Skip to content

Commit

Permalink
Fix dockerfile binary permissions (#279)
Browse files Browse the repository at this point in the history
  • Loading branch information
@astaninger
astaninger authored Jun 18, 2024
1 parent 0d80350 commit c68f25b
Showing 1 changed file with 16 additions and 1 deletion.
17 changes: 16 additions & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,11 +13,26 @@
# See the License for the specific language governing permissions and
# limitations under the License.

# First stage: Use an image that includes shell and utilities
FROM mcr.microsoft.com/cbl-mariner/base/core:2.0 AS builder

# Set the working directory and copy the 'manager' binary
WORKDIR /
COPY bin/manager .

# Set the executable permission on the 'manager' binary
RUN chmod +x /manager

# Use distroless as minimal base image to package the manager binary
FROM mcr.microsoft.com/cbl-mariner/distroless/debug:2.0
WORKDIR /

COPY bin/manager ./
# Copy the 'manager' binary from the first stage with the correct permissions
COPY --from=builder --chown=65532:65532 /manager .

# Set the user ID for the container process to 65532 (nonroot user)
USER 65532:65532

# Specify the command to run when the container starts

ENTRYPOINT ["/manager"]

0 comments on commit c68f25b

Please sign in to comment.