From 420ada5efbc923b57e099e202e7df5051ec45019 Mon Sep 17 00:00:00 2001
From: Max Sokolovsky <genexpr@protonmail.com>
Date: Tue, 12 Sep 2023 18:50:39 -0400
Subject: [PATCH 1/2] Run container as a non-root user

---
 Dockerfile | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 94bf936d..aabacc9e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -8,7 +8,16 @@ RUN \
     CGO_ENABLED=0 go build -ldflags "-extldflags -static -s" -o /steve
 
 FROM registry.suse.com/bci/bci-micro:15.5.11.2
+
+ARG user=steve
+
+RUN echo "$user:x:1000:1000::/home/$user:/bin/bash" >> /etc/passwd && \
+    echo "$user:x:1000:" >> /etc/group && \
+    mkdir /home/$user && \
+    chown -R $user:$user /home/$user
+
 COPY --from=build /steve /usr/bin/steve
 # Hack to make golang do files,dns search order
 ENV LOCALDOMAIN=""
+USER $user
 ENTRYPOINT ["/usr/bin/steve"]

From 5b630912b31d8893ae6ad190c8bb56c84005a8df Mon Sep 17 00:00:00 2001
From: Max Sokolovsky <genexpr@protonmail.com>
Date: Wed, 13 Sep 2023 10:00:48 -0400
Subject: [PATCH 2/2] Use a less specific base bci-micro:15.5 to get the latest
 version

---
 Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index aabacc9e..c2729050 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,7 +7,7 @@ RUN \
     cd /src && \
     CGO_ENABLED=0 go build -ldflags "-extldflags -static -s" -o /steve
 
-FROM registry.suse.com/bci/bci-micro:15.5.11.2
+FROM registry.suse.com/bci/bci-micro:15.5
 
 ARG user=steve