Added user to dockerfile. Set caps on java binary to allow binding to port 80.

Author: philwinder

Dockerfile

@@ -1,6 +1,23 @@
 FROM java:openjdk-8-alpine
 
+ENV	SERVICE_USER=myuser \
+	SERVICE_UID=10001 \
+	SERVICE_GROUP=mygroup \
+	SERVICE_GID=10001
+
+RUN	addgroup -g ${SERVICE_GID} ${SERVICE_GROUP} && \
+	adduser -g "${SERVICE_NAME} user" -D -H -G ${SERVICE_GROUP} -s /sbin/nologin -u ${SERVICE_UID} ${SERVICE_USER} && \
+	apk add --update libcap && \
+	mkdir /lib64 && \
+	ln -s /usr/lib/jvm/java-1.8-openjdk/jre/lib/amd64/server/libjvm.so /lib/libjvm.so && \
+	ln -s /usr/lib/jvm/java-1.8-openjdk/lib/amd64/jli/libjli.so /lib/libjli.so && \
+	setcap 'cap_net_bind_service=+ep' $(readlink -f $(which java))
+
 WORKDIR /usr/src/app
-COPY ./target/*.jar ./app.jar
+COPY *.jar ./app.jar
+
+RUN	chown -R ${SERVICE_USER}:${SERVICE_GROUP} ./app.jar
+
+USER ${SERVICE_USER}
 
 ENTRYPOINT ["java","-Djava.security.egd=file:/dev/urandom","-jar","./app.jar", "--port=80"]