rancher/steve
1
0
Fork 0
mirror of https://github.com/rancher/steve.git synced 2025-04-28 03:10:32 +00:00
Code Issues Projects Releases Wiki Activity

Run container as a non-root user

Browse Source
This commit is contained in:
Max Sokolovsky 2023-09-12 18:50:39 -04:00
parent 5df31b9c15
commit 420ada5efb
1 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
Dockerfile
View File

@ -8,7 +8,16 @@ RUN \
CGO_ENABLED=0 go build -ldflags "-extldflags -static -s" -o /steve
FROM registry.suse.com/bci/bci-micro:15.5.11.2
ARG user=steve
RUN echo "$user:x:1000:1000::/home/$user:/bin/bash" >> /etc/passwd && \
echo "$user:x:1000:" >> /etc/group && \
mkdir /home/$user && \
chown -R $user:$user /home/$user
COPY --from=build /steve /usr/bin/steve
# Hack to make golang do files,dns search order
ENV LOCALDOMAIN=""
USER $user
ENTRYPOINT ["/usr/bin/steve"]