From d84c45d3322dab95feb29503c61a3c7384982dec Mon Sep 17 00:00:00 2001
From: Katos <7927609+katosdev@users.noreply.github.com>
Date: Sun, 5 Jan 2025 16:46:04 +0000
Subject: [PATCH] Fix ownership of directories

---
 Dockerfile.rootless | 15 ++++++---------
 1 file changed, 6 insertions(+), 9 deletions(-)

diff --git a/Dockerfile.rootless b/Dockerfile.rootless
index e20c5b97..dda87572 100644
--- a/Dockerfile.rootless
+++ b/Dockerfile.rootless
@@ -6,7 +6,7 @@ WORKDIR /app
 RUN npm install -g pnpm
 
 # Copy package.json and lockfile to leverage caching
-COPY frontend/package.json frontend/pnpm-lock.yaml ./
+COPY frontend/package.json frontend/pnpm-lock.yaml ./ 
 RUN pnpm install --frozen-lockfile --shamefully-hoist
 
 # Build Nuxt (frontend) stage
@@ -17,7 +17,7 @@ WORKDIR /app
 RUN npm install -g pnpm
 
 # Copy over source files and node_modules from dependencies stage
-COPY frontend .
+COPY frontend . 
 COPY --from=frontend-dependencies /app/node_modules ./node_modules
 RUN pnpm build
 
@@ -26,7 +26,7 @@ FROM public.ecr.aws/docker/library/golang:alpine AS builder-dependencies
 WORKDIR /go/src/app
 
 # Copy go.mod and go.sum for better caching
-COPY ./backend/go.mod ./backend/go.sum ./
+COPY ./backend/go.mod ./backend/go.sum ./ 
 RUN go mod download
 
 # Build API stage
@@ -87,10 +87,7 @@ HEALTHCHECK --interval=30s --timeout=5s --start-period=5s --retries=3 \
 # Persist volume
 VOLUME [ "/data" ]
 
-# Set ownership for required directories
-RUN chown -R nonroot:nonroot /app /data /app/api
-
-# Entrypoint and CMD
+# Set ownership for required directories at runtime (excluding /data)
+ENTRYPOINT ["/bin/sh", "-c", "chown -R nonroot:nonroot /app /app/api && /app/api /data/config.yml"]
 USER nonroot
-ENTRYPOINT [ "/app/api" ]
-CMD [ "/data/config.yml" ]
+CMD ["/data/config.yml"]