From 69516f210d667cc3207edf41a8e4cf164dc88b2f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Ota=CC=81vio=20Fernandes?= <ofernandes@schubergphilis.com>
Date: Sun, 31 Mar 2019 09:28:17 +0200
Subject: [PATCH] Dedicated user in Docker image.

---
 Dockerfile | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index eaa696f..b35df33 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -33,13 +33,16 @@ ENV GO_DOMAIN="github.com" \
     GO_PROJECT="vault-handler"
 
 ENV APP_DIR="${GOPATH}/src/${GO_DOMAIN}/${GO_GROUP}/${GO_PROJECT}" \
-    VAULT_HANDLER_OUTPUT_DIR="/vault/secrets"
+    USER_UID="1111" \
+    VAULT_HANDLER_OUTPUT_DIR="/var/lib/vault-handler"
 
 RUN apk --update add bash
 COPY --from=builder ${APP_DIR}/build/${GO_PROJECT} /usr/local/bin/${GO_PROJECT}
 
-RUN mkdir -v -p ${VAULT_HANDLER_OUTPUT_DIR}
-WORKDIR ${VAULT_HANDLER_OUTPUT_DIR}
+RUN adduser -h ${VAULT_HANDLER_OUTPUT_DIR} -D -u ${USER_UID} ${GO_PROJECT}
+USER ${USER_UID}
+
 VOLUME ${VAULT_HANDLER_OUTPUT_DIR}
+WORKDIR ${VAULT_HANDLER_OUTPUT_DIR}
 
 ENTRYPOINT [ "/usr/local/bin/vault-handler" ]