From 06781103f073e44bec8eb755e6837aee9c0cf5c8 Mon Sep 17 00:00:00 2001
From: Janis Orlovs <janis.orlovs@gmail.com>
Date: Sat, 16 Feb 2019 00:36:08 +0200
Subject: [PATCH] Docker file added multistage build to add non-root user
 running under ID:20001 for image. Reduces attack surface by not running image
 as root user

---
 Dockerfile | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index c640287a..86128d41 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,11 @@
+FROM debian:7.11-slim
+RUN useradd -u 20001 postgres_exporter
+
 FROM scratch
 
+COPY --from=0 /etc/passwd /etc/passwd
+USER postgres_exporter
+
 ARG binary
 
 COPY $binary /postgres_exporter