mirror/prysm-pulse
1
0
Fork 0
mirror of https://gitlab.com/pulsechaincom/prysm-pulse.git synced 2025-01-11 12:10:05 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
9aed0034ec
prysm-pulse/tools/BUILD.bazel
Preston Van Loon ff1fd77425 Build docker images for non-root user (#4320) 
* build docker images as non-root user
* search and replace mistake
* buildifer
* Change uid to 1001
2019-12-18 20:52:25 +00:00

62 lines
1.5 KiB
Python
Raw Blame History

load("@bazel_tools//tools/build_defs/pkg:pkg.bzl", "pkg_tar")
load("@io_bazel_rules_docker//contrib:passwd.bzl", "passwd_entry", "passwd_file")
load("@io_bazel_rules_docker//container:container.bzl", "container_image")
alias(
name = "kubesec",
actual = "@com_github_shyiko_kubesec//:kubesec",
visibility = ["//visibility:public"],
)
################################################################################
## Docker images as non-root user ##
################################################################################
# Create a passwd file with a root and nonroot user and uid.
passwd_entry(
name = "root_user",
gid = 0,
uid = 0,
username = "root",
)
passwd_entry(
name = "nonroot_user",
info = "nonroot",
uid = 1001,
username = "nonroot",
)
passwd_file(
name = "passwd",
entries = [
":root_user",
":nonroot_user",
],
)
# Create a tar file containing the created passwd file
pkg_tar(
name = "passwd_tar",
srcs = [":passwd"],
mode = "0o644",
package_dir = "etc",
)
# Include it in our base image as a tar.
container_image(
name = "cc_image",
base = "@cc_image_base//image",
tars = [":passwd_tar"],
user = "nonroot",
visibility = ["//visibility:public"],
)
container_image(
name = "go_image",
base = "@go_image_base//image",
tars = [":passwd_tar"],
user = "nonroot",
visibility = ["//visibility:public"],
)
Reference in New Issue View Git Blame Copy Permalink