pezkuwichain/pezkuwi-subxt
1
0
Fork 0
mirror of https://github.com/pezkuwichain/pezkuwi-subxt.git synced 2026-06-10 17:11:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

non-root user for running node in Dockerfile (#369)

Browse Source
This commit is contained in:
Federico Gimenez
2019-08-16 13:42:37 +02:00
committed by Gavin Wood
parent 481ded5509
commit 1054a531b5
1 changed files with 8 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
polkadot/docker/Dockerfile
+8 -6
View File
@@ -1,4 +1,4 @@
FROM phusion/baseimage:0.10.1 as builder
FROM phusion/baseimage:0.10.2 as builder
LABEL maintainer "chevdor@gmail.com"
LABEL description="This is the build stage for Polkadot. Here we create the binary."
@@ -17,7 +17,7 @@ RUN curl https://sh.rustup.rs -sSf | sh -s -- -y && \
# ===== SECOND STAGE ======
FROM phusion/baseimage:0.10.0
FROM phusion/baseimage:0.10.2
LABEL maintainer "chevdor@gmail.com"
LABEL description="This is the 2nd stage: a very small image where we copy the Polkadot binary."
ARG PROFILE=release
@@ -27,11 +27,13 @@ RUN mv /usr/share/ca* /tmp && \
rm -rf /usr/share/* && \
mv /tmp/ca-certificates /usr/share/ && \
rm -rf /usr/lib/python* && \
mkdir -p /root/.local/share/polkadot && \
ln -s /root/.local/share/polkadot /data
RUN rm -rf /usr/bin /usr/sbin
rm -rf /usr/bin /usr/sbin && \
useradd -m -u 1000 -U -s /bin/sh -d /polkadot polkadot && \
mkdir -p /polkadot/.local/share/polkadot && \
chown -R polkadot:polkadot /polkadot/.local && \
ln -s /polkadot/.local/share/polkadot /data
USER polkadot
EXPOSE 30333 9933 9944
VOLUME ["/data"]