fix: Lift user priviledges.
Browse files- Dockerfile +8 -6
Dockerfile
CHANGED
|
@@ -3,17 +3,19 @@
|
|
| 3 |
|
| 4 |
FROM python:3.9
|
| 5 |
|
|
|
|
|
|
|
| 6 |
|
| 7 |
-
|
|
|
|
| 8 |
|
| 9 |
-
|
|
|
|
| 10 |
|
| 11 |
-
|
| 12 |
|
| 13 |
-
|
| 14 |
|
| 15 |
-
# Change the port number of our Wave app to 7860
|
| 16 |
-
# which is default in Hugging Face Spaces.
|
| 17 |
ENV H2O_WAVE_LISTEN=":7860"
|
| 18 |
ENV H2O_WAVE_ADDRESS='http://127.0.0.1:7860'
|
| 19 |
|
|
|
|
| 3 |
|
| 4 |
FROM python:3.9
|
| 5 |
|
| 6 |
+
COPY requirements.txt .
|
| 7 |
+
RUN pip install --no-cache-dir --upgrade -r requirements.txt
|
| 8 |
|
| 9 |
+
RUN useradd -m -u 1000 user
|
| 10 |
+
USER user
|
| 11 |
|
| 12 |
+
ENV HOME=/home/user
|
| 13 |
+
ENV PATH=/home/user/.local/bin:$PATH
|
| 14 |
|
| 15 |
+
WORKDIR $HOME/app
|
| 16 |
|
| 17 |
+
COPY --chown=user . $HOME/app
|
| 18 |
|
|
|
|
|
|
|
| 19 |
ENV H2O_WAVE_LISTEN=":7860"
|
| 20 |
ENV H2O_WAVE_ADDRESS='http://127.0.0.1:7860'
|
| 21 |
|