Skip to content

Commit 074b5ab

Browse files
cbandycbandy
committed
Use numeric UID in container images
A Kubernetes PodSecurityPolicy with runAsUser other than RunAsAny validates the UID of the container before running it. When using the UID of the image, a numeric ID is required there. https://kubernetes.io/docs/concepts/policy/pod-security-policy/ Issue: #1559
1 parent 83689f3 commit 074b5ab

8 files changed

+8
-8
lines changed

centos7/Dockerfile.pgo-apiserver.centos7

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -16,6 +16,6 @@ RUN yum -y install postgresql${PGVERSION} hostname && yum -y clean all
1616
ADD bin/apiserver /usr/local/bin
1717
ADD conf/postgres-operator /default-pgo-config
1818

19-
USER daemon
19+
USER 2
2020

2121
ENTRYPOINT ["/usr/local/bin/apiserver"]

centos7/Dockerfile.pgo-client.centos7

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,6 @@ ENV PGO_CLIENT_KEY=${PGO_CLIENT_KEY}
2020

2121
RUN chmod +x /usr/local/bin/pgo
2222

23-
USER daemon
23+
USER 2
2424

2525
CMD tail -f /dev/null

centos7/Dockerfile.pgo-event.centos7

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,6 @@ LABEL name="pgo-event" \
1111

1212
ADD bin/pgo-event /usr/local/bin
1313

14-
USER daemon
14+
USER 2
1515

1616
ENTRYPOINT ["/usr/local/bin/pgo-event.sh"]

centos7/Dockerfile.postgres-operator.centos7

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,6 @@ RUN yum -y install hostname postgresql${PGVERSION} && yum -y clean all
1414
ADD bin/postgres-operator /usr/local/bin
1515
ADD conf/postgres-operator /default-pgo-config
1616

17-
USER daemon
17+
USER 2
1818

1919
ENTRYPOINT ["postgres-operator"]

rhel7/Dockerfile.pgo-apiserver.rhel7

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -18,6 +18,6 @@ RUN yum -y install \
1818
ADD bin/apiserver /usr/local/bin
1919
ADD conf/postgres-operator /default-pgo-config
2020

21-
USER daemon
21+
USER 2
2222

2323
ENTRYPOINT ["/usr/local/bin/apiserver"]

rhel7/Dockerfile.pgo-client.rhel7

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,6 +20,6 @@ ENV PGO_CLIENT_KEY=${PGO_CLIENT_KEY}
2020

2121
RUN chmod +x /usr/local/bin/pgo
2222

23-
USER daemon
23+
USER 2
2424

2525
CMD tail -f /dev/null

rhel7/Dockerfile.pgo-event.rhel7

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,6 @@ LABEL name="pgo-event" \
1111

1212
ADD bin/pgo-event /usr/local/bin
1313

14-
USER daemon
14+
USER 2
1515

1616
ENTRYPOINT ["/usr/local/bin/pgo-event.sh"]

rhel7/Dockerfile.postgres-operator.rhel7

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,6 +17,6 @@ RUN yum -y install \
1717
ADD bin/postgres-operator /usr/local/bin
1818
ADD conf/postgres-operator /default-pgo-config
1919

20-
USER daemon
20+
USER 2
2121

2222
ENTRYPOINT ["postgres-operator"]

0 commit comments

Comments
 (0)