From 4b465563b4742dce27cba05306949fe269d8ed55 Mon Sep 17 00:00:00 2001
From: stefanprodan <stefan.prodan@gmail.com>
Date: Fri, 24 Apr 2020 10:14:45 +0300
Subject: [PATCH] build: run controller as a non-root user

---
 Dockerfile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index f2802dd9..4087d650 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -24,4 +24,8 @@ RUN apk add --no-cache openssh-client ca-certificates tini 'git>=2.12.0' socat c
 
 COPY --from=builder /workspace/source-controller /usr/local/bin/
 
+RUN addgroup -S controller && adduser -S -g controller controller
+
+USER controller
+
 ENTRYPOINT [ "/sbin/tini", "--", "source-controller" ]