Skip to content

Commit

Permalink
Merge pull request #36 from eclipse-tractusx/fix_dockerfile
Browse files Browse the repository at this point in the history 
fix: run container as non root user
  • Loading branch information
@tomaszbarwicki
tomaszbarwicki authored Jun 14, 2024
2 parents 0029ed2 + 754bd0c commit e0696bc
Show file tree
Hide file tree
Showing 4 changed files with 11 additions and 6 deletions.
8 changes: 4 additions & 4 deletions DEPENDENCIES
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
go/golang/github.com%2Fcreack/pty/v1.1.9, MIT, approved, clearlydefined
go/golang/github.com%2Fcreack/pty/v1.1.9, BSD-3-Clause AND MIT, approved, #14623
go/golang/github.com%2Fdavecgh/go-spew/v1.1.0, ISC, approved, clearlydefined
go/golang/github.com%2Fdavecgh/go-spew/v1.1.1, ISC, approved, clearlydefined
go/golang/github.com%2Femicklei%2Fgo-restful/v3/v3.11.0, MIT, approved, clearlydefined
Expand All @@ -9,12 +9,12 @@ go/golang/github.com%2Fgo-openapi/jsonpointer/v0.20.0, Apache-2.0, approved, #10
go/golang/github.com%2Fgo-openapi/jsonreference/v0.20.2, Apache-2.0, approved, #10676
go/golang/github.com%2Fgo-openapi/swag/v0.22.3, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #10679
go/golang/github.com%2Fgo-openapi/swag/v0.22.4, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #10679
go/golang/github.com%2Fgo-task/slim-sprig/v0.0.0-20230315185526-52ccab3ef572, MIT AND LicenseRef-scancode-proprietary-license, restricted, #10759
go/golang/github.com%2Fgo-task/slim-sprig/v0.0.0-20230315185526-52ccab3ef572, MIT, approved, #11068
go/golang/github.com%2Fgogo/protobuf/v1.3.2, BSD-3-Clause AND BSD-2-Clause, approved, #5660
go/golang/github.com%2Fgolang/protobuf/v1.5.0, BSD-3-Clause, approved, #5706
go/golang/github.com%2Fgolang/protobuf/v1.5.2, BSD-3-Clause, approved, #5706
go/golang/github.com%2Fgolang/protobuf/v1.5.3, BSD-3-Clause, approved, #5706
go/golang/github.com%2Fgoogle/gnostic-models/v0.6.9-0.20230804172637-c7be7c783f49, Apache-2.0 AND (Apache-2.0 AND JSON), restricted, #10742
go/golang/github.com%2Fgoogle/gnostic-models/v0.6.9-0.20230804172637-c7be7c783f49, Apache-2.0, approved, #10742
go/golang/github.com%2Fgoogle/go-cmp/v0.5.5, BSD-3-Clause, approved, #5689
go/golang/github.com%2Fgoogle/go-cmp/v0.5.9, BSD-3-Clause, approved, #5689
go/golang/github.com%2Fgoogle/gofuzz/v1.0.0, Apache-2.0, approved, clearlydefined
Expand Down Expand Up @@ -82,7 +82,7 @@ go/golang/golang.org%2Fx/sys/v0.13.0, BSD-3-Clause, approved, #11053
go/golang/golang.org%2Fx/term/v0.0.0-20201126162022-7de9c90e9dd1, BSD-3-Clause, approved, #5720
go/golang/golang.org%2Fx/term/v0.0.0-20210927222741-03fcf44c2211, BSD-3-Clause, approved, #5720
go/golang/golang.org%2Fx/term/v0.13.0, BSD-3-Clause, approved, #11056
go/golang/golang.org%2Fx/text/v0.13.0, BSD-3-Clause AND (BSD-3-Clause AND CC-BY-SA-1.0 AND CC-BY-SA-2.5 AND CC-BY-SA-3.0) AND (BSD-3-Clause AND CC-BY-SA-1.0 AND CC-BY-SA-2.0 AND CC-BY-SA-2.5 AND CC-BY-SA-3.0), restricted, #10752
go/golang/golang.org%2Fx/text/v0.13.0, BSD-3-Clause, approved, #10752
go/golang/golang.org%2Fx/text/v0.3.0, BSD-3-Clause AND CC-BY-SA-1.0 AND CC-BY-SA-2.0 AND CC-BY-SA-2.5 AND CC-BY-SA-3.0, approved, #6122
go/golang/golang.org%2Fx/text/v0.3.3, BSD-3-Clause AND CC-BY-SA-1.0 AND CC-BY-SA-2.0 AND CC-BY-SA-2.5 AND CC-BY-SA-3.0, approved, #6126
go/golang/golang.org%2Fx/text/v0.3.7, BSD-3-Clause, approved, #6127
Expand Down
5 changes: 4 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,9 @@ WORKDIR /app
COPY ./web /app/web
COPY --from=builder --chown=nonroot:nonroot /app/dashboard /app/dashboard

RUN adduser -u 1000 --disabled-password --gecos "" --no-create-home nonroot
USER nonroot

ENTRYPOINT ["/app/dashboard"]

CMD ["-in-cluster=true"]
CMD ["-in-cluster=true"]
2 changes: 1 addition & 1 deletion charts/app-dashboard/Chart.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,7 +27,7 @@ type: application
# This is the chart version. This version number should be incremented each time you make changes
# to the chart and its templates, including the app version.
# Versions are expected to follow Semantic Versioning (https://semver.org/)
version: 1.0.7
version: 1.0.8

# This is the version number of the application being deployed. This version number should be
# incremented each time you make changes to the application. Versions are not expected to
Expand Down
2 changes: 2 additions & 0 deletions charts/app-dashboard/templates/deployment.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,6 +43,8 @@ spec:
{{- toYaml . | nindent 8 }}
{{- end }}
serviceAccountName: {{ include "app-dashboard.serviceAccountName" . }}
securityContext:
runAsUser: 1000
containers:
- name: {{ .Chart.Name }}
securityContext:
Expand Down

0 comments on commit e0696bc

Please sign in to comment.