Skip to content

Commit

Permalink
Fix docker user
Browse files Browse the repository at this point in the history
  • Loading branch information
kahun committed Jun 13, 2023
1 parent 221b87c commit 9e4c6f0
Showing 1 changed file with 9 additions and 3 deletions.
12 changes: 9 additions & 3 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,15 @@ RUN --mount=type=cache,target=/root/.cache/go-build \
ENTRYPOINT [ "/start.sh", "/workspace/manager" ]

# Copy the controller-manager into a thin image
FROM golang:1.19.5
FROM alpine:3.11
WORKDIR /
COPY --from=builder /workspace/manager .
# Use uid of nonroot user (65532) because kubernetes expects numeric user when applying pod security policies
USER 65532
# add new user
ARG USER=nonroot
ENV HOME /home/$USER
RUN adduser -D $USER \
&& mkdir -p /etc/sudoers.d \
&& echo "$USER ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/$USER \
&& chmod 0440 /etc/sudoers.d/$USER
USER 1000
ENTRYPOINT ["/manager"]

0 comments on commit 9e4c6f0

Please sign in to comment.