From 890b39ace78b9a5e4f223465537158a418cf2d64 Mon Sep 17 00:00:00 2001 From: Stepan Rabotkin Date: Wed, 9 Apr 2025 02:46:09 +0300 Subject: [PATCH] refac: use numeric user in Dockerfiles --- Dockerfile | 4 ++-- Dockerfile.amd64 | 6 +++--- Dockerfile.arm64 | 4 ++-- dev.Dockerfile | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index a90910a0..5cbd1d10 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,7 @@ # use a builder image for building cloudflare ARG TARGET_GOOS ARG TARGET_GOARCH -FROM golang:1.22.10 as builder +FROM golang:1.22.10 AS builder ENV GO111MODULE=on \ CGO_ENABLED=0 \ TARGET_GOOS=${TARGET_GOOS} \ @@ -30,7 +30,7 @@ LABEL org.opencontainers.image.source="https://github.com/cloudflare/cloudflared COPY --from=builder --chown=nonroot /go/src/github.com/cloudflare/cloudflared/cloudflared /usr/local/bin/ # run as non-privileged user -USER nonroot +USER 1002 # command / entrypoint of container ENTRYPOINT ["cloudflared", "--no-autoupdate"] diff --git a/Dockerfile.amd64 b/Dockerfile.amd64 index 20c48bd4..f9d733c6 100644 --- a/Dockerfile.amd64 +++ b/Dockerfile.amd64 @@ -1,10 +1,10 @@ # use a builder image for building cloudflare -FROM golang:1.22.10 as builder +FROM golang:1.22.10 AS builder ENV GO111MODULE=on \ CGO_ENABLED=0 \ # the CONTAINER_BUILD envvar is used set github.com/cloudflare/cloudflared/metrics.Runtime=virtual # which changes how cloudflared binds the metrics server - CONTAINER_BUILD=1 + CONTAINER_BUILD=1 WORKDIR /go/src/github.com/cloudflare/cloudflared/ @@ -25,7 +25,7 @@ LABEL org.opencontainers.image.source="https://github.com/cloudflare/cloudflared COPY --from=builder --chown=nonroot /go/src/github.com/cloudflare/cloudflared/cloudflared /usr/local/bin/ # run as non-privileged user -USER nonroot +USER 1002 # command / entrypoint of container ENTRYPOINT ["cloudflared", "--no-autoupdate"] diff --git a/Dockerfile.arm64 b/Dockerfile.arm64 index f4b25a6e..111abfb5 100644 --- a/Dockerfile.arm64 +++ b/Dockerfile.arm64 @@ -1,5 +1,5 @@ # use a builder image for building cloudflare -FROM golang:1.22.10 as builder +FROM golang:1.22.10 AS builder ENV GO111MODULE=on \ CGO_ENABLED=0 \ # the CONTAINER_BUILD envvar is used set github.com/cloudflare/cloudflared/metrics.Runtime=virtual @@ -25,7 +25,7 @@ LABEL org.opencontainers.image.source="https://github.com/cloudflare/cloudflared COPY --from=builder --chown=nonroot /go/src/github.com/cloudflare/cloudflared/cloudflared /usr/local/bin/ # run as non-privileged user -USER nonroot +USER 1002 # command / entrypoint of container ENTRYPOINT ["cloudflared", "--no-autoupdate"] diff --git a/dev.Dockerfile b/dev.Dockerfile index 8d15784f..b50a8cbf 100644 --- a/dev.Dockerfile +++ b/dev.Dockerfile @@ -1,4 +1,4 @@ -FROM golang:1.22.10 as builder +FROM golang:1.22.10 AS builder ENV GO111MODULE=on \ CGO_ENABLED=0 WORKDIR /go/src/github.com/cloudflare/cloudflared/