From ca10bb633ef57b9c70cc6d76a7d17b7c56a607c5 Mon Sep 17 00:00:00 2001 From: Brandon Pfeifer Date: Fri, 25 Oct 2024 20:12:06 -0400 Subject: [PATCH] fix: use hardcoded UID/GID for influxdb:influxdb --- influxdb/1.11/Dockerfile | 5 ++++- influxdb/1.11/alpine/Dockerfile | 6 +++--- 2 files changed, 7 insertions(+), 4 deletions(-) diff --git a/influxdb/1.11/Dockerfile b/influxdb/1.11/Dockerfile index af6f7b15d..c54f15f4b 100644 --- a/influxdb/1.11/Dockerfile +++ b/influxdb/1.11/Dockerfile @@ -1,7 +1,10 @@ FROM buildpack-deps:bookworm-curl +RUN addgroup --system --gid 1500 influxdb && \ + adduser --system --uid 1500 --ingroup influxdb --home /var/lib/influxdb --shell /bin/false influxdb + ARG INFLUXDB_VERSION=1.11.7 -RUN gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 9D539D90D3328DC7D6C8D3B9D8FF8E1F7DF8B07E && \ +RUN gpg --batch --keyserver hkp://keyserver.ubuntu.com --recv-keys 9D539D90D3328DC7D6C8D3B9D8FF8E1F7DF8B07E && \ export DEBIAN_FRONTEND=noninteractive && \ apt-get update && \ case "$(dpkg --print-architecture)" in \ diff --git a/influxdb/1.11/alpine/Dockerfile b/influxdb/1.11/alpine/Dockerfile index 20ea4b387..80cedd98d 100644 --- a/influxdb/1.11/alpine/Dockerfile +++ b/influxdb/1.11/alpine/Dockerfile @@ -11,7 +11,7 @@ RUN apk add --no-cache --virtual .build-deps \ curl \ gnupg \ tar && \ - gpg --keyserver hkp://keyserver.ubuntu.com --recv-keys 9D539D90D3328DC7D6C8D3B9D8FF8E1F7DF8B07E && \ + gpg --batch --keyserver hkp://keyserver.ubuntu.com --recv-keys 9D539D90D3328DC7D6C8D3B9D8FF8E1F7DF8B07E && \ case "$(apk --print-arch)" in \ x86_64) ARCH=amd64 ;; \ aarch64) ARCH=arm64 ;; \ @@ -31,8 +31,8 @@ RUN apk add --no-cache --virtual .build-deps \ apk del .build-deps COPY influxdb.conf /etc/influxdb/influxdb.conf -RUN addgroup influxdb && \ - adduser -S -s /bin/false -h /var/lib/influxdb -G influxdb influxdb && \ +RUN addgroup --system --gid 1500 influxdb && \ + adduser --system --uid 1500 --ingroup influxdb --home /var/lib/influxdb --shell /bin/false influxdb && \ mkdir -p /var/lib/influxdb && \ mkdir -p /var/log/influxdb && \ chown influxdb:influxdb /var/lib/influxdb && \