Skip to content

Commit 077af19

Browse files
duanhongyiduanhongyi
authored
Merge pull request #19 from jianxiaoguo/main
chore(monitor): chore(imagebuilder): change uid gid to 1001
2 parents edf4cdb + ece0406 commit 077af19

5 files changed

Lines changed: 31 additions & 15 deletions

File tree

charts/monitor/templates/monitor-grafana-deployment.yaml

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,6 +22,10 @@ spec:
2222
labels:
2323
app: drycc-monitor-grafana
2424
spec:
25+
securityContext:
26+
fsGroup: 1001
27+
runAsGroup: 1001
28+
runAsUser: 1001
2529
containers:
2630
- name: drycc-monitor-grafana
2731
image: {{.Values.grafana.imageRegistry}}/{{.Values.grafana.imageOrg}}/grafana:{{.Values.grafana.imageTag}}

charts/monitor/templates/monitor-telegraf-daemon.yaml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -19,12 +19,16 @@ spec:
1919
labels:
2020
app: drycc-monitor-telegraf
2121
spec:
22+
securityContext:
23+
fsGroup: 1001
24+
runAsGroup: 1001
25+
runAsUser: 1001
2226
serviceAccount: drycc-monitor-telegraf
2327
initContainers:
2428
- name: drycc-monitor-telegraf-init
2529
image: docker.io/drycc/python-dev:latest
2630
imagePullPolicy: {{.Values.imagePullPolicy}}
27-
command:
31+
args:
2832
- netcat
2933
- -v
3034
- -u

charts/monitor/templates/monitor-telegraf-deployment.yaml

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -21,12 +21,16 @@ spec:
2121
labels:
2222
app: drycc-monitor-telegraf
2323
spec:
24+
securityContext:
25+
fsGroup: 1001
26+
runAsGroup: 1001
27+
runAsUser: 1001
2428
serviceAccount: drycc-monitor-telegraf
2529
initContainers:
2630
- name: drycc-monitor-telegraf-init
2731
image: docker.io/drycc/python-dev:latest
2832
imagePullPolicy: {{.Values.imagePullPolicy}}
29-
command:
33+
args:
3034
- netcat
3135
- -v
3236
- -u

grafana/rootfs/Dockerfile

Lines changed: 8 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -1,11 +1,12 @@
11
FROM docker.io/drycc/base:bullseye
22

3-
RUN adduser --system \
4-
--shell /bin/bash \
5-
--disabled-password \
6-
--home /usr/share/grafana \
7-
--group \
8-
drycc
3+
ARG DRYCC_UID=1001
4+
ARG DRYCC_GID=1001
5+
ARG DRYCC_HOME_DIR=/usr/share/grafana
6+
7+
RUN groupadd drycc --gid $DRYCC_GID \
8+
&& useradd drycc -u $DRYCC_UID -g $DRYCC_GID -s /bin/bash -m -d $DRYCC_HOME_DIR
9+
910

1011
COPY . /
1112
ENV GRAFANA_VERSION="8.3.6" \
@@ -35,6 +36,6 @@ RUN install-packages fontconfig curl \
3536
&& chmod +x /usr/share/grafana/entrypoint.sh
3637

3738
USER drycc
38-
WORKDIR /usr/share/grafana
39+
WORKDIR $DRYCC_HOME_DIR
3940
CMD ["./start-grafana"]
4041
EXPOSE 3000

telegraf/rootfs/Dockerfile

Lines changed: 9 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -1,10 +1,11 @@
11
FROM docker.io/drycc/base:bullseye
22

3-
RUN adduser --system \
4-
--shell /bin/bash \
5-
--disabled-password \
6-
--group \
7-
drycc
3+
ARG DRYCC_UID=1001
4+
ARG DRYCC_GID=1001
5+
ARG DRYCC_HOME_DIR=/home/telegraf
6+
7+
RUN groupadd drycc --gid $DRYCC_GID \
8+
&& useradd drycc -u $DRYCC_UID -g $DRYCC_GID -s /bin/bash -m -d $DRYCC_HOME_DIR
89

910
COPY . /
1011
ENV TELEGRAF_VERSION="1.21.3" \
@@ -27,7 +28,9 @@ RUN install-stack telegraf $TELEGRAF_VERSION \
2728
/lib/udev \
2829
/usr/lib/`echo $(uname -m)`-linux-gnu/gconv/IBM* \
2930
/usr/lib/`echo $(uname -m)`-linux-gnu/gconv/EBC* \
30-
&& bash -c "mkdir -p /usr/share/man/man{1..8}"
31+
&& mkdir -p /usr/share/man/man{1..8} \
32+
&& chown -R drycc:drycc $DRYCC_HOME_DIR
3133

3234
USER drycc
35+
WORKDIR $DRYCC_HOME_DIR
3336
CMD ["/home/telegraf/start-telegraf"]

0 commit comments

Comments
 (0)