From 4b096f78dd977841d79c134d8f924b22b7ecdca8 Mon Sep 17 00:00:00 2001
From: Jing Tao <tao@nceas.ucsb.edu>
Date: Thu, 2 Feb 2023 10:58:36 -0800
Subject: [PATCH] The user d1indexer rather than root to run the container.
 https://github.com/DataONEorg/dataone-indexer/issues/46

---
 docker/Dockerfile | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index 1d1c40f9..195f3c12 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -16,11 +16,21 @@ RUN apt install figlet
 RUN apt install curl
 RUN apt install nano
 
+#Add a user with name d1indexer
+RUN useradd d1indexer
+
 # The most recently built jar file is copied from the maven build directory to this dir by maven, so that
 # it can be copied to the image.
 COPY ../target/dataone-index-worker-${TAG}-shaded.jar .
 COPY ./docker/entrypoint.sh .
 
+# Change the ownership of the jar and sh files
+RUN chown d1indexer dataone-index-worker-${TAG}-shaded.jar
+RUN chown d1indexer entrypoint.sh
+
+#Run Container as d1indexer
+USER d1indexer
+
 # Connect this image to a GitHub repository
 LABEL org.opencontainers.image.source https://github.com/dataoneorg/dataone-indexer