Dockerfile: create a zuul user with uid 10001
This change creates an unprivileged user zuul (uid 10001) to run the zuul service. Change-Id: I8bd2cafbe9d2e7580407262c035e50e2e3be474e
This commit is contained in:
parent
9415c9b403
commit
c56250de36
|
@ -40,12 +40,13 @@ RUN echo "deb http://ftp.debian.org/debian stretch-backports main" >> /etc/apt/s
|
||||||
RUN /output/install-from-bindep \
|
RUN /output/install-from-bindep \
|
||||||
&& pip install --cache-dir=/output/wheels -r /output/zuul_base/requirements.txt \
|
&& pip install --cache-dir=/output/wheels -r /output/zuul_base/requirements.txt \
|
||||||
&& rm -rf /output
|
&& rm -rf /output
|
||||||
|
RUN useradd -u 10001 -m -d /var/lib/zuul -c "Zuul Daemon" zuul
|
||||||
|
|
||||||
VOLUME /var/lib/zuul
|
VOLUME /var/lib/zuul
|
||||||
CMD ["/usr/local/bin/zuul"]
|
CMD ["/usr/local/bin/zuul"]
|
||||||
|
|
||||||
FROM zuul as zuul-executor
|
FROM zuul as zuul-executor
|
||||||
COPY --from=builder /usr/local/lib/zuul/ /usr/local/lib/zuul
|
COPY --from=builder /usr/local/lib/zuul/ /usr/local/lib/zuul
|
||||||
|
|
||||||
CMD ["/usr/local/bin/zuul-executor"]
|
CMD ["/usr/local/bin/zuul-executor"]
|
||||||
|
|
||||||
FROM zuul as zuul-fingergw
|
FROM zuul as zuul-fingergw
|
||||||
|
|
Loading…
Reference in New Issue