From c6549d4e2109440e0543d753ad139ffe045fe86c Mon Sep 17 00:00:00 2001
From: Kevin Jayne <seemywingz@users.noreply.github.com>
Date: Thu, 6 Jun 2024 17:02:36 -0400
Subject: [PATCH] fix: Kevin prod 2140 build ansible harness image (#213)

* initialize harness ansible build

* add non-root user

* update ownership
---
 dockerfiles/harness/ansible.Dockerfile | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

diff --git a/dockerfiles/harness/ansible.Dockerfile b/dockerfiles/harness/ansible.Dockerfile
index 47b69c1d..13ce6eb7 100644
--- a/dockerfiles/harness/ansible.Dockerfile
+++ b/dockerfiles/harness/ansible.Dockerfile
@@ -10,9 +10,16 @@ FROM ${HARNESS_BASE_IMAGE} as harness
 # Build Ansible from Python Image
 FROM python:${PYTHON_VERSION}-alpine as final
 
+# Create necessary directories and set their ownership to UID/GID 65532
+RUN mkdir /plural && chown -R 65532:65532 /plural
+RUN mkdir /tmp/plural && chown -R 65532:65532 /tmp/plural
+
 # Copy Harness bin from the Harness Image
 COPY --from=harness /harness /usr/local/bin/harness
 
+# Change ownership of the harness binary to UID/GID 65532
+RUN chown -R 65532:65532 /usr/local/bin/harness
+
 # Install build dependencies, Ansible, and openssh-client
 ARG ANSIBLE_VERSION=9.0.0
 RUN apk add --no-cache --virtual .build-deps \
@@ -26,4 +33,7 @@ RUN apk add --no-cache --virtual .build-deps \
     apk add --no-cache openssh-client && \
     apk del .build-deps
 
-ARG PYTHON_VERSION
+# Switch to the non-root user
+USER 65532:65532
+
+WORKDIR /plural