From 35040f3c5455c8e977f186a037bb079409178d15 Mon Sep 17 00:00:00 2001
From: Conrad <grosserconrad@gmail.com>
Date: Sun, 24 Nov 2024 17:24:05 +0100
Subject: [PATCH] fix: fixed security concern

---
 Dockerfile | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 8f2d187..8566085 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,6 +1,9 @@
 FROM python:3.12-slim
 ARG VERSION=unknown
 
+# Create a non-root user
+RUN useradd appuser
+
 WORKDIR /app
 COPY . .
 
@@ -14,11 +17,17 @@ RUN pip install --no-cache-dir --upgrade -r requirements.txt
 
 ENV ENV=DEV
 
+# Switch to non-root user
+USER appuser
+
 EXPOSE 8000
 CMD ["uvicorn", "app.main:app", "--host", "0.0.0.0", "--port", "8000"]
 
 # Install curl
+USER root
 RUN apt-get update && apt-get install --no-install-recommends -y curl && apt-get clean
 
+# Switch back to non-root user for healthcheck
+USER appuser
 HEALTHCHECK --interval=30s --timeout=10s --retries=5 \
   CMD curl --fail http://localhost:8000/openapi.json || exit 1