Fix Docker deployment (#685)

* feat: add Docker image build and push to GHCR on release Add Dockerfile (multi-stage build with node:22-slim) and a new docker job in the release workflow that builds and pushes to ghcr.io when release-please creates a tag. * feat(docker): run as non-root user and add smoke test Run the container as a non-root appuser to reduce blast radius. Add a smoke test step that runs --version before pushing to GHCR. * fix(docker): use existing node user instead of creating appuser Closes #681
2026-04-14 19:22:08 +02:00
parent 131b31bf0e
commit 0ed50ccfe7
1 changed files with 1 additions and 4 deletions
--- a/5
+++ b/5
@@ -41,9 +41,6 @@ RUN apt-get update && apt-get install -y --no-install-recommends git \
    && rm -rf /var/lib/apt/lists/*

 # Run as non-root user
-RUN groupadd --gid 1000 appuser && useradd --uid 1000 --gid appuser --shell /bin/bash --create-home appuser
-USER appuser
-WORKDIR /home/appuser
-ENV HOME=/home/appuser
+USER node

 ENTRYPOINT ["node", "/app/dist/cli.mjs"]