From 655bf2a9349b469663142b1952912d90e0591aa8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E9=99=B3=E9=88=9E?= Date: Tue, 12 Dec 2023 06:30:00 +0800 Subject: [PATCH] fix(docker): permission issue --- Dockerfile | 2 +- Dockerfile.ubi | 2 +- helm-chart/templates/deployment.yaml | 11 +++-------- 3 files changed, 5 insertions(+), 10 deletions(-) diff --git a/Dockerfile b/Dockerfile index 809b038..9a31e86 100644 --- a/Dockerfile +++ b/Dockerfile @@ -60,7 +60,7 @@ FROM base AS final ENV PATH="/app:$PATH" -RUN mkdir -p /app && chown -R $APP_UID:$APP_UID /app +RUN mkdir -p /app && chown -R $APP_UID:$APP_UID /app && chmod u+rwx /app COPY --from=publish --chown=$APP_UID:$APP_UID /app/publish/YoutubeLiveChatToDiscord /app/YoutubeLiveChatToDiscord COPY --from=publish --chown=$APP_UID:$APP_UID /app/publish/appsettings.json /app/appsettings.json diff --git a/Dockerfile.ubi b/Dockerfile.ubi index 0a48839..a77da9e 100644 --- a/Dockerfile.ubi +++ b/Dockerfile.ubi @@ -66,7 +66,7 @@ FROM base AS final ENV PATH="/app:$PATH" -RUN mkdir -p /app && chown -R 1001:1001 /app +RUN mkdir -p /app && chown -R 1001:1001 /app && chmod u+rwx /app COPY --from=publish --chown=1001:1001 /app/publish/YoutubeLiveChatToDiscord /app/YoutubeLiveChatToDiscord COPY --from=publish --chown=1001:1001 /app/publish/appsettings.json /app/appsettings.json diff --git a/helm-chart/templates/deployment.yaml b/helm-chart/templates/deployment.yaml index c9caec1..9de278e 100644 --- a/helm-chart/templates/deployment.yaml +++ b/helm-chart/templates/deployment.yaml @@ -45,16 +45,11 @@ spec: drop: ["ALL"] seccompProfile: type: "RuntimeDefault" - runAsUser: 1001 - runAsGroup: 1001 + runAsUser: 1654 + runAsGroup: 1654 {{- if .useCookies }} - # copy /cookies.txt to /app/cookies.txt and run the original entrypoint ["dotnet", "YoutubeLiveChatToDiscord.dll"] - command: - - "/bin/sh" - - "-c" - - "cp /cookies.txt /app/cookies.txt && dotnet /app/YoutubeLiveChatToDiscord.dll {{ .youtubeId }} {{ .discordWebhook }}" volumeMounts: - - mountPath: /cookies.txt + - mountPath: /app/cookies.txt name: cookies subPath: cookies.txt volumes: