Securize Dockerfile (#506)

This commit is contained in:
Jerome Ducret 2022-08-21 23:06:14 +02:00 committed by GitHub
parent 2abac5d853
commit 6127642d30
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 8 additions and 4 deletions

View file

@ -1,4 +1,4 @@
FROM lukemathwalker/cargo-chef:latest-rust-1.59 AS chef FROM lukemathwalker/cargo-chef:latest-rust-1.63 AS chef
WORKDIR app WORKDIR app
FROM chef AS planner FROM chef AS planner
@ -16,9 +16,13 @@ RUN cargo chef cook --release --recipe-path recipe.json
COPY . . COPY . .
RUN cargo build --release --bin atuin RUN cargo build --release --bin atuin
FROM debian:bullseye-20211011-slim AS runtime FROM debian:bullseye-20220801-slim AS runtime
RUN useradd -c 'atuin user' atuin && mkdir /config && chown atuin:atuin /config
WORKDIR app WORKDIR app
USER atuin
ENV TZ=Etc/UTC ENV TZ=Etc/UTC
ENV RUST_LOG=atuin::api=info ENV RUST_LOG=atuin::api=info
ENV ATUIN_CONFIG_DIR=/config ENV ATUIN_CONFIG_DIR=/config

View file

@ -6,7 +6,7 @@ use serde::{Deserialize, Serialize};
use atuin_common::utils::uuid_v4; use atuin_common::utils::uuid_v4;
// Any new fields MUST be Optional<>! // Any new fields MUST be Optional<>!
#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, sqlx::FromRow)] #[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq, sqlx::FromRow)]
pub struct History { pub struct History {
pub id: String, pub id: String,
pub timestamp: chrono::DateTime<Utc>, pub timestamp: chrono::DateTime<Utc>,

View file

@ -24,7 +24,7 @@ pub enum SearchMode {
Fuzzy, Fuzzy,
} }
#[derive(Clone, Debug, Deserialize, Copy, PartialEq)] #[derive(Clone, Debug, Deserialize, Copy, PartialEq, Eq)]
pub enum FilterMode { pub enum FilterMode {
#[serde(rename = "global")] #[serde(rename = "global")]
Global, Global,