djpbessems
/
ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hack/lib/tilt: run Tilt images with non-root user 

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
This commit is contained in:
Ryan Richard 2020-11-02 16:32:50 -05:00 committed by Andrew Keesler
parent fcea48c8f9
commit 2e50e8f01b
No known key found for this signature in database
GPG Key ID: 27CE0444346F9413
3 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
hack/lib/tilt/concierge.Dockerfile
View File

@ -10,5 +10,8 @@ COPY build/pinniped-concierge /usr/local/bin/pinniped-concierge
# Document the port
EXPOSE 8443
# Run as non-root for security posture
USER 1001:1001
# Set the entrypoint
ENTRYPOINT ["/usr/local/bin/pinniped-concierge"]

3
hack/lib/tilt/local-user-authenticator.Dockerfile
View File

@ -10,5 +10,8 @@ COPY build/local-user-authenticator /usr/local/bin/local-user-authenticator
# Document the port
EXPOSE 8443
# Run as non-root for security posture
USER 1001:1001
# Set the entrypoint
ENTRYPOINT ["/usr/local/bin/local-user-authenticator"]

5
hack/lib/tilt/supervisor.Dockerfile
View File

@ -8,7 +8,10 @@ FROM debian:10.5-slim
COPY build/pinniped-supervisor /usr/local/bin/pinniped-supervisor
# Document the port
EXPOSE 8443
EXPOSE 8080 8443
# Run as non-root for security posture
USER 1001:1001
# Set the entrypoint
ENTRYPOINT ["/usr/local/bin/pinniped-supervisor"]