Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add non-root user to frontend and backend containers #1228

Merged
merged 4 commits into from
Dec 25, 2024
Merged

add non-root user to frontend and backend containers #1228

merged 4 commits into from
Dec 25, 2024

Conversation

eric-intuitem
Copy link
Collaborator

@eric-intuitem eric-intuitem commented Dec 22, 2024
edited by ab-smith
Loading

also remove huey further,
should fix #1219

@eric-intuitem eric-intuitem force-pushed the improve/non-root-containers branch from c05fbc5 to 00626b8 Compare December 22, 2024 11:50
@Nathanael-Mtd
Copy link

I think keeping same UIDs (and names like "app") for backend and frontend images are fine, and more simple to maintain.

Also, chown is not needed to avoid binaries/code manipulation from app user, the application can be built as root but executable as non-root user. But you can add chown to app grp/user for app storage folders like db

@eric-intuitem
simplify dockerfile
240f069 
Following advice from Nathanael-Mtd
@eric-intuitem
Update startup-tests.yml
ebd7c9f 
tentative fix for broken startup test
nas-tabchiche
nas-tabchiche approved these changes Dec 24, 2024
View reviewed changes
Copy link
Contributor

@nas-tabchiche nas-tabchiche left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me. This can be merged once CI is green.

@nas-tabchiche nas-tabchiche force-pushed the improve/non-root-containers branch from bf76a71 to ebd7c9f Compare December 24, 2024 18:41
@eric-intuitem eric-intuitem merged commit 4affdec into main Dec 25, 2024
33 checks passed
@github-actions github-actions bot locked and limited conversation to collaborators Dec 25, 2024
@nas-tabchiche nas-tabchiche deleted the improve/non-root-containers branch December 25, 2024 09:43
@ab-smith ab-smith restored the improve/non-root-containers branch December 29, 2024 23:56
@ab-smith
Copy link
Contributor

Attempting a revert on this as we're noticing multiple issues,
this needs more testing next time.

@ab-smith ab-smith deleted the improve/non-root-containers branch December 30, 2024 00:07
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@nas-tabchiche nas-tabchiche nas-tabchiche approved these changes

@ab-smith ab-smith Awaiting requested review from ab-smith

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Build Docker images in non-root mode
4 participants
@eric-intuitem @Nathanael-Mtd @ab-smith @nas-tabchiche