Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

The documentation may do but many of the official images run as root and provide little to no documentation on how to change that, the Bitnami images in comparison are light years ahead.


A simple multistage example for Golang apps would be:

  FROM golang:1.12.4
  WORKDIR /opt/src/github.com/project1/myprog/
  COPY . .
  RUN go get -d -v ./...
  RUN CGO_ENABLED=0 GOOS=linux go build -a -mod=vendor -o myprog .
  
  FROM ubuntu:latest
  RUN useradd -u 5002 user1
  
  FROM scratch
  COPY --from=0 /opt/src/github.com/project1/myprog/myprog .
  COPY --from=1 /etc/passwd /etc/passwd
  USER user1
  ENTRYPOINT ["./myprog"]


Indeed - and there's no mention of any of this at https://hub.docker.com/_/golang - compare with https://hub.docker.com/r/bitnami/nginx that discussed non-root users and how to use it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: