Closed forty closed 4 years ago
Thanks for the bug report, We are using this dockerfile and Debug Dockerfile
Looks like there is an issue here.
Yes, I assume it can be fixed either in the source tar (from https://github.com/GoogleCloudPlatform/docker-credential-gcr/ ) or by chmoding the file in the Dockerfile, I'm not sure which one is best. Maybe both. I'd say that adding "--chown=0:0" to all the Dockerfile COPY cannot hurt, and would make sure kaniko is not affected by such change in upstream projects.
Makes sense. would like to create a PR for it? i can review and merge.
Actual behavior The file /kaniko/docker-credential-gcr is owned by user uid=205001 gid=89939 in the debug-v0.23.0 docker image, instead of uid=0 gid=0 usually. This cause issues in our CI as we are using user namespace, and this goes out of the range we defined.
Expected behavior Have all files owned by the same user, ideally with a low enough uid :)
To Reproduce 1- docker run -it --entrypoint=sh gcr.io/kaniko-project/executor:debug-v0.23.0 2- ls -l kaniko/
Additional Information
N/A
Triage Notes for the Maintainers
--cache
flag