Hardening of the Backend docker image (#379)

* Add script to build the backend * harden the backend docker image * fix docker-compose * fix doc
2026-06-13 08:01:02 +00:00 · 2021-08-26 14:32:11 +02:00
parent 238d529eae
commit 19db1a48ef
5 changed files with 48 additions and 7 deletions
@@ -10,7 +10,7 @@ RUN cargo build --${PROFILE} --bins
 # MAIN IMAGE FOR PEOPLE TO PULL --- small one#
 FROM docker.io/debian:buster-slim
 LABEL maintainer="Parity Technologies"
-LABEL description="Polkadot Telemetry backend shard/core binaries, static build"
+LABEL description="Substrate Telemetry Backend shard/core binaries, static build"

 ARG PROFILE=release
 WORKDIR /usr/local/bin
@@ -18,7 +18,13 @@ WORKDIR /usr/local/bin
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 COPY --from=builder /app/target/$PROFILE/telemetry_shard /usr/local/bin
 COPY --from=builder /app/target/$PROFILE/telemetry_core /usr/local/bin
-RUN apt-get -y update && apt-get -y install openssl && apt-get autoremove -y && apt-get clean && rm -rf /var/lib/apt/lists/

+RUN useradd -m -u 1000 -U telemetry && \
+    apt-get -y update && \
+    apt-get -y install openssl && \
+    apt-get autoremove -y && \
+    apt-get clean && \
+    rm -rf /var/lib/apt/lists/
+
+USER telemetry
 EXPOSE 8000
-