docker secrets with non root user
Use RUN --mount=type=secret,id=mysecret,uid=1000 cat /run/secrets/mysecret
Where mysecret
is what you pass to docker build --secret id=mysecret,src=authority.priv.json
and uid
is the uid
of parity user.
This is because you are setting root user in the docker container and root owns all the monted volumes and files, not the parity user which I am not sure even exists.
I would dothe following:
Remove USER root
from the dockerfile. It is root by default.
Check if parity
user even exists in the container.
If not create it with the /home/parity
directory.
Mount the volume and files as you did.
RUN chown -R parity:parity /home/parity
gives the ownership of the newly created user.
Then tell the container to use the newly created user by default with USER parity
Add the entrypoint you might need to RUN chmod ug+x /home/parity/entrypoint.sh
Which makes it executable for sure.
You are good to go (hopefully), you don't need to set any user when running the container, with the line USER parity
it will use the parity
user by default.