diff --git a/Dockerfile b/Dockerfile index bd008135..d3dd15de 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,17 @@ FROM alpine:3.18.2 ARG TARGETDIR +ARG USERNAME -RUN addgroup -S -g 65532 ng-user && \ +RUN if [ "$USERNAME" = "ng-user" ]; then \ + addgroup -S -g 65532 ng-user && \ adduser -S -D -H -u 65532 \ - -s /sbin/nologin -G ng-user -g ng-user ng-user + -s /sbin/nologin -G ng-user -g ng-user ng-user; \ + fi ADD bin/${TARGETDIR}/controller-manager /usr/local/bin/controller-manager -ADD bin/${BUILDPLATFORM}/autoscaler /usr/local/bin/autoscaler +ADD bin/${TARGETDIR}/autoscaler /usr/local/bin/autoscaler ADD bin/${TARGETDIR}/scheduler /usr/local/bin/scheduler -USER 65532:65532 + +# [Optional] Set the default user. Omit if you want to keep the default as root. +USER $USERNAME diff --git a/Dockerfile.multiarch b/Dockerfile.multiarch index 1a2e537a..f7c5a87a 100644 --- a/Dockerfile.multiarch +++ b/Dockerfile.multiarch @@ -1,12 +1,17 @@ FROM alpine:3.18.2 ARG TARGETPLATFORM +ARG USERNAME -RUN addgroup -S -g 65532 ng-user && \ +RUN if [ "$USERNAME" = "ng-user" ]; then \ + addgroup -S -g 65532 ng-user && \ adduser -S -D -H -u 65532 \ - -s /sbin/nologin -G ng-user -g ng-user ng-user + -s /sbin/nologin -G ng-user -g ng-user ng-user; \ + fi ADD bin/${TARGETPLATFORM}/controller-manager /usr/local/bin/controller-manager ADD bin/${TARGETPLATFORM}/autoscaler /usr/local/bin/autoscaler ADD bin/${TARGETPLATFORM}/scheduler /usr/local/bin/scheduler -USER 65532:65532 + +# [Optional] Set the default user. Omit if you want to keep the default as root. +USER $USERNAME diff --git a/Makefile b/Makefile index dd5ef462..f5c551e6 100644 --- a/Makefile +++ b/Makefile @@ -5,7 +5,8 @@ LDFLAGS = $(if $(DEBUGGER),,-s -w) $(shell ./hack/version.sh) DOCKER_REGISTRY ?= docker.io DOCKER_REPO ?= ${DOCKER_REGISTRY}/vesoft -IMAGE_TAG ?= v1.7.0 +USERNAME ?= ng-user +IMAGE_TAG ?= v1.7.5 CHARTS_VERSION ?= 1.7.0 @@ -104,6 +105,7 @@ docker-multiarch: ensure-buildx ## Build and push the nebula-operator multiarchi --progress plain \ --platform $(BUILDX_PLATFORMS) \ --file Dockerfile.multiarch \ + --build-arg USERNAME=${USERNAME} \ -t "${DOCKER_REPO}/nebula-operator:${IMAGE_TAG}" . alpine-tools: ## Build and push the alpine-tools docker images and manifest.