From 9c18bc650e0e38c4067db3e953f9e6d41a40876b Mon Sep 17 00:00:00 2001
From: MaysWind <i@mayswind.net>
Date: Fri, 4 Dec 2020 02:26:54 +0800
Subject: [PATCH] modify user of docker image

---
 Dockerfile                  | 13 ++++++++-----
 docker/docker-entrypoint.sh | 19 +------------------
 2 files changed, 9 insertions(+), 23 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index a3fd811b..6f0b8bd3 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -17,12 +17,15 @@ RUN npm install && npm run build
 FROM alpine:3.12.0
 LABEL maintainer="MaysWind <i@mayswind.net>"
 RUN addgroup -S -g 1000 labapp && adduser -S -G labapp -u 1000 labapp
-RUN apk --no-cache add su-exec tzdata
-COPY --from=be-builder /go/src/github.com/mayswind/lab/lab /usr/local/bin/labapp/lab
-COPY --from=fe-builder /go/src/github.com/mayswind/lab/dist /usr/local/bin/labapp/public
-COPY conf /usr/local/bin/labapp/conf
-WORKDIR /usr/local/bin/labapp
+RUN apk --no-cache add tzdata
 COPY docker/docker-entrypoint.sh /docker-entrypoint.sh
 RUN chmod +x /docker-entrypoint.sh
+RUN mkdir -p /usr/local/bin/labapp && chown 1000:1000 /usr/local/bin/labapp \
+  && mkdir -p /var/log/labapp && chown 1000:1000 /var/log/labapp
+WORKDIR /usr/local/bin/labapp
+COPY --from=be-builder --chown=1000:1000 /go/src/github.com/mayswind/lab/lab /usr/local/bin/labapp/lab
+COPY --from=fe-builder --chown=1000:1000 /go/src/github.com/mayswind/lab/dist /usr/local/bin/labapp/public
+COPY --chown=1000:1000 conf /usr/local/bin/labapp/conf
+USER 1000:1000
 EXPOSE 8080
 ENTRYPOINT ["/docker-entrypoint.sh"]
diff --git a/docker/docker-entrypoint.sh b/docker/docker-entrypoint.sh
index dfe580e6..a9c5bda0 100755
--- a/docker/docker-entrypoint.sh
+++ b/docker/docker-entrypoint.sh
@@ -1,23 +1,6 @@
 #!/bin/sh
 
 set -e;
-export LAB_USER=labapp;
-export LAB_GROUP=labapp;
-
-prepare_directories() {
-  local log_path="/var/log/labapp";
-
-  if [ "${LAB_LOG_PATH}" != "" ]; then
-    log_path="${LAB_LOG_PATH}";
-  fi
-
-  if [ ! -d "${log_path}" ]; then
-    mkdir ${log_path};
-    chown ${LAB_USER}:${LAB_GROUP} -R ${log_path};
-  fi
-}
-
-prepare_directories;
 
 conf_path_param="";
 
@@ -28,5 +11,5 @@ fi
 if [ $# -gt 0 ]; then
     exec "$@"
 else
-    exec su-exec ${LAB_USER} /usr/local/bin/labapp/lab server run ${conf_path_param};
+    exec /usr/local/bin/labapp/lab server run ${conf_path_param};
 fi