Skip to content

Update Dockerfile with secure base image and non-root user #24003

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
ajeetraina wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Update Dockerfile with secure base image and non-root user #24003

ajeetraina wants to merge 3 commits into from
+18 −8

Conversation

@ajeetraina
Copy link
Contributor

@ajeetraina ajeetraina commented Jan 21, 2026

  • Use node:24-alpine base image
  • Run as non-root user (node) for security
  • Create /etc/todos directory with proper permissions

Description

Related issues or tickets

Reviews

  • Technical review
  • Editorial review
  • Product review

@ajeetraina
Update Dockerfile with secure base image and non-root user
274b6d8 
- Use node:24-alpine base image
- Run as non-root user (node) for security
- Create /etc/todos directory with proper permissions
@netlify
Copy link

netlify bot commented Jan 21, 2026
edited
Loading

Deploy Preview for docsdocker ready!

Name Link
🔨 Latest commit 8aa5e68
🔍 Latest deploy log https://app.netlify.com/projects/docsdocker/deploys/6971d0cf256286000877512a
😎 Deploy Preview https://deploy-preview-24003--docsdocker.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify project configuration.

@github-actions github-actions bot added the area/get-started Relates to get started and onboarding docs label Jan 21, 2026
@ajeetraina ajeetraina mentioned this pull request Jan 21, 2026
Open
1 task
@craig-osterhout craig-osterhout requested a review from a team January 21, 2026 18:07
@craig-osterhout craig-osterhout mentioned this pull request Jan 21, 2026
Open
craig-osterhout
craig-osterhout reviewed Jan 21, 2026
View reviewed changes
MikeMcC399
MikeMcC399 reviewed Jan 21, 2026
View reviewed changes
@MikeMcC399
Copy link

MikeMcC399 commented Jan 22, 2026

The Dockerfile is now more complex that the original one. The extra steps:

  • adding node user
  • removing the npm package manager

either need to be explained, or they should be omitted and left for a later stage where optimizations, such as security / reducing image size, etc. can be described.

@ajeetraina
Copy link
Contributor Author

ajeetraina commented Jan 22, 2026
edited
Loading

@MikeMcC399 If you notice Parts 5 (Bind Mounts), 7 (Docker Compose), and 8 (Image-building best practices) all still use yarn install && yarn run dev commands throughout. We might need to work on revamping the entire workshop to migrate consistently from Yarn to npm across all parts. This will ensure a cohesive learning experience while addressing the Yarn v1 deprecation properly. Will update this PR once the comprehensive changes are ready.

Regarding the USER entry in the Dockerfile - it's required. Otherwise, users will encounter permission issues. I can add 1-2 lines explaining what it is and why it is required.

@ajeetraina
Enhance Dockerfile description with detailed points
8aa5e68 
Updated the explanation of the Dockerfile to provide a detailed breakdown of its components and functionality.
@ajeetraina
Copy link
Contributor Author

ajeetraina commented Jan 23, 2026

@craig-osterhout @MikeMcC399 I will be raising a separate PR that replaces all occurances of Yarn with NPM in order to maintain consistency.

@MikeMcC399
Copy link

MikeMcC399 commented Jan 23, 2026

@ajeetraina

I will be raising a separate PR that replaces all occurances of Yarn with NPM in order to maintain consistency.

Why not add the changes into this PR? They belong together.

Also, if you are writing "npm", you should use lower case. See https://github.com/npm/cli#faq-on-branding.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@craig-osterhout craig-osterhout craig-osterhout left review comments

+1 more reviewer

@MikeMcC399 MikeMcC399 MikeMcC399 left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

area/get-started Relates to get started and onboarding docs status/review

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@ajeetraina @MikeMcC399 @craig-osterhout