Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sync Dockerfile and Dockerfile.cross and run as non-root user #2166

Merged
merged 3 commits into from Sep 19, 2023
Merged

Sync Dockerfile and Dockerfile.cross and run as non-root user #2166

merged 3 commits into from Sep 19, 2023

Conversation

mattray
Copy link
Collaborator

@mattray mattray commented Sep 18, 2023

What does this PR change?

  • Dockerfile and Dockerfile.cross now have the same commands and run nginx as user 1001

Does this PR relate to any other PRs?

How will this PR impact users?

  • UI container doesn't run as the root user, which was flagged as a concern.

Does this PR address any GitHub or Zendesk issues?

How was this PR tested?

  • Kind (Arm), EKS (x86), K3s (x86)

Does this PR require changes to documentation?

  • No

Have you labeled this PR and its corresponding Issue as "next release" if it should be part of the next OpenCost release? If not, why not?

  • Yes.

@mattray
Sync Dockerfile and Dockerfile.cross and run as non-root user
2503959 
Fixes opencost#2150

Signed-off-by: Matt Ray <github@mattray.dev>
@mattray mattray added next release This PR/issue is expected to be merged/addressed in the next release opencost OpenCost issues vs. external/downstream P1 Estimated Priority (P0 is highest, P4 is lowest) v1.107 E2 Estimated level of Effort (1 is easiest, 4 is hardest) labels Sep 18, 2023
@mattray
Switch back to latest tag for UI
f4909d3 
Signed-off-by: Matt Ray <github@mattray.dev>
@mattray mattray merged commit 2805f90 into opencost:develop Sep 19, 2023
3 checks passed
mattray added a commit to mattray/opencost that referenced this pull request Sep 19, 2023
@mattray
Sync Dockerfile and Dockerfile.cross and run as non-root user for 1.106
52c892f 
Backported opencost#2166 for 1.106.1

Signed-off-by: Matt Ray <github@mattray.dev>
@mattray mattray mentioned this pull request Sep 19, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@teevans teevans teevans approved these changes

Assignees
No one assigned
Labels
E2 Estimated level of Effort (1 is easiest, 4 is hardest) next release This PR/issue is expected to be merged/addressed in the next release opencost OpenCost issues vs. external/downstream P1 Estimated Priority (P0 is highest, P4 is lowest) v1.107
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

OpenCost UI nginx should not run as root and should not run on a privileged port
2 participants
@mattray @teevans