Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DATAGO-81660: event-management-agent Dockerfile must account for correct user and user home directory setup #196

Merged
merged 5 commits into from
Aug 15, 2024
Merged

DATAGO-81660: event-management-agent Dockerfile must account for correct user and user home directory setup #196

merged 5 commits into from
Aug 15, 2024

Conversation

rudraneel-chakraborty
Copy link
Contributor

@rudraneel-chakraborty rudraneel-chakraborty commented Aug 12, 2024
edited
Loading

What is the purpose of this change?

Implement asks of https://sol-jira.atlassian.net/browse/DATAGO-81660

How was this change implemented?

By changing the docker file

  • Created a user called emauser (Note: the username can be overiddeen by passing the arfument to the Dockerfile)
  • .terraformrc file is copied to the /home/emauser directory
  • switched to using non-root user emauser

How was this change tested?

Tested configpush and scan for :

  • self managed ema
  • cloud managed ema

Is there anything the reviewers should focus on/be aware of?

...

@rudraneel-chakraborty rudraneel-chakraborty changed the title DATAGO-81660 updated dockerfile DATAGO-81660: event-management-agent Dockerfile must account for correct user and user home directory setup Aug 13, 2024
rudraneel-chakraborty
rudraneel-chakraborty commented Aug 13, 2024
View reviewed changes
service/application/docker/Dockerfile
@@ -1,8 +1,20 @@
ARG BASE_IMAGE
FROM ${BASE_IMAGE}

# default user name is "emauser"
ARG USER=emauser
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note: you can override the username by --build-arg USER=someuser

@rudraneel-chakraborty rudraneel-chakraborty marked this pull request as ready for review August 13, 2024 20:22
rudraneel-chakraborty
rudraneel-chakraborty commented Aug 15, 2024
View reviewed changes
service/application/docker/Dockerfile Outdated

COPY .terraformrc /root/.terraformrc
# switch to the created user from root
USER $USER
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the earliest we can switch to user as line 24 requires to use apk

@sonarqube-solacecloud SonarQube-SolaceCloud
Copy link

SonarQube Quality Gate

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@rudraneel-chakraborty rudraneel-chakraborty merged commit ecb2b23 into main Aug 15, 2024
6 checks passed
@rudraneel-chakraborty rudraneel-chakraborty deleted the DATAGO-81660-use-dedicated-user-dockerfile branch August 15, 2024 22:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@moodiRealist moodiRealist moodiRealist approved these changes

@mynecker mynecker Awaiting requested review from mynecker

@CameronRushton CameronRushton Awaiting requested review from CameronRushton

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@rudraneel-chakraborty @moodiRealist