search

gitbucket / gitbucket-docker

Docker image of GitBucket which is an open source GitHub server powered by Scala
https://github.com/gitbucket/gitbucket-docker/pkgs/container/gitbucket
58 stars 23 forks source link

Changed the root user to a non-root user #16

Open kanekoh opened 4 years ago

kanekoh commented 4 years ago

Changes as follows:

I confirmed the container works with restricted SCC on an OpenShift environment.

15

aadrian commented 4 years ago

@kanekoh I'm not sure that hardcoding UID 1001 is a very good idea, since the mounted volumes from the host system will have now a "random" owner with UID 1001 .

kanekoh commented 4 years ago

@aadrian I understand that hardcoding UID is not good idea.

Which of these methods is closer to your thought?

  1. No define "USER" instruction in Dockerfile As a default with docker-daemon, it works as a root uid container. However, a user can execute the container as non-root user with the parameter '-u'.

  2. Use "ARG" instruction and set default value to define USERID in Dockerfile When the container image build with docker command, specify USERID with --build-arg. So, a user can change UID easily. 

...
ARG USERID=1001
...
USER ${USERID}