Skip to content

Commit

Permalink
Run as non-root and root group for OpenShift compatibility ADDENDUM (#5)
Browse files Browse the repository at this point in the history
  • Loading branch information
@dobrerazvan
dobrerazvan authored Jun 12, 2023
1 parent 17c70a4 commit 4f2c3b0
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 6 deletions.
4 changes: 1 addition & 3 deletions Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,8 +30,6 @@ RUN CGO_ENABLED=0 go build \
FROM alpine:3.17
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
COPY --from=builder /app/bin/kminion /app/kminion
RUN chown -R 1001:0 /app/kminion \
&& chmod -R g=u /app/kminion
USER 1001
RUN chmod -R +x /app/kminion

ENTRYPOINT ["/app/kminion"]
6 changes: 3 additions & 3 deletions charts/kminion/values.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -28,9 +28,9 @@ podAnnotations: {}
# prometheus.io/port: "8080"
# prometheus.io/path: "/metrics"

podSecurityContext:
runAsUser: 99
fsGroup: 99
podSecurityContext: {}
# runAsUser: 99
# fsGroup: 99

## See `kubectl explain poddisruptionbudget.spec` for more
## ref: https://kubernetes.io/docs/tasks/run-application/configure-pdb/
Expand Down

0 comments on commit 4f2c3b0

Please sign in to comment.