User

By default, Docker runs all Node.js as the root user, which can lead to security vulnerabilities. In most cases we want the non-root user running our containers. The solution is to use a different user in Dockerfile . All Node.js images for Docker come with a non-root user called node .

The user can be added in Dockerfile with the USER statement:

FROM node:12-alpine WORKDIR /app

COPY package.json /app/package.json

RUN npm install

COPY . /app EXPOSE 8080 ## define user just at the end

USER node



CMD ["npm", "start"]

Or, if you’re using Docker CLI to run an already built container, you can use --user, -u flags.