From dcb1321a0d2c77cbe055e65f657a900e57c5e8bb Mon Sep 17 00:00:00 2001
From: Berry den Hartog <38954346+berrydenhartog@users.noreply.github.com>
Date: Wed, 1 May 2024 07:29:43 +0000
Subject: [PATCH] Fix security issues in Dockerfile

---
 Dockerfile | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 08ace8ff..1db7f339 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -29,7 +29,10 @@ ENV PATH="/app/.venv/bin:$PATH"
 
 FROM project-base AS development
 
-COPY . .
+COPY ./tad/ ./tad/
+COPY ./tests/ ./tests/
+COPY ./script/ ./script/
+COPY ./README.md ./README.md
 RUN poetry install
 
 FROM development AS lint
@@ -44,7 +47,9 @@ RUN coverage report
 
 FROM project-base AS production
 
-COPY ./tad /app/tad
+USER tad
+
+COPY --chown=root:root --chmod=755 ./tad /app/tad
 
 # change this to a usefull command
 CMD ["python", "-m", "tad" ]