Comments (4)
NodeGuy
commented on May 20, 2024
3
Not really, but thank you for linking to it.
Docker's Best practices for writing Dockerfiles reads, "If a service can run without privileges, use USER to change to a non-root user." I think we should do that it.
I opted to create my own version of the -onbuild Dockerfile:
FROM node:0.10
# Copy steps from -onbuild because we don't want to run as root.
ENV user node
RUN groupadd --system $user && useradd --system --create-home --gid $user $user
COPY . /home/$user/
WORKDIR /home/$user
RUN chown $user --recursive .
USER $user
RUN npm install
CMD [ "npm", "start" ]from docker-node.
rmustacc
commented on May 20, 2024
Does #1 answer your question?
from docker-node.
chorrell
commented on May 20, 2024
There's an ongoing discussion about this in #1
For now, creating your own Dockerfile is the way to role if you're concerned about running things as root.
from docker-node.
chorrell
commented on May 20, 2024
Closing as a dupe of #1
from docker-node.
Related Issues (20)
- Error trying to build multi-arch image for 20.10.0 for alpine:3.18 (linux/arm64/v8, linux/amd64) HOT 1
- Dockerfile FROM node:18-alpine as nodebuilder error HOT 3
- not able to run Nodejs HOT 2
- Latest docker build breaks node-gyp in node-18 HOT 16
- 18-alpine3.19 throws error while installing python HOT 3
- Add note to DockerHub indicating Alpine images rely on experimental and unofficial-builds HOT 4
- Nodejs container version node:16.14.2-slim suddenly failed to start suggestion fix "chmod 1000:0 /root/.npm" HOT 2
- node:20.11.0 The RUN command not work while running the Dockerfile. HOT 4
- All images are ubuntu jammy
- Node 20.10 to 20.11 regression using stream readables, discovered using google cloud sdk HOT 1
- node 21.6.1 HOT 1
- Heads up on security release pland for 6 Feb 2024 HOT 3
- docker stop not triggering shutdown signal [v20] HOT 1
- CVE-2023-42282 An issue in NPM IP Package when scanning with trivy HOT 5
- Minor change in unofficial-builds workflow HOT 6
- 20.11.1-bullseye-slim: no matching manifest for linux/arm64/v8 in the manifest list entries
- 20.11.1-bullseye-slim: no matching manifest for linux/arm64/v8 in the manifest list entries HOT 1
- node:lts-alpine apk not found HOT 2
- Major bug was fixed in [email protected] concerning nodejs images. HOT 3
- node:lts-slim has vulnerability - CVE-2023-42282 - due to not updated npm ip package HOT 2
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from docker-node.