Skip to content

Commit

Permalink
Fix docker user
Browse files Browse the repository at this point in the history
  • Loading branch information
kahun committed Jun 13, 2023
1 parent 9e4c6f0 commit abea365
Showing 1 changed file with 3 additions and 9 deletions.
12 changes: 3 additions & 9 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -31,15 +31,9 @@ RUN --mount=type=cache,target=/root/.cache/go-build \
ENTRYPOINT [ "/start.sh", "/workspace/manager" ]

# Copy the controller-manager into a thin image
FROM alpine:3.11
FROM alpine:3.17
WORKDIR /
COPY --from=builder /workspace/manager .
# add new user
ARG USER=nonroot
ENV HOME /home/$USER
RUN adduser -D $USER \
&& mkdir -p /etc/sudoers.d \
&& echo "$USER ALL=(ALL) NOPASSWD: ALL" > /etc/sudoers.d/$USER \
&& chmod 0440 /etc/sudoers.d/$USER
USER 1000
# Use uid of nonroot user (65532) because kubernetes expects numeric user when applying pod security policies
USER 65532
ENTRYPOINT ["/manager"]

0 comments on commit abea365

Please sign in to comment.