From 9d297a6a4b5ab61612d650352ba2bc1b66817def Mon Sep 17 00:00:00 2001
From: Matthew Lemon <y@yulqen.org>
Date: Mon, 22 Apr 2024 15:10:30 +0100
Subject: Trying to fix Dockerfile for non-root use

---
 Dockerfile | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 3c01103..f2e71d6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,12 +1,33 @@
 FROM docker.io/golang:alpine
 
+RUN addgroup -S app && adduser -S -g app app
+
 WORKDIR /app
 
 RUN apk add --update npm
 RUN npm i sass govuk-frontend --save
+
+# Switch to root user
+USER root
+
 COPY go.mod ./
 RUN go mod download && go mod verify
+
 COPY . .
-RUN go build -v -o /usr/local/bin/app ./cmd/web
-CMD ["app"]
+RUN chown -R app:app /app
+
+# Create a directory for the binary
+RUN mkdir /app/bin
+RUN chown app:app /app/bin
+
+# Switch back to app user
+USER app
+
+# Build the Go binary in the /app/bin directory
+RUN go build -v -o /app/bin/app ./cmd/web
+
+# Set the working directory to /app/bin
+WORKDIR /app/bin
+
+CMD ["./app"]
 EXPOSE 4000
-- 
cgit v1.2.3