Spaces:
Sleeping
Sleeping
Update Dockerfile
Browse files- Dockerfile +5 -3
Dockerfile
CHANGED
|
@@ -20,17 +20,19 @@ WORKDIR /app
|
|
| 20 |
COPY --from=build-stage /usr/local/lib/python3.9/site-packages /usr/local/lib/python3.9/site-packages
|
| 21 |
COPY --from=build-stage /usr/local/bin /usr/local/bin
|
| 22 |
|
|
|
|
|
|
|
|
|
|
| 23 |
# Copy application code
|
| 24 |
COPY . /app
|
| 25 |
|
| 26 |
-
# Change ownership of /app to flaskuser
|
| 27 |
RUN chown -R flaskuser:flaskuser /app
|
| 28 |
|
| 29 |
# Remove pip cache and unnecessary files (optional)
|
| 30 |
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
| 31 |
|
| 32 |
-
#
|
| 33 |
-
RUN useradd -m flaskuser
|
| 34 |
USER flaskuser
|
| 35 |
|
| 36 |
# Expose the port your Flask app will run on
|
|
|
|
| 20 |
COPY --from=build-stage /usr/local/lib/python3.9/site-packages /usr/local/lib/python3.9/site-packages
|
| 21 |
COPY --from=build-stage /usr/local/bin /usr/local/bin
|
| 22 |
|
| 23 |
+
# Add non-root user and switch to it for better security
|
| 24 |
+
RUN useradd -m flaskuser
|
| 25 |
+
|
| 26 |
# Copy application code
|
| 27 |
COPY . /app
|
| 28 |
|
| 29 |
+
# Change ownership of /app to flaskuser after user is created
|
| 30 |
RUN chown -R flaskuser:flaskuser /app
|
| 31 |
|
| 32 |
# Remove pip cache and unnecessary files (optional)
|
| 33 |
RUN apt-get clean && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
|
| 34 |
|
| 35 |
+
# Switch to the non-root user
|
|
|
|
| 36 |
USER flaskuser
|
| 37 |
|
| 38 |
# Expose the port your Flask app will run on
|