diff options
author | Tobias Florek <me@ibotty.net> | 2021-07-08 19:30:09 +0000 |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-07-08 15:30:09 -0400 |
commit | 5e819ee1de07086fb7ace9392281bc9274f85d79 (patch) | |
tree | 455d7633b4bf16b9b3b8cd6f281d31792ee77176 /Dockerfile.rootless | |
parent | d06f9ce27452ec0b80d548242bf59d65f89952bf (diff) | |
download | gitea-5e819ee1de07086fb7ace9392281bc9274f85d79.tar.gz gitea-5e819ee1de07086fb7ace9392281bc9274f85d79.zip |
specify user in rootless container numerically (#16361)
* specify user in rootless container numerically
With kubernetes' PodSecurityPolicy set to runAsNonRoot it will not allow starting the container. The error message is
```
Error: container has runAsNonRoot and image has non-numeric user (git), cannot verify user is non-root
```
The `USER` directive has to be numerical for that to work.
* mention the name of the uid/gid
Co-authored-by: 6543 <6543@obermui.de>
Diffstat (limited to 'Dockerfile.rootless')
-rw-r--r-- | Dockerfile.rootless | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/Dockerfile.rootless b/Dockerfile.rootless index 70f6540112..efdb3bb728 100644 --- a/Dockerfile.rootless +++ b/Dockerfile.rootless @@ -56,7 +56,7 @@ COPY docker/rootless / COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /usr/local/bin/gitea COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini -USER git:git +USER 1000:1000 # git:git ENV GITEA_WORK_DIR /var/lib/gitea ENV GITEA_CUSTOM /var/lib/gitea/custom ENV GITEA_TEMP /tmp/gitea |