From 721ed3fb41871453125170c323b1469a2edc36bf Mon Sep 17 00:00:00 2001
From: Victor Palma <palma.victor@gmail.com>
Date: Tue, 18 Oct 2016 09:46:11 -0500
Subject: [PATCH 1/2] run as prometheus user insted of root

---
 Dockerfile | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/Dockerfile b/Dockerfile
index a522c07c5..4ffd65d76 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,12 +7,17 @@ COPY documentation/examples/prometheus.yml  /etc/prometheus/prometheus.yml
 COPY console_libraries/                     /usr/share/prometheus/console_libraries/
 COPY consoles/                              /usr/share/prometheus/consoles/
 
-RUN ln -s /usr/share/prometheus/console_libraries /usr/share/prometheus/consoles/ /etc/prometheus/
+RUN ln -s /usr/share/prometheus/console_libraries /usr/share/prometheus/consoles/ /etc/prometheus/ && \
+    addgroup -g 1000 prometheus && \
+    adduser -s /bin/sh -S -H -u 1000 -G prometheus prometheus && \
+    mkdir -p /prometheus && \
+    chown -R prometheus:prometheus /etc/prometheus /prometheus
 
 EXPOSE     9090
 VOLUME     [ "/prometheus" ]
 WORKDIR    /prometheus
 ENTRYPOINT [ "/bin/prometheus" ]
+USER       prometheus
 CMD        [ "-config.file=/etc/prometheus/prometheus.yml", \
              "-storage.local.path=/prometheus", \
              "-web.console.libraries=/usr/share/prometheus/console_libraries", \

From b2f7c8d842fd765508f8c7f5055242e8e9fdfad3 Mon Sep 17 00:00:00 2001
From: Goutham Veeramachaneni <cs14btech11014@iith.ac.in>
Date: Mon, 19 Jun 2017 15:03:39 +0530
Subject: [PATCH 2/2] Use user nobody in Dockerfile

Signed-off-by: Goutham Veeramachaneni <cs14btech11014@iith.ac.in>
---
 Dockerfile | 10 ++++------
 1 file changed, 4 insertions(+), 6 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 4ffd65d76..fd533440a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -7,17 +7,15 @@ COPY documentation/examples/prometheus.yml  /etc/prometheus/prometheus.yml
 COPY console_libraries/                     /usr/share/prometheus/console_libraries/
 COPY consoles/                              /usr/share/prometheus/consoles/
 
-RUN ln -s /usr/share/prometheus/console_libraries /usr/share/prometheus/consoles/ /etc/prometheus/ && \
-    addgroup -g 1000 prometheus && \
-    adduser -s /bin/sh -S -H -u 1000 -G prometheus prometheus && \
-    mkdir -p /prometheus && \
-    chown -R prometheus:prometheus /etc/prometheus /prometheus
+RUN ln -s /usr/share/prometheus/console_libraries /usr/share/prometheus/consoles/ /etc/prometheus/
+RUN mkdir -p /prometheus && \
+    chown -R nobody:nogroup etc/prometheus /prometheus
 
+USER       nobody
 EXPOSE     9090
 VOLUME     [ "/prometheus" ]
 WORKDIR    /prometheus
 ENTRYPOINT [ "/bin/prometheus" ]
-USER       prometheus
 CMD        [ "-config.file=/etc/prometheus/prometheus.yml", \
              "-storage.local.path=/prometheus", \
              "-web.console.libraries=/usr/share/prometheus/console_libraries", \