FROM alpine:3.22
# Create non-root user
RUN addgroup -g 1000 nonrootgroup && \
adduser -D -u 1000 -G nonrootgroup nonrootuser
WORKDIR /app
COPY --chown=nonrootuser:nonrootgroup ...
# Switch to non-root user
USER nonrootuser# Create non-root system user with explicit UID/GID
RUN addgroup --system --gid 1001 nonrootgroup && \
adduser --system --uid 1001 --ingroup nonrootgroup nonrootuser
WORKDIR /app
COPY --chown=nonrootuser:nonrootgroup ...
# Switch to non-root user
USER nonrootuser