Merge branch 'drop-root-permissions' into 'master'

Drop root privileges in container

See merge request !26

Dockerfile

@@ -4,7 +4,13 @@ FROM python:3.12 AS base
 WORKDIR /app
 EXPOSE 5000
 
+ARG USERNAME="portaluser"
+
 # First, copy and install only the requirements...
+RUN useradd -ms /bin/bash ${USERNAME} && chown -R ${USERNAME}:${USERNAME} /app
+USER ${USERNAME}
+# The modified PATH is needed so that the pipenv executaable is found.
+ENV PATH="$PATH:/home/${USERNAME}/.local/bin"
 RUN pip install --upgrade pip setuptools
 RUN pip install pipenv
 COPY Pipfile.lock .
@@ -13,7 +19,7 @@ RUN pip uninstall --yes pipenv
 RUN pip install -r requirements.txt
 # ... then the rest of the application. This allows the installation stage to be cached most of the time
 # (so we don't have reinstall of all dependencies every time the container is rebuilt)
-COPY . .
+COPY --chown=${USERNAME}:${USERNAME} . .
 
 FROM base AS dev
 ENV SERVER_TYPE=flask