From f297445b88169a3e5163bdca1e241b23d25d144c Mon Sep 17 00:00:00 2001
From: Jonathon Mills-Kelly <jonathon@insidersbyte.com>
Date: Wed, 17 Oct 2018 11:01:48 +0100
Subject: [PATCH] run as nobody (#1586)

Signed-off-by: Jonathon <jonathon@insidersbyte.com>
---
 Dockerfile | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Dockerfile b/Dockerfile
index 9cd07ad2..ab6303a2 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,6 +5,10 @@ COPY amtool                       /bin/amtool
 COPY alertmanager                 /bin/alertmanager
 COPY examples/ha/alertmanager.yml /etc/alertmanager/alertmanager.yml
 
+RUN mkdir -p /alertmanager && \
+    chown -R nobody:nogroup etc/alertmanager /alertmanager
+
+USER       nobody
 EXPOSE     9093
 VOLUME     [ "/alertmanager" ]
 WORKDIR    /alertmanager