From 72c4e10ad1b23e775b740023e1dd1f2d4091e1a4 Mon Sep 17 00:00:00 2001
From: Brandon Clayton <bclayton@usgs.gov>
Date: Tue, 8 Aug 2023 16:14:31 -0600
Subject: [PATCH] use chown

---
 Dockerfile    | 14 +++++++++-----
 ws.Dockerfile | 10 ++++++++--
 2 files changed, 17 insertions(+), 7 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index d420d043..35dacdf7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -69,12 +69,16 @@ VOLUME [ "${MODEL_PATH}", "${OUTPUT_PATH}" ]
 
 WORKDIR /app
 
-COPY --from=builder /app/build/libs/nshmp-haz.jar .
-COPY scripts scripts
-
 USER root
 
-RUN yum install -y jq \
-    && echo "{}" > "${CONFIG_FILE}"
+RUN yum install -y jq && \
+    chown -R usgs-user:usgs-user /app
+
+USER usgs-user
+
+COPY --from=builder --chown=usgs-user:usgs-user /app/build/libs/nshmp-haz.jar .
+COPY --chown=usgs-user:usgs-user scripts scripts
+
+RUN echo "{}" > "${CONFIG_FILE}"
 
 ENTRYPOINT [ "bash", "scripts/docker-entrypoint.sh" ]
diff --git a/ws.Dockerfile b/ws.Dockerfile
index cbf70cad..3f729424 100644
--- a/ws.Dockerfile
+++ b/ws.Dockerfile
@@ -52,8 +52,14 @@ ENV MODELS_DIRECTORY="/app/model"
 
 WORKDIR /app
 
-COPY --from=builder /app/build/libs/nshmp-haz.jar .
-COPY --from=builder /app/nshms.yml .
+USER root
+
+RUN chown -R usgs-user:usgs-user /app
+
+USER usgs-user
+
+COPY --from=builder --chown=usgs-user:usgs-user /app/build/libs/nshmp-haz.jar .
+COPY --from=builder --chown=usgs-user:usgs-user /app/nshms.yml .
 
 VOLUME [ "${MODELS_DIRECTORY}" ]
 
-- 
GitLab