Merge pull request 'ci: user in docker' (#22) from ci/image into develop

Reviewed-on: https://hattori.ztsh.eu/iac/karl/pulls/22
2025-12-18 22:24:10 +01:00 · 2025-12-18 22:24:10 +01:00 · 3f21a29a8b
commit 3f21a29a8b
parent 7f0e4f6dfb c38681a01b
1 changed files with 22 additions and 8 deletions
--- a/30
+++ b/30
@ -16,18 +16,32 @@ RUN --mount=type=cache,target=/root/.cache/uv \

 FROM python:3.12-alpine3.22

+ENV USER=karl
+ENV GROUPNAME=$USER
+ENV UID=1000
+ENV GID=1000
+ENV PYTHONPATH="/app"
+
+EXPOSE 8081
+WORKDIR /app
+ENTRYPOINT ["/app/.venv/bin/python"]
+
+RUN addgroup \
+    --gid "$GID" \
+    "$GROUPNAME" \
+&&  adduser \
+    --disabled-password \
+    --gecos "" \
+    --home "$(pwd)" \
+    --ingroup "$GROUPNAME" \
+    --no-create-home \
+    --uid "$UID" \
+    $USER
+
 RUN apk update --no-cache \
    && apk add --no-cache git

 COPY --from=builder --chown=app:app /app/.venv /app/.venv
 COPY --from=builder --chown=app:app /app/src /app/src

-ENV PYTHONPATH="/app"
-
-EXPOSE 8081
-
-WORKDIR /app
-
-ENTRYPOINT ["/app/.venv/bin/python"]
-
 CMD ["/app/src/karl/__init__.py"]