Merge pull request #71 from graphprotocol/muhammad/fix-dockerfile-permissions

fix dockerfile and add non-root user

Author: DaMandal0rian

Dockerfile

@@ -51,6 +51,17 @@ COPY pyproject.toml ./
 # Create healthcheck file
 RUN touch /app/healthcheck
 
+# Create non-root user with UID 1000 for improved security
+# This ensures the application can write to /app/healthcheck at runtime
+RUN groupadd -f -g 1000 oracle && \
+    useradd -u 1000 -g oracle -s /bin/bash -m oracle
+
+# Change ownership of all /app files to the oracle user
+RUN chown -R oracle:oracle /app
+
+# Switch to non-root user for runtime security
+USER oracle
+
 # Use Tini as entrypoint for proper signal handling
 ENTRYPOINT ["/usr/bin/tini", "--"]