How to build docker with non-root user privileges to setup python application with pipenv?
There's nothing wrong with installing software "globally" in a Docker image (which will generally only do one thing), and to committing to some implementation details like container-internal usernames and paths. It's totally fine to install software as root and switch to a non-root user to actually run the image.
I might write this Dockerfile like:
FROM python:3.6
# Globally install pipenv
RUN pip3 install pipenv
# Set up the app directory (Docker will create it for us)
WORKDIR /myapp
COPY . ./
RUN pipenv install --system --deploy --ignore-pipfile
# Establish the runtime user (with no password and no sudo)
RUN useradd -m myapp
USER myapp
# Normal image metadata
EXPOSE 8002
CMD gunicorn -k tornado server:app -b 0.0.0.0:8002 -w 4 -p server.pid
You need to add pipenv into PATH variable.
RUN echo $(whoami)
RUN pip3 install pipenv --user
ENV PATH $PATH:$HOME/.local/bin
Should be something like this.