[misc] narrow down write access/ownership for the run-time user

2020-02-19 12:06:28 +01:00
parent c5d10d02fc
commit 4ee0dc2471
4 changed files with 13 additions and 12 deletions
--- a/4
+++ b/4
@@ -24,7 +24,7 @@ COPY . /app
 FROM base

 COPY --from=app /app /app
-RUN mkdir -p db \
-&&  chown node:node db
+RUN mkdir -p cache compiles db \
+&&  chown node:node cache compiles db

 CMD ["node", "--expose-gc", "app.js"]