paulbhart
commented
4 years ago actually I think the simplest solution is to just change the line from USER agent to USER 1000
Closed paulbhart closed 4 years ago
paulbhart
commented
4 years ago actually I think the simplest solution is to just change the line from USER agent to USER 1000
paulbhart
commented
4 years ago I am willing to make the simple change if someone part of project indicates they agree this is the appropriate fix. just let me know.
mnorbury
commented
4 years ago Hello @paulbhart, thanks for raising this issue. The change you are proposing sounds like a good fix for the problems you are seeing. We are more than happy to review if you are okay making the change and raising a PR.
See link or link2 for more details.
Basically when you use the isn't numeric, will cause it to fail with the error message of
USER <userid>command in the Dockerfile, you have to ensure it is numeric otherwise when PodSecurityPolicy is set to runAsNonRoot, the fact that the"container has runAsNonRoot and image has non-numeric user (%s), cannot verify user is non-root", username
replacing the "agent" in the file https://github.com/cloudability/metrics-agent/blob/master/deploy/docker/Dockerfile with 1000 would likely do the trick.