diff --git a/docker/Dockerfile b/docker/Dockerfile index bf097fb0f3..09446ccf56 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -1,9 +1,14 @@ -FROM openjdk:11.0.2-jre-slim-stretch +FROM openjdk:11.0.7-jre-slim-buster -COPY besu /opt/besu/ +RUN adduser --disabled-password --gecos "" --home /opt/besu besu && \ + chown besu:besu /opt/besu + +USER besu WORKDIR /opt/besu +COPY --chown=besu:besu besu /opt/besu/ + # Expose services ports # 8545 HTTP JSON-RPC # 8546 WS JSON-RPC diff --git a/docker/tests/01/goss.yaml b/docker/tests/01/goss.yaml index 1feb2a3407..0c12008473 100644 --- a/docker/tests/01/goss.yaml +++ b/docker/tests/01/goss.yaml @@ -4,22 +4,22 @@ file: /opt/besu/bin/besu: exists: true mode: "0755" - owner: root - group: root + owner: besu + group: besu filetype: file contains: [] /opt/besu/database: exists: true mode: "0755" - owner: root - group: root + owner: besu + group: besu filetype: directory contains: [] /opt/besu/key: exists: true mode: "0600" - owner: root - group: root + owner: besu + group: besu filetype: file contains: [] process: