Skip to content

Commit

Permalink
Do not run as root, for security reasons
Browse files Browse the repository at this point in the history
  • Loading branch information
Al2Klimov committed Jul 9, 2024
1 parent 230491b commit f3ac455
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions Containerfile
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,15 @@ RUN CGO_ENABLED=0 GOOS=linux go build -o /icinga-kubernetes cmd/icinga-kubernete

FROM scratch

COPY <<EOF /etc/group
icinga-kubernetes:x:101:
EOF

COPY <<EOF /etc/passwd
icinga-kubernetes:*:101:101::/nonexistent:/usr/sbin/nologin
EOF

COPY --from=build /icinga-kubernetes /icinga-kubernetes

USER icinga-kubernetes
CMD ["/icinga-kubernetes"]

0 comments on commit f3ac455

Please sign in to comment.