From 121aeb61884d2e772b6694fafb6ef419df0725bf Mon Sep 17 00:00:00 2001
From: Alfredo Gutierrez <alfredo@swirldslabs.com>
Date: Mon, 1 Apr 2024 15:29:01 -0600
Subject: [PATCH] pinning versions as recommended by Wiz IaC Scanner on PR
 review

Signed-off-by: Alfredo Gutierrez <alfredo@swirldslabs.com>
---
 auth-layer-proxy/Dockerfile | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/auth-layer-proxy/Dockerfile b/auth-layer-proxy/Dockerfile
index 34b9c02..e82a1f6 100644
--- a/auth-layer-proxy/Dockerfile
+++ b/auth-layer-proxy/Dockerfile
@@ -9,7 +9,10 @@ COPY /scripts/start-envoy.sh /etc/envoy/start-envoy.sh
 RUN chmod +x /etc/envoy/start-envoy.sh && \
     chown -R envoy:envoy /etc/envoy && \
     apt-get update && \
-    apt-get install -y gettext-base lua5.1 luarocks git && \
+    apt-get install -y gettext-base=0.19.* lua5.1=5.1.* luarocks=2.4.* git=1:2.* && \
     luarocks install lua-cjson && \
     luarocks install luasocket && \
     rm -rf /var/lib/apt/lists/*
+
+# Use the non-root 'envoy' user to run the container
+USER envoy
\ No newline at end of file