我已配置ECS Fargate服务。更新Dockerfile以使用非root用户,将以下错误记录到CloudWatch:
npm ERR! path /opt/app/package.json
npm ERR! code EACCES
npm ERR! errno -13
npm ERR! syscall open
npm ERR! Error: EACCES: permission denied, open '/opt/app/package.json'
以默认的root用户身份运行容器时,我没有任何问题。
非根Dockerfile(如下)在本地工作。 (OS:Pop!_OS 18.10; Docker 18.09.6)
根用户Dockerfile:
FROM node:10.16-alpine
RUN mkdir -p /opt/app
WORKDIR /opt/app
COPY src/package.json .
RUN npm install
COPY src .
RUN npm run spec:build
CMD ["npm", "start"]
非根Dockerfile
FROM node:10.16-alpine
RUN mkdir -p /opt/app
WORKDIR /opt/app
COPY src/package.json .
RUN npm install
COPY src .
RUN npm run spec:build \
&& chown -R node: ./**/*
USER node
CMD ["npm", "start"]