From f5ba296a7d25e48bfc7a64b7270eb156cd5b992c Mon Sep 17 00:00:00 2001
From: rjonczy <robert.jonczy@gmail.com>
Date: Wed, 6 Dec 2023 12:31:04 +0100
Subject: [PATCH] add sh and composable user

---
 Dockerfile | 21 ++++++++++++++++++---
 1 file changed, 18 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a56934060..db1742944 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -53,16 +53,30 @@ RUN --mount=type=cache,target=/root/.cache/go-build \
         -o /centauri/build/centaurid \
         /centauri/cmd/centaurid
 
+
 # --------------------------------------------------------
-# Runner
+# toolkit
 # --------------------------------------------------------
 
+FROM busybox:1.35.0-uclibc as busybox
+RUN addgroup --gid 1025 -S composable && adduser --uid 1025 -S composable -G composable
+
+
+# --------------------------------------------------------
+# Runner
+# --------------------------------------------------------
 FROM ${RUNNER_IMAGE}
 
+COPY --from=busybox:1.35.0-uclibc /bin/sh /bin/sh
+
 COPY --from=builder /centauri/build/centaurid /bin/centaurid
 
-ENV HOME /centauri
-WORKDIR $HOME
+# Install composable user
+COPY --from=busybox /etc/passwd /etc/passwd
+COPY --from=busybox --chown=1025:1025 /home/composable /home/composable
+
+WORKDIR /home/composable
+USER composable
 
 # rest server
 EXPOSE 1317
@@ -72,4 +86,5 @@ EXPOSE 26656
 EXPOSE 26657
 # grpc
 EXPOSE 9090
+
 ENTRYPOINT ["centaurid"]
\ No newline at end of file