You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
While the root user was removed in this earlier commit, this is still in violation of a common security policy where the container is running as UID 0 since another user was not explicitly added. Setting another user within a Dockerfile is a common practice we've seen from open-source tools, or including a separate field in the helm chart to run as a separate UID.
Describe the solution you'd like
Set an additional USER oneuptime - similar to this gist - and modify files and permissions as necessary.
Describe alternatives you've considered
None found at this time other than ignoring security violations in our environment.
Is your feature request related to a problem? Please describe.
While the root user was removed in this earlier commit, this is still in violation of a common security policy where the container is running as UID 0 since another user was not explicitly added. Setting another user within a Dockerfile is a common practice we've seen from open-source tools, or including a separate field in the helm chart to run as a separate UID.
Describe the solution you'd like
Set an additional
USER oneuptime
- similar to this gist - and modify files and permissions as necessary.Describe alternatives you've considered
None found at this time other than ignoring security violations in our environment.
Additional context
#1176
The text was updated successfully, but these errors were encountered: