Use UID number rather than username in Dockerfile #3520
Labels
component:distribution
Manifests, docker files, CLI distrubution etc
duplicate
This issue or pull request already exists
enhancement
New feature or request
type:usability
Enhancement of an existing feature
Comments
|
We already have a PR for this: #3108 |
|
And there is #2746 |
|
Nice to see it's already on the radar. I'll be following the PR :-) |
jannfis
added
component:distribution
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
Set a numeric user in the docker file, rather than the
argocdusername.Motivation
Kubernetes will reject the pod if the security context does not allow to run as root, because it can't validate that a named user isn't root.
See: kubernetes/kubernetes#56503
I know you can overwrite the uid with a securityContext directive, but it'd be nice if this worked out of the box.
Proposal
Change https://github.com/argoproj/argo-cd/blob/master/Dockerfile#L78
to
The text was updated successfully, but these errors were encountered: