Skip to content

add USER to dockerfile #17

Open
Open
add USER to dockerfile#17
Labels
enhancementNew feature or requesthelp wantedExtra attention is needed
@rbaumgar

Description

@rbaumgar
rbaumgar
opened on Jan 30, 2023

By adding USER (e.g. USER 100) to the dockerfile. image will not run as root.

If needed, add

RUN chgrp -R 0 /some/directory \
  && chmod -R g+rwX /some/directory

This is the message you get, when deploying on OpenShift (helm install ...)
would violate PodSecurity "restricted:latest": allowPrivilegeEscalation != false (container "dynu-webhook" must set securityContext.allowPrivilegeEscalation=false), unrestricted capabilities (container "dynu-webhook" must set securityContext.capabilities.drop=["ALL"]), runAsNonRoot != true (pod or container "dynu-webhook" must set securityContext.runAsNonRoot=true), seccompProfile (pod or container "dynu-webhook" must set securityContext.seccompProfile.type to "RuntimeDefault" or "Localhost")

Install/Deployment works fine.

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or requesthelp wantedExtra attention is needed

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions