From 65e72986df0e30935601c719bf41cefc8be6df59 Mon Sep 17 00:00:00 2001
From: David Peters <57600507+peters-david@users.noreply.github.com>
Date: Thu, 9 Jan 2025 16:03:26 +0100
Subject: [PATCH] add nonroot user to build stage (#76)

---
 Dockerfile | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index db62042..86bc10d 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -29,6 +29,7 @@ RUN python -m venv /venv && \
     ls -lha
 
 FROM base AS test
+USER nonroot
 COPY --from=builder /install /usr/local
 COPY tests/ /tests/
 WORKDIR /tests
@@ -37,4 +38,5 @@ RUN python3 -m unittest discover -v -s .
 # Always use the latest image
 # hadolint ignore=DL3007
 FROM cgr.dev/chainguard/wolfi-base:latest
+USER nonroot
 COPY --from=native-builder /install/harbor.bin /usr/local/harbor