Skip to content

Commit eef5fbc

Browse files
duanhongyiduanhongyi
committed
fix(passport): change uid gid to 1001
1 parent 9ded3a8 commit eef5fbc

3 files changed

Lines changed: 35 additions & 40 deletions

File tree

charts/passport/templates/passport-deployment.yaml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@ spec:
2727
- name: drycc-passport-init
2828
image: docker.io/drycc/python-dev:latest
2929
imagePullPolicy: {{.Values.imagePullPolicy}}
30-
command:
30+
args:
3131
- netcat
3232
- -v
3333
- -u

rootfs/Dockerfile

Lines changed: 22 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
1-
FROM docker.io/drycc/base:bullseye as build-app
1+
FROM docker.io/drycc/base:bullseye as build-app
22

3-
ADD web /workspace
4-
WORKDIR /workspace
3+
ADD web /web
4+
WORKDIR /web
55

66
ENV NODE_VERSION="16.14.0"
77

@@ -12,27 +12,27 @@ RUN install-stack node $NODE_VERSION && . init-stack \
1212

1313
FROM docker.io/drycc/base:bullseye
1414

15-
RUN adduser --system \
16-
--shell /bin/bash \
17-
--disabled-password \
18-
--home /workspace \
19-
--group \
20-
drycc
15+
ARG DRYCC_UID=1001
16+
ARG DRYCC_GID=1001
17+
ARG DRYCC_HOME_DIR=/workspace
18+
19+
RUN groupadd drycc --gid ${DRYCC_GID} \
20+
&& useradd drycc -u ${DRYCC_UID} -g ${DRYCC_GID} -s /bin/bash -m -d ${DRYCC_HOME_DIR}
2121

2222
ENV PYTHON_VERSION="3.10.2"
23-
COPY requirements.txt /workspace/requirements.txt
23+
COPY requirements.txt ${DRYCC_HOME_DIR}/requirements.txt
2424

2525
RUN buildDeps='gcc rustc cargo libffi-dev musl-dev libldap2-dev libsasl2-dev'; \
2626
install-packages $buildDeps \
2727
&& install-stack python $PYTHON_VERSION && . init-stack \
28-
&& python3 -m venv /workspace/.venv \
29-
&& source /workspace/.venv/bin/activate \
30-
&& pip3 install --disable-pip-version-check --no-cache-dir -r /workspace/requirements.txt \
31-
&& chown -R drycc:drycc /workspace \
28+
&& python3 -m venv ${DRYCC_HOME_DIR}/.venv \
29+
&& source ${DRYCC_HOME_DIR}/.venv/bin/activate \
30+
&& pip3 install --disable-pip-version-check --no-cache-dir -r ${DRYCC_HOME_DIR}/requirements.txt \
31+
&& chown -R drycc:drycc ${DRYCC_HOME_DIR} \
3232
# set env
33-
&& echo "source /workspace/.venv/bin/activate" >> /opt/drycc/python/profile.d/python.sh \
33+
&& echo "source ${DRYCC_HOME_DIR}/.venv/bin/activate" >> /opt/drycc/python/profile.d/python.sh \
3434
# cleanup
35-
&& scanelp /workspace/.venv/lib > runtime.txt \
35+
&& scanelp ${DRYCC_HOME_DIR}/.venv/lib > runtime.txt \
3636
&& apt-get purge -y --auto-remove $buildDeps \
3737
&& install-packages $(< runtime.txt) \
3838
&& apt-get autoremove -y \
@@ -52,10 +52,11 @@ RUN buildDeps='gcc rustc cargo libffi-dev musl-dev libldap2-dev libsasl2-dev'; \
5252
/usr/lib/`echo $(uname -m)`-linux-gnu/gconv/EBC* \
5353
&& mkdir -p /usr/share/man/man{1..8}
5454

55-
COPY . /workspace
56-
COPY --from=build-app /workspace/dist /workspace/web/dist
57-
5855
USER drycc
59-
WORKDIR /workspace
60-
CMD ["/workspace/bin/boot"]
56+
57+
COPY --chown=drycc:drycc . ${DRYCC_HOME_DIR}
58+
COPY --chown=drycc:drycc --from=build-app /web/dist ${DRYCC_HOME_DIR}/web/dist
59+
60+
WORKDIR ${DRYCC_HOME_DIR}
61+
CMD ["bin/boot"]
6162
EXPOSE 8000

rootfs/Dockerfile.test

Lines changed: 12 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -1,14 +1,9 @@
11
FROM docker.io/drycc/base:bullseye
22

3-
RUN adduser --system \
4-
--shell /bin/bash \
5-
--disabled-password \
6-
--home /workspace \
7-
--group \
8-
drycc
3+
ARG DRYCC_HOME_DIR=/workspace
94

10-
COPY requirements.txt /workspace/requirements.txt
11-
COPY dev_requirements.txt /workspace/dev_requirements.txt
5+
COPY requirements.txt ${DRYCC_HOME_DIR}/requirements.txt
6+
COPY dev_requirements.txt ${DRYCC_HOME_DIR}/dev_requirements.txt
127

138
ENV PGDATA="/var/lib/postgresql/data" \
149
PYTHON_VERSION="3.10.2" \
@@ -20,15 +15,14 @@ RUN buildDeps='gcc rustc cargo libffi-dev musl-dev libldap2-dev libsasl2-dev'; \
2015
&& install-stack python $PYTHON_VERSION \
2116
&& install-stack postgresql $POSTGRES_VERSION \
2217
&& install-stack gosu $GOSU_VERSION && . init-stack \
23-
&& python3 -m venv /workspace/.venv \
24-
&& source /workspace/.venv/bin/activate \
25-
&& pip3 install --disable-pip-version-check --no-cache-dir -r /workspace/requirements.txt \
26-
&& pip3 install --disable-pip-version-check --no-cache-dir -r /workspace/dev_requirements.txt \
27-
&& chown -R drycc:drycc /workspace \
18+
&& python3 -m venv ${DRYCC_HOME_DIR}/.venv \
19+
&& source ${DRYCC_HOME_DIR}/.venv/bin/activate \
20+
&& pip3 install --disable-pip-version-check --no-cache-dir -r ${DRYCC_HOME_DIR}/requirements.txt \
21+
&& pip3 install --disable-pip-version-check --no-cache-dir -r ${DRYCC_HOME_DIR}/dev_requirements.txt \
2822
# set env
29-
&& echo "source /workspace/.venv/bin/activate" >> /opt/drycc/python/profile.d/python.sh \
23+
&& echo "source ${DRYCC_HOME_DIR}/.venv/bin/activate" >> /opt/drycc/python/profile.d/python.sh \
3024
# cleanup
31-
&& scanelp /workspace/.venv/lib > runtime.txt \
25+
&& scanelp ${DRYCC_HOME_DIR}/.venv/lib > runtime.txt \
3226
&& apt-get purge -y --auto-remove $buildDeps \
3327
&& install-packages $(< runtime.txt) \
3428
&& apt-get autoremove -y \
@@ -52,7 +46,7 @@ RUN buildDeps='gcc rustc cargo libffi-dev musl-dev libldap2-dev libsasl2-dev'; \
5246
&& chown -R postgres:postgres /run/postgresql $PGDATA \
5347
&& gosu postgres initdb -D $PGDATA
5448

55-
COPY . /workspace
56-
WORKDIR /workspace
57-
CMD ["/workspace/bin/boot"]
49+
COPY . ${DRYCC_HOME_DIR}
50+
WORKDIR ${DRYCC_HOME_DIR}
51+
CMD ["bin/boot"]
5852
EXPOSE 8000

0 commit comments

Comments
 (0)