /src/node_modules /src/node_modules +RUN useradd -c 'kotsadm-api user' -m -d /home/kotsadm-api -s /bin/bash -u 1001 kotsadm-api +USER kotsadm-api +ENV HOME /home/kotsadm-api + +COPY --from=build --chown=kotsadm-api:kotsadm-api /src/build /src/build +COPY --from=build --chown=kotsadm-api:kotsadm-api /src/node_modules /src/node_modules EXPOSE 3000 ARG commit=unknown ENV COMMIT=${commit} -RUN useradd -c 'kotsadm-api user' -m -d /home/kotsadm-api -s /bin/bash -u 1001 kotsadm-api -RUN chown -R kotsadm-api.kotsadm-api /src -USER kotsadm-api -ENV HOME /home/kotsadm-api - CMD ["node", "/src/build/server/index.js"] diff --git a/kotsadm/deploy/Dockerfile b/kotsadm/deploy/Dockerfile index b967f1dfd9..f80c365048 100644 --- a/kotsadm/deploy/Dockerfile +++ b/kotsadm/deploy/Dockerfile @@ -25,15 +25,12 @@ RUN useradd -c 'kotsadm user' -m -d /home/kotsadm -s /bin/bash -u 1001 kotsadm USER kotsadm ENV HOME /home/kotsadm -COPY ./deploy/backup.sh /backup.sh -COPY ./deploy/restore-db.sh /restore-db.sh -COPY ./deploy/restore-s3.sh /restore-s3.sh -COPY ./bin/kotsadm /kotsadm -COPY ./web/dist /web/dist -USER root -RUN chmod a+x /kotsadm -RUN chmod a+w /web/dist/* -USER kotsadm +COPY --chown=kotsadm:kotsadm ./deploy/backup.sh /backup.sh +COPY --chown=kotsadm:kotsadm ./deploy/restore-db.sh /restore-db.sh +COPY --chown=kotsadm:kotsadm ./deploy/restore-s3.sh /restore-s3.sh +COPY --chown=kotsadm:kotsadm ./bin/kotsadm /kotsadm +COPY --chown=kotsadm:kotsadm ./web/dist /web/dist + WORKDIR / EXPOSE 3000 diff --git a/kotsadm/kurl_proxy/deploy/Dockerfile b/kotsadm/kurl_proxy/deploy/Dockerfile index fe6fb5f79f..c6ff58b2bb 100644 --- a/kotsadm/kurl_proxy/deploy/Dockerfile +++ b/kotsadm/kurl_proxy/deploy/Dockerfile @@ -9,12 +9,9 @@ RUN useradd -c 'kotsadm user' -m -d /home/kotsadm -s /bin/bash -u 1001 kotsadm USER kotsadm ENV HOME /home/kotsadm -COPY ./bin/kurl_proxy /kurl_proxy -COPY ./assets /assets -USER root -RUN chmod a+x /kurl_proxy -RUN chmod a+w /assets/* -USER kotsadm +COPY --chown=kotsadm:kotsadm ./bin/kurl_proxy /kurl_proxy +COPY --chown=kotsadm:kotsadm ./assets /assets + WORKDIR / EXPOSE 8800 diff --git a/kotsadm/operator/deploy/Dockerfile b/kotsadm/operator/deploy/Dockerfile index aa25c737d9..63d21ab5eb 100644 --- a/kotsadm/operator/deploy/Dockerfile +++ b/kotsadm/operator/deploy/Dockerfile @@ -29,14 +29,11 @@ USER kotsadm-operator ENV HOME /home/kotsadm-operator # Install krew -ADD ./deploy/install-krew.sh /install-krew.sh +COPY --chown=kotsadm-operator:kotsadm-operator ./deploy/install-krew.sh /install-krew.sh RUN /install-krew.sh ENV PATH="$HOME/.krew/bin:$PATH" -COPY ./bin/kotsadm-operator /kotsadm-operator -USER root -RUN chmod a+x /kotsadm-operator -USER kotsadm-operator +COPY --chown=kotsadm-operator:kotsadm-operator ./bin/kotsadm-operator /kotsadm-operator # Install our plugins USER root