From 75393cb13fd8ae4d42c91f4b3fbdbc45e36ec6f6 Mon Sep 17 00:00:00 2001
From: Slavco <sviatoslav.osadtsia@skillsoft.com>
Date: Tue, 20 Jul 2021 15:02:04 -0400
Subject: [PATCH] Docker image creation with non-root account

---
 Dockerfile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index f8b720ea1..c107d39b4 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -20,7 +20,7 @@ RUN apk --no-cache add procps
 # https://github.com/aquasecurity/kube-bench/issues/535
 RUN apk --no-cache add openssl
 
-# Add glibc for running oc command 
+# Add glibc for running oc command
 RUN wget -q -O /etc/apk/keys/sgerrand.rsa.pub https://alpine-pkgs.sgerrand.com/sgerrand.rsa.pub
 RUN wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.33-r0/glibc-2.33-r0.apk
 RUN apk add glibc-2.33-r0.apk
@@ -28,6 +28,9 @@ RUN apk add jq
 
 ENV PATH=$PATH:/usr/local/mount-from-host/bin
 
+RUN adduser -S -s /bin/sh -G root -u 1001 kube-bench
+USER kube-bench
+
 COPY --from=build /go/bin/kube-bench /usr/local/bin/kube-bench
 COPY entrypoint.sh .
 COPY cfg/ cfg/