sbt-native-packager icon indicating copy to clipboard operation
sbt-native-packager copied to clipboard

Published 20 hours ago verified publisher icon sbt

Root user compliance in twistlock when we build the image

Open yogeshbidari opened this issue 3 years ago • 1 comments

Expected behaviour

When we run sbt docker:publishLocal it is creating the image with default user demiourgos728. When we run the pod with same image it is running with user demiourgos728, there should not be any compliance issue related to non-root user.

Actual behaviour

When we run the pod with same image it is running with user demiourgos728, but the compliance issue on twistlock says that we are not running with non-root user.

Information

  • What sbt version : 1.3.13
  • What is your build system (e.g. Ubuntu, MacOS, Windows, Debian ) : centos7
  • What package are you building (e.g. docker, rpm, ...) : docker
  • What version has your build tool (find out with e.g. rpm --version) :
  • What is your target system (e.g. Ubuntu 16.04, CentOS 7) : adoptopenjdk/openjdk11:jdk-11.0.11_9-alpine

yogeshbidari avatar Aug 27 '21 05:08 yogeshbidari

Does this have anything to do with the effect that the docker plugin seems to emit

USER 1000:0

when generating a Dockerfile? It seems like the gid is root.

Christewart avatar Aug 26 '22 18:08 Christewart