Skip to content

Use a non-root user in container images for improved security #17

Description

@sourcery-ai

Currently, our container images default to running the application as the root user. For improved security, we should create and switch to a non-root user before starting the application. This change will help reduce the risk of privilege escalation and other security vulnerabilities.

Action items:

  • Update the main application container to use a non-root user.
  • Apply the same change to builder/Containerfile to ensure consistency and security across all container builds.

Suggested steps:

  1. Create a non-root user in the Dockerfile/Containerfile.
  2. Set the user context to the newly created non-root user before starting the application.
  3. Test the containers to ensure the application runs correctly under the non-root user.

Let’s track this enhancement here so it isn’t forgotten.


I created this issue for @lcarva from #16 (comment).

Tips and commands

Getting Help

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions