From f15ac4d7954d522d0b11a7d22db15f7c507d02d1 Mon Sep 17 00:00:00 2001
From: halprin <halprin@users.noreply.github.com>
Date: Thu, 22 Aug 2024 10:58:23 -0600
Subject: [PATCH] Reduce the permissions for running application in Docker
 container

---
 Dockerfile | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 84348a2ff..f4e863255 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,15 +1,18 @@
 # Use Linux-Alpine image
 FROM amazoncorretto:17.0.12-alpine
 
-RUN apk -U upgrade
+RUN apk update && apk -U upgrade && rm -rf /var/cache/apk/*
+
+RUN adduser -S myLowPrivilegeUser
+USER myLowPrivilegeUser
 
 ARG JAR_LIB_FILE=./app/build/libs/app-all.jar
 
 # Create directory and switch to it
-WORKDIR /app
+WORKDIR /home/myLowPrivilegeUser/app/
 
 # Add application JAR to created folder
-COPY ${JAR_LIB_FILE} app.jar
+COPY --chown=myLowPrivilegeUser ${JAR_LIB_FILE} app.jar
 
 # Run the api
 CMD ["java", "-jar", "app.jar"]