From c988fab53948ddbdb399070bc379e9613273c068 Mon Sep 17 00:00:00 2001
From: vgenev <vgenev@gmail.com>
Date: Tue, 9 Feb 2021 16:34:40 +0200
Subject: [PATCH] fixed: refactored dockerfile to follow builder and not use
 root

---
 Dockerfile | 19 ++++++++++++++++---
 1 file changed, 16 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 1257209..039e412 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,4 @@
-FROM node:12.16.0-alpine
-
+FROM node:12.16.1-alpine as builder
 WORKDIR /opt/event-sidecar
 
 RUN apk add --no-cache -t build-dependencies git make gcc g++ python libtool autoconf automake \
@@ -8,12 +7,26 @@ RUN apk add --no-cache -t build-dependencies git make gcc g++ python libtool aut
     && npm install -g node-gyp
 
 COPY package.json package-lock.json* /opt/event-sidecar/
-RUN npm install --production
+RUN npm install
 
 RUN apk del build-dependencies
 
 COPY config /opt/event-sidecar/config
 COPY src /opt/event-sidecar/src
 
+FROM node:12.16.1-alpine
+WORKDIR /opt/event-sidecar
+
+# Create empty log file & link stdout to the application log file
+RUN mkdir ./logs && touch ./logs/combined.log
+RUN ln -sf /dev/stdout ./logs/combined.log
+
+# Create a non-root user: ml-user
+RUN adduser -D ml-user 
+USER ml-user
+
+COPY --chown=ml-user --from=builder /opt/event-sidecar .
+RUN npm prune --production
+
 EXPOSE 4001
 CMD ["npm", "run", "start"]