From 415e336e62e21a62ab8afeea5dd2a33c3f5eba24 Mon Sep 17 00:00:00 2001
From: Michael <weigmi87303@th-nuernberg.de>
Date: Sat, 18 Apr 2026 21:52:02 +0200
Subject: [PATCH] changed non root user settings

---
 Dockerfile     | 41 ++++++++++++++++++++++++-----------------
 Dockerfile-alt | 22 ++++++++++++++++++++++
 2 files changed, 46 insertions(+), 17 deletions(-)
 create mode 100644 Dockerfile-alt

diff --git a/Dockerfile b/Dockerfile
index d962f94..5438751 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,22 +1,29 @@
-# Base-Image
-FROM ubuntu:latest
+# ── Stage 1: Build ───────────────────────────────────────────────────────────
+FROM gcc:14-bookworm AS builder
 
-# Pakete installieren
-RUN apt-get update
-RUN apt-get install -y build-essential gcc curl vim net-tools
+WORKDIR /build
+COPY deployment.c .
 
-# Arbeitsverzeichnis setzen
+RUN gcc -O2 -static -o deployment deployment.c
+
+# ── Stage 2: Runtime ─────────────────────────────────────────────────────────
+FROM alpine:3.21
+
+# Alle Pakete auf neuesten Stand bringen → patcht libcrypto3/libssl3 auf 3.3.7-r0
+RUN apk update && apk upgrade --no-cache
+
+# Nicht-root-User anlegen
+RUN adduser -D appuser
+RUN mkdir /output && chown appuser /output
+USER appuser 
+
+COPY --from=builder /build/deployment /app/deployment
+
+VOLUME [ "/output" ]
 WORKDIR /app
 
-# alles kopieren
-COPY . .
+HEALTHCHECK --interval=30s --timeout=4s --start-period=10s --retries=3 \
+    CMD test -f /output/output.txt && test -s /output/output.txt || exit 1
 
-# Code kompilieren
-RUN gcc -o deployment deployment.c
-
-# Verzeichnis für Ausgabe anlegen
-RUN mkdir /output
-
-# Ausgabe wird ins Container-Dateisystem geschrieben
-ENTRYPOINT ["/bin/bash", "-c"]
-CMD ["./deployment 10 > /output/output.txt && tail -f /output/output.txt"]
+ENTRYPOINT ["/bin/sh", "-c"]
+CMD ["./deployment 10 > /output/output.txt && tail -f /output/output.txt"]
\ No newline at end of file
diff --git a/Dockerfile-alt b/Dockerfile-alt
new file mode 100644
index 0000000..d962f94
--- /dev/null
+++ b/Dockerfile-alt
@@ -0,0 +1,22 @@
+# Base-Image
+FROM ubuntu:latest
+
+# Pakete installieren
+RUN apt-get update
+RUN apt-get install -y build-essential gcc curl vim net-tools
+
+# Arbeitsverzeichnis setzen
+WORKDIR /app
+
+# alles kopieren
+COPY . .
+
+# Code kompilieren
+RUN gcc -o deployment deployment.c
+
+# Verzeichnis für Ausgabe anlegen
+RUN mkdir /output
+
+# Ausgabe wird ins Container-Dateisystem geschrieben
+ENTRYPOINT ["/bin/bash", "-c"]
+CMD ["./deployment 10 > /output/output.txt && tail -f /output/output.txt"]