From 4ffa0021d4224c742bd18e8b8e66af1517448812 Mon Sep 17 00:00:00 2001
From: Julius de Jeu <julius@voidcorp.nl>
Date: Tue, 10 Sep 2019 21:52:04 +0200
Subject: [PATCH] Add extra logging, make builds use BUILDKIT and make the
 container more secure by using a different user

---
 .gitlab-ci.yml                 | 1 +
 Dockerfile                     | 6 ++++++
 src/main/resources/logback.xml | 2 +-
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index cde612d..881ea44 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -8,6 +8,7 @@ stages:
 variables:
   IMAGE_TAG: $CI_REGISTRY_IMAGE:latest
   NAME: $CI_PROJECT_NAME
+  DOCKER_BUILDKIT: 1
 
 build_and_push:
   stage: build
diff --git a/Dockerfile b/Dockerfile
index b00749b..de0e328 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -10,4 +10,10 @@ FROM openjdk:8-jre-stretch
 
 COPY --from=build /app/build/libs/ottobot.jar /otto.jar
 
+RUN chmod 444 /otto.jar
+
+RUN useradd -r -u 1001 otto
+
+USER otto
+
 CMD java -jar /otto.jar
\ No newline at end of file
diff --git a/src/main/resources/logback.xml b/src/main/resources/logback.xml
index 8f53404..02eb49e 100644
--- a/src/main/resources/logback.xml
+++ b/src/main/resources/logback.xml
@@ -6,7 +6,7 @@
     </appender>
 
 
-    <root level="INFO">
+    <root level="DEBUG">
         <appender-ref ref="STDOUT"/>
         <!--<appender-ref ref="FILE"/>-->
     </root>