Unable to deploy in cf-for-k8s using docker image

[mymasse]

Stratos Version

4.2.0

Frontend Deployment type

• [X] Cloud Foundry Application (cf push)
• [ ] Kubernetes, using a helm chart
• [ ] Docker, single container deploying all components
• [ ] npm run start
• [X] Other (please specify below)
  • Using cf-for-k8s v1.0.0 so Eirini

Backend (Jet Stream) Deployment type

• [X] Cloud Foundry Application (cf push)
• [ ] Kubernetes, using a helm chart
• [ ] Docker, single container deploying all components
• [X] Other (please specify below)
  • Using cf-for-k8s v1.0.0 so Eirini

Expected behaviour

Succesful deploy with cf push using the docker image

Actual behaviour

Fails to start application. This is the same issue as #4612

Steps to reproduce the behavior

cf push -f manifest.yml

manifest.yml

applications:
- name: console
  docker:
    image: splatform/stratos:stable
  instances: 1
  memory: 128M
  disk_quota: 384M

Log output covering before error and any error statements

2020-10-22T15:42:21.00-0400 [API/0] OUT Process has crashed with type: "web"
2020-10-22T15:42:21.00-0400 [API/0] OUT App instance exited with guid 40fdcf10-f5ed-4995-bcd5-9d9d477bbffe payload: {"instance"=>"console-my-space-6f71376599-0", "index"=>0, "cell_id"=>"", "reason"=>"CreateContainerConfigError", "exit_description"=>"container has runAsNonRoot and image has non-numeric user (jetstream), cannot verify user is non-root", "crash_count"=>0, "crash_timestamp"=>0, "version"=>"f2031279-fad6-4fa3-afdd-a1bd8f926b6a"}

[mymasse]

Digging more it is the same image that was fixed in #4612, a bit confused now why it doesn't work.

[reneighbor]

Hello Stratos team!

We might be able to provide insight here. We made a change in cf-for-k8s 1.0.0 that validates that the user is non-root. The underlying function requires that the user ID is an integer:

https://github.com/cloudfoundry-incubator/eirini/pull/116/files

We've found that this causes issues when pushing Stratos because the app creates a user with the string ID jetstream. We were able to get Stratos up and running by making the following changes to the Docker image:

diff --git a/deploy/Dockerfile.all-in-one b/deploy/Dockerfile.all-in-one
index f57703953..9f428fd97 100644
--- a/deploy/Dockerfile.all-in-one
+++ b/deploy/Dockerfile.all-in-one
@@ -48,6 +48,6 @@ RUN usermod -aG users jetstream
 # Ensure that the /srv folder is in the users group so that the jetstream user can write to it
 RUN chgrp users /srv && chmod 775 /srv
-USER jetstream
+USER 2000