File tree Expand file tree Collapse file tree 2 files changed +8
-4
lines changed Expand file tree Collapse file tree 2 files changed +8
-4
lines changed Original file line number Diff line number Diff line change @@ -56,12 +56,11 @@ RUN set -eux && \
5656 rpm -i foundationdb-clients-${FDB_VERSION}-1.el7.x86_64.rpm --excludepath=/usr/bin --excludepath=/usr/lib/foundationdb/backup_agent && \
5757 rm foundationdb-clients-${FDB_VERSION}-1.el7.x86_64.rpm foundationdb-clients-${FDB_VERSION}-1.el7.x86_64.rpm.sha256
5858
59- # Create user and group here since we don't have the tools
60- # in distroless
59+
6160RUN groupadd --gid 4059 fdb && \
62- useradd --gid 4059 --uid 4059 --create-home -- shell /bin/bash fdb && \
61+ useradd --gid 4059 --uid 4059 --shell /usr/sbin/nologin fdb && \
6362 mkdir -p /var/log/fdb && \
64- touch /var/log/fdb/.keep \
63+ touch /var/log/fdb/.keep
6564
6665COPY --chown=fdb:fdb --from=builder /workspace/bin/manager .
6766COPY --chown=fdb:fdb --from=builder /workspace/bin/kubectl-fdb /usr/local/bin/kubectl-fdb
Original file line number Diff line number Diff line change @@ -47,6 +47,11 @@ RUN set -eux && \
4747 rpm -i foundationdb-clients-${FDB_VERSION}-1.el7.x86_64.rpm --excludepath=/usr/bin --excludepath=/usr/lib/foundationdb/backup_agent && \
4848 rm foundationdb-clients-${FDB_VERSION}-1.el7.x86_64.rpm foundationdb-clients-${FDB_VERSION}-1.el7.x86_64.rpm.sha256
4949
50+ RUN groupadd --gid 4059 fdb && \
51+ useradd --gid 4059 --uid 4059 --shell /usr/sbin/nologin fdb && \
52+ mkdir -p /var/log/fdb && \
53+ touch /var/log/fdb/.keep
54+
5055COPY --chown=fdb:fdb --from=builder /workspace/bin/data-loader /usr/local/bin/data-loader
5156
5257# Set to the numeric UID of fdb user to satisfy PodSecurityPolices which enforce runAsNonRoot
You can’t perform that action at this time.
0 commit comments