在 Azure 应用服务中以非 root 用户身份运行 pm2-runtime

目前我正在开发一个简单的node.js 应用程序，需要将其容器化并部署到Azure linux Web 应用程序服务。 （天蓝色应用程序服务）

容器化运行良好，应用程序也可以在 Azure 应用程序服务中启动。 但是，我以 NODE 用户身份运行我的应用程序以防止安全问题。一般来说，以非 root 用户身份运行应用程序是一个很好的做法。

虽然当您使用 CMD["node", "start.js"] 运行应用程序时这可以正常工作，但这不适用于 pm2 库。 CMD["pm2-runtime", "start.js"] 在我的本地计算机上运行，但是一旦我将其推送到 Azure 应用服务，它就无法启动。

对我来说，这看起来像是 Linux 环境中的权限问题。由于使用 root 运行 PM2 在 Azure 中运行良好。

Dockerfile

RUN apk update && apk add --no-cache build-base gcc autoconf automake zlib-dev libpng-dev vips-dev git > /dev/null 2>&1
ENV NODE_ENV=production

# Set working directory to /opt/ and copy package.json an yarn.lock in this folder
WORKDIR /opt/
COPY package.json yarn.lock ./
RUN yarn global add node-gyp
RUN yarn config set network-timeout 600000 -g && yarn install --production
ENV PATH /opt/node_modules/.bin:$PATH

# Set working directory to /op/app and copy all Strapi related files in this folder
WORKDIR /opt/app
COPY . .
#RUN yarn build -> we skip building for now since we do not want to serve the admin panel on production

# Creating the final production image
FROM --platform=linux/amd64 node:18-alpine
RUN apk add --no-cache vips-dev
ENV NODE_ENV=production

WORKDIR /opt/
COPY --from=build /opt/node_modules ./node_modules
WORKDIR /opt/app
COPY --from=build /opt/app ./

RUN chown -R node:node /opt/app
RUN chown -R node:node /opt/node_modules
USER node

RUN yarn global add pm2
ENV PM2_PUBLIC_KEY xxxxxxxxxxxxx [hidden for security]
ENV PM2_SECRET_KEY xxxxxxxxxxxx [hidden for security]

# After installing pm2 globally
RUN echo "Global bin directory: $(yarn global bin)"
ENV PATH /home/node/.config/yarn/global/node_modules/.bin:$PATH
RUN mkdir -p /home/node/.config/yarn/global && chown -R node:node /home/node/.config
ENV PATH="/home/node/.config/yarn/global/node_modules/.bin:${PATH}"

USER root 
# RUN chown -R node:node /home/node/.config/yarn/global/node_modules/.bin/pm2
ENV PATH /opt/node_modules/.bin:$PATH
# RUN chown -R node:node /opt/app/node_modules/.bin/pm2
USER node
EXPOSE 1337

# CMD ls -lah /opt/app && ls -lah /opt/node_modules/.bin && node start.js
CMD ["pm2-runtime", "start.js"]```

### Things I've tried so far

- I tried setting different permissions with the "chown" command
- I tried setting the global pm2 package in the NODE users root folder
- I tried setting the ENV PATH to a accessible folder by the NODE user 

Honestly, I tried all sorts of things but none of them seem to work. The annoying part is, that on my local machine all works fine when I spin up the docker container. However as soon as things are in the Azure Cloud, all stops working. And the worst part is that there is 0 errors to be seen, no logging regarding this issue. The only log that is visible is that Azure isn't able to ping my App in time which is logical since PM2 isn't booting up the server.