File tree Expand file tree Collapse file tree 4 files changed +13
-3
lines changed
Expand file tree Collapse file tree 4 files changed +13
-3
lines changed Original file line number Diff line number Diff line change 6363 with :
6464 push : true
6565 file : docker/Dockerfile
66+ provenance : mode=max
67+ sbom : true
6668 tags : |
6769 surrealdb/surrealist:latest
6870 surrealdb/surrealist:${{ needs.version.outputs.version }}
Original file line number Diff line number Diff line change 6868 platforms : linux/amd64,linux/arm64
6969 push : true
7070 file : docker/Dockerfile
71+ provenance : mode=max
72+ sbom : true
7173 tags : |
7274 surrealdb/surrealist:latest
7375 surrealdb/surrealist:${{ needs.version.outputs.version }}
Original file line number Diff line number Diff line change @@ -24,9 +24,15 @@ RUN mkdir html
2424WORKDIR /
2525
2626RUN rm /etc/nginx/conf.d/default.conf
27+ RUN addgroup -S surrealist && adduser -S -D -H -s /sbin/nologin -G surrealist surrealist
28+ RUN mkdir -p /var/cache/nginx /var/run/nginx /var/log/nginx \
29+ && chown -R surrealist:surrealist /var/cache/nginx /var/run/nginx /var/log/nginx
2730
2831COPY --from=builder /app/dist /usr/share/nginx/html
2932COPY ./docker/nginx/nginx.conf /etc/nginx
33+ RUN chown -R surrealist:surrealist /usr/share/nginx/html /etc/nginx
34+
35+ USER surrealist
3036
3137EXPOSE 8080
32- CMD ["nginx" , "-g" , "daemon off;" ]
38+ CMD ["nginx" , "-g" , "daemon off;" ]
Original file line number Diff line number Diff line change 1- user nginx;
1+ pid /var/run/ nginx/nginx. pid ;
22
33worker_processes auto;
44
6363 gzip_static on;
6464 gunzip on;
6565 }
66- }
66+ }
You can’t perform that action at this time.
0 commit comments