From d75e599d1700fd16ada838eda8b5f4825aa80131 Mon Sep 17 00:00:00 2001
From: River Phillips <river.phillips@mettle.co.uk>
Date: Mon, 9 Sep 2024 14:23:04 +0100
Subject: [PATCH] Run Docker as Non Root

---
 Dockerfile           | 4 ++++
 Dockerfile.gorelease | 3 +++
 2 files changed, 7 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index e2f28e4a..96a3a77b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,6 +14,10 @@ FROM alpine:3.19
 
 LABEL maintainer="LinkedIn Burrow https://github.com/linkedin/Burrow"
 
+RUN adduser -u 10001 burrow -D
+USER burrow
+WORKDIR /app
+
 COPY --from=builder /tmp/burrow /app/
 COPY docker-config/burrow.toml /etc/burrow/
 
diff --git a/Dockerfile.gorelease b/Dockerfile.gorelease
index 0da90a61..5f8147a8 100644
--- a/Dockerfile.gorelease
+++ b/Dockerfile.gorelease
@@ -1,6 +1,9 @@
 FROM alpine:3.19
 LABEL maintainer="LinkedIn Burrow https://github.com/linkedin/Burrow"
 
+RUN adduser -u 10001 burrow -D
+USER burrow
+
 WORKDIR /app
 COPY burrow /app/