]> source.dussan.org Git - gitea.git/commitdiff
projects / gitea.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d06f9ce)
specify user in rootless container numerically (#16361)
authorTobias Florek <me@ibotty.net>
Thu, 8 Jul 2021 19:30:09 +0000 (19:30 +0000)
committerGitHub <noreply@github.com>
Thu, 8 Jul 2021 19:30:09 +0000 (15:30 -0400)
* specify user in rootless container numerically

With kubernetes' PodSecurityPolicy set to runAsNonRoot it will not allow starting the container.  The error message is
```
Error: container has runAsNonRoot and image has non-numeric user (git), cannot verify user is non-root
```
The `USER` directive has to be numerical for that to work.

* mention the name of the uid/gid

Co-authored-by: 6543 <6543@obermui.de>
Dockerfile.rootless patch | blob | history

diff --git a/Dockerfile.rootless b/Dockerfile.rootless
index 70f6540112d4d3a089f8a2318c892f6dc4211fe9..efdb3bb7288914fdc96e7e05038dc5598bdca0f9 100644 (file)
--- a/Dockerfile.rootless
+++ b/Dockerfile.rootless
@@ -56,7 +56,7 @@ COPY docker/rootless /
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /usr/local/bin/gitea
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
 
-USER git:git
+USER 1000:1000 # git:git
 ENV GITEA_WORK_DIR /var/lib/gitea
 ENV GITEA_CUSTOM /var/lib/gitea/custom
 ENV GITEA_TEMP /tmp/gitea
Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD: https://github.com/go-gitea/gitea