Skip to content

Commit

Permalink
Run init-container as non-root user for 6.0 (#28)
Browse files Browse the repository at this point in the history
Signed-off-by: Arnob kumar saha <[email protected]>
  • Loading branch information
ArnobKumarSaha authored Nov 23, 2023
1 parent f996990 commit 4cd69c9
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 4 deletions.
2 changes: 1 addition & 1 deletion Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.

FROM debian:stretch as builder
FROM debian:bookworm as builder

ENV DEBIAN_FRONTEND noninteractive
ENV DEBCONF_NONINTERACTIVE_SEEN true
Expand Down
4 changes: 1 addition & 3 deletions install.sh
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,6 @@ if [[ "$SSL_MODE" != "disabled" ]] && [[ -f "$client_pem" ]]; then
envsubst '${INJECT_USER}' <${INIT_DIR}/replicaset.sh >${DEST_DIR}/replicaset.sh
envsubst '${INJECT_USER}' <${INIT_DIR}/sharding.sh >${DEST_DIR}/sharding.sh
envsubst '${INJECT_USER}' <${INIT_DIR}/mongos.sh >${DEST_DIR}/mongos.sh
rm ${INIT_DIR}/replicaset.sh ${INIT_DIR}/mongos.sh ${INIT_DIR}/sharding.sh
chmod -c 755 ${DEST_DIR}/replicaset.sh ${DEST_DIR}/sharding.sh ${DEST_DIR}/mongos.sh
fi

Expand All @@ -69,6 +68,5 @@ fi

if [ -f "/keydir-readonly/key.txt" ]; then
cp /keydir-readonly/key.txt /data/configdb/key.txt
chmod 600 /data/configdb/key.txt
chown -R 1001:0 /data/configdb/key.txt
chmod 400 /data/configdb/key.txt
fi

0 comments on commit 4cd69c9

Please sign in to comment.