From e4bf1c3ce2f4880a01a83b3a2a980b337cf6647a Mon Sep 17 00:00:00 2001
From: Oleksandr Brezhniev <oleksandr.brezhniev@infopulse.com>
Date: Wed, 18 Mar 2020 11:01:14 +0200
Subject: [PATCH 1/2] Dockerfile

---
 .dockerignore |  5 +++++
 Dockerfile    | 24 ++++++++++++++++++++++++
 2 files changed, 29 insertions(+)
 create mode 100644 .dockerignore
 create mode 100644 Dockerfile

diff --git a/.dockerignore b/.dockerignore
new file mode 100644
index 0000000..7086929
--- /dev/null
+++ b/.dockerignore
@@ -0,0 +1,5 @@
+.idea
+.git
+.github
+venv
+my_venv
diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000..020928d
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,24 @@
+FROM ubuntu:18.04
+
+ENV DEBIAN_FRONTEND noninteractive
+
+RUN apt-get update -qq && \
+    apt-get install -y software-properties-common python3-pip && \
+    rm -rf /var/lib/apt/lists/*
+
+RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 && \
+    add-apt-repository "deb https://repo.sovrin.org/sdk/deb bionic stable" && \
+    apt-get update -qq && \
+    apt-get install -y libindy && \
+    rm -rf /var/lib/apt/lists/*
+
+RUN ln -s /usr/bin/pip3 /usr/bin/pip
+
+ADD ./pyserverforindy/requirements.txt /app/pyserverforindy/requirements.txt
+RUN pip install --no-cache-dir -r /app/pyserverforindy/requirements.txt
+
+ADD . /app
+
+CMD python3 /app/pyserverforindy/grpc_server/server.py
+
+EXPOSE 50051

From b49eacd66f67738a587320c5b24f95b59b365872 Mon Sep 17 00:00:00 2001
From: Oleksandr Brezhniev <oleksandr.brezhniev@infopulse.com>
Date: Sat, 21 Mar 2020 00:43:20 +0200
Subject: [PATCH 2/2] Added volume, unprivileged user and comments

---
 Dockerfile | 26 +++++++++++++++++++++-----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 020928d..47fcf30 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,24 +1,40 @@
 FROM ubuntu:18.04
 
 ENV DEBIAN_FRONTEND noninteractive
+ENV LANG C.UTF-8
 
+# Install Python 3 & pip
 RUN apt-get update -qq && \
     apt-get install -y software-properties-common python3-pip && \
     rm -rf /var/lib/apt/lists/*
 
+# Install libindy
 RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys CE7709D068DB5E88 && \
     add-apt-repository "deb https://repo.sovrin.org/sdk/deb bionic stable" && \
     apt-get update -qq && \
     apt-get install -y libindy && \
     rm -rf /var/lib/apt/lists/*
 
-RUN ln -s /usr/bin/pip3 /usr/bin/pip
+# Optianally set uid & gid at build time
+ARG USER_ID
+ARG GROUP_ID
 
-ADD ./pyserverforindy/requirements.txt /app/pyserverforindy/requirements.txt
-RUN pip install --no-cache-dir -r /app/pyserverforindy/requirements.txt
+# Create unprivileged user & group "app"
+RUN groupadd -g ${GROUP_ID:-1000} app && \
+    useradd -l -u ${USER_ID:-1000} -g app app && \
+    install -d -m 0755 -o app -g app /home/app
 
-ADD . /app
+USER app
 
-CMD python3 /app/pyserverforindy/grpc_server/server.py
+# Install required python libraries
+COPY --chown=app:app ./pyserverforindy/requirements.txt /app/pyserverforindy/requirements.txt
+RUN pip3 install --no-cache-dir -r /app/pyserverforindy/requirements.txt
+
+# Add project files to image
+COPY --chown=app:app . /app
+
+VOLUME /home/app/.indy_client
+
+CMD ["python3", "/app/pyserverforindy/grpc_server/server.py"]
 
 EXPOSE 50051