ci: use ietfa uid/gid for datatracker user (#7407)

* ci: use ietfa uid/gid for datatracker user * chore: add comment
2024-05-10 11:39:43 -03:00 · 2024-05-10 11:39:43 -03:00 · dd46a8af6f
parent 7e56b2e923
commit dd46a8af6f
2 changed files with 5 additions and 4 deletions
--- a/dev/build/Dockerfile
+++ b/dev/build/Dockerfile
@ -3,8 +3,9 @@ LABEL maintainer="IETF Tools Team <tools-discuss@ietf.org>"

 ENV DEBIAN_FRONTEND=noninteractive

-RUN groupadd -g 1000 datatracker && \
-    useradd -c "Datatracker User" -u 1000 -g datatracker -m -s /bin/false datatracker
+# uid 498 = wwwrun and gid 496 = www on ietfa
+RUN groupadd -g 496 datatracker && \
+    useradd -c "Datatracker User" -u 498 -g datatracker -m -s /bin/false datatracker

 RUN apt-get purge -y imagemagick imagemagick-6-common

--- a/k8s/datatracker.yaml
+++ b/k8s/datatracker.yaml
@ -64,8 +64,8 @@ spec:
              drop:
              - ALL
            readOnlyRootFilesystem: true
-            runAsUser: 1000
-            runAsGroup: 1000
+            runAsUser: 498  # wwwrun uid on ietfa
+            runAsGroup: 496  # www group on ietfa
      volumes:
        # To be overriden with the actual shared volume
        - name: dt-vol