Skip to content
This repository has been archived by the owner on Oct 31, 2019. It is now read-only.

Commit

Permalink
try using non-root user
Browse files Browse the repository at this point in the history
  • Loading branch information
@afeld
afeld committed Dec 8, 2017
1 parent 016d597 commit 35f5235
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 2 deletions.
11 changes: 10 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
FROM williamyeh/ansible:ubuntu16.04

ARG user=jenkins
ARG group=jenkins
ARG uid=1000
ARG gid=1000

RUN apt-get update -y && \
apt-get install -y git unzip

Expand All @@ -11,6 +16,10 @@ ARG TERRAFORM_VERSION=0.11.1
ADD https://releases.hashicorp.com/terraform/${TERRAFORM_VERSION}/terraform_${TERRAFORM_VERSION}_linux_amd64.zip /tmp/terraform_${TERRAFORM_VERSION}_linux_amd64.zip
RUN unzip /tmp/terraform_${TERRAFORM_VERSION}_linux_amd64.zip -d /usr/local/bin

# https://github.com/jenkinsci/docker/blob/ca17603a0ff907728201f6285a4182020b277b87/Dockerfile#L18-L19
RUN groupadd -g ${gid} ${group} && \
useradd -u ${uid} -g ${gid} -m -s /bin/bash ${user}
USER ${user}
# required for Packer
# https://groups.google.com/d/msg/packer-tool/92wq5kYOvto/kkzoASaMAQAJ
ENV USER root
ENV USER ${user}
2 changes: 1 addition & 1 deletion Jenkinsfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,7 +14,7 @@ pipeline {
image '18fgsa/devsecops-builder'
alwaysPull true
// https://support.cloudbees.com/hc/en-us/articles/218583777-How-to-set-user-in-docker-image-
args '-u root'
args '-u jenkins:jenkins'
}
}
environment {
Expand Down

0 comments on commit 35f5235

Please sign in to comment.