From: Tobias Florek <me@ibotty.net>
Date: Thu, 8 Jul 2021 19:30:09 +0000 (+0000)
Subject: specify user in rootless container numerically (#16361)
X-Git-Tag: v1.15.0-rc1~39
X-Git-Url: https://source.dussan.org/?a=commitdiff_plain;h=5e819ee1de07086fb7ace9392281bc9274f85d79;p=gitea.git

specify user in rootless container numerically (#16361)

* specify user in rootless container numerically

With kubernetes' PodSecurityPolicy set to runAsNonRoot it will not allow starting the container.  The error message is
```
Error: container has runAsNonRoot and image has non-numeric user (git), cannot verify user is non-root
```
The `USER` directive has to be numerical for that to work.

* mention the name of the uid/gid

Co-authored-by: 6543 <6543@obermui.de>
---

diff --git a/Dockerfile.rootless b/Dockerfile.rootless
index 70f6540112..efdb3bb728 100644
--- a/Dockerfile.rootless
+++ b/Dockerfile.rootless
@@ -56,7 +56,7 @@ COPY docker/rootless /
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /usr/local/bin/gitea
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
 
-USER git:git
+USER 1000:1000 # git:git
 ENV GITEA_WORK_DIR /var/lib/gitea
 ENV GITEA_CUSTOM /var/lib/gitea/custom
 ENV GITEA_TEMP /tmp/gitea