Skip to content

Commit

Permalink
add nonroot user to build stage
Browse files Browse the repository at this point in the history
  • Loading branch information
@peters-david
peters-david committed Dec 18, 2024
1 parent 9ee4cee commit c25149d
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ RUN python -m venv /venv && \
ls -lha

FROM base AS test
USER nonroot
COPY --from=builder /install /usr/local
COPY tests/ /tests/
WORKDIR /tests
Expand All @@ -37,4 +38,5 @@ RUN python3 -m unittest discover -v -s .
# Always use the latest image
# hadolint ignore=DL3007
FROM cgr.dev/chainguard/wolfi-base:latest
USER nonroot
COPY --from=native-builder /install/harbor.bin /usr/local/harbor

0 comments on commit c25149d

Please sign in to comment.