From 14b4bafa25c035c20b0c7fc08785f4866dff1e90 Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Sat, 10 Sep 2022 13:51:51 +0200
Subject: [PATCH] Use user in container instead of root

---
 .drone.yml | 6 ++++++
 Dockerfile | 3 ++-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/.drone.yml b/.drone.yml
index 74c7c53..1f9f7e0 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -62,8 +62,14 @@ workspace:
    path: /work
 
 steps:
+- name: apply permissions
+  image: registry.nemunai.re/atsebay.t-worker
+  commands:
+  - chown 1000:1000 /work
+
 - name: extract submission
   image: registry.nemunai.re/atsebay.t-worker
+  user: 1000
   environment:
     SSH_PRIVATE_KEY:
       from_secret: SSH_PRIVATE_KEY
diff --git a/Dockerfile b/Dockerfile
index 1e7d5d3..af88a18 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,3 +1,4 @@
 FROM alpine:3.16
 
-RUN apk add --no-cache gawk git gnupg tar openssh-client-default xz
\ No newline at end of file
+RUN apk add --no-cache gawk git gnupg tar openssh-client-default xz && \
+    adduser -h /work -D -u 1000 drone