From dd46a8af6f0998e0717d141f104cea70fe560577 Mon Sep 17 00:00:00 2001
From: Jennifer Richards <jennifer@staff.ietf.org>
Date: Fri, 10 May 2024 11:39:43 -0300
Subject: [PATCH] ci: use ietfa uid/gid for datatracker user (#7407)

* ci: use ietfa uid/gid for datatracker user

* chore: add comment
---
 dev/build/Dockerfile | 5 +++--
 k8s/datatracker.yaml | 4 ++--
 2 files changed, 5 insertions(+), 4 deletions(-)

diff --git a/dev/build/Dockerfile b/dev/build/Dockerfile
index d5578be3d..3d317f141 100644
--- a/dev/build/Dockerfile
+++ b/dev/build/Dockerfile
@@ -3,8 +3,9 @@ LABEL maintainer="IETF Tools Team <tools-discuss@ietf.org>"
 
 ENV DEBIAN_FRONTEND=noninteractive
 
-RUN groupadd -g 1000 datatracker && \
-    useradd -c "Datatracker User" -u 1000 -g datatracker -m -s /bin/false datatracker
+# uid 498 = wwwrun and gid 496 = www on ietfa
+RUN groupadd -g 496 datatracker && \
+    useradd -c "Datatracker User" -u 498 -g datatracker -m -s /bin/false datatracker
 
 RUN apt-get purge -y imagemagick imagemagick-6-common
 
diff --git a/k8s/datatracker.yaml b/k8s/datatracker.yaml
index 7ca92ba99..303741daf 100644
--- a/k8s/datatracker.yaml
+++ b/k8s/datatracker.yaml
@@ -64,8 +64,8 @@ spec:
               drop:
               - ALL
             readOnlyRootFilesystem: true
-            runAsUser: 1000
-            runAsGroup: 1000
+            runAsUser: 498  # wwwrun uid on ietfa
+            runAsGroup: 496  # www group on ietfa
       volumes:
         # To be overriden with the actual shared volume
         - name: dt-vol