From 7dc6b3abecd3252501d87ef778df28886ea481be Mon Sep 17 00:00:00 2001 From: Florin Lungu Date: Sat, 11 Jan 2025 10:35:28 +0200 Subject: [PATCH 1/3] fix permissions into home folder --- src/docker/_imports/ci.df | 2 +- src/docker/_imports/onbuild.df | 2 +- src/docker/alpine-ext/ext-alpine.df | 2 +- src/docker/alpine-ext/ext-asciidoctor.df | 2 +- src/docker/alpine/alpine.df | 2 +- src/docker/busybox/Dockerfile | 2 +- src/docker/debian-ext/Dockerfile | 2 +- src/docker/debian/base.df | 2 +- src/docker/ubuntu-ext/Dockerfile | 2 +- src/docker/ubuntu/base.df | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/src/docker/_imports/ci.df b/src/docker/_imports/ci.df index e907fc5..01aa6b9 100644 --- a/src/docker/_imports/ci.df +++ b/src/docker/_imports/ci.df @@ -1,7 +1,7 @@ FROM main AS ci ENV HUGO_ENV="production" -RUN chown -R hugo:hugo /src /target +RUN chown -R hugo:hugo /src /target /home/hugo USER hugo ENTRYPOINT [ "" ] CMD [ "hugo" ] \ No newline at end of file diff --git a/src/docker/_imports/onbuild.df b/src/docker/_imports/onbuild.df index 7a813ba..a3adb18 100644 --- a/src/docker/_imports/onbuild.df +++ b/src/docker/_imports/onbuild.df @@ -13,7 +13,7 @@ ONBUILD ENV HUGO_DESTINATION="${HUGO_DESTINATION_ARG:-/target}" \ ONBUILD COPY . /src ONBUILD WORKDIR ${HUGO_DIR:-/src} ONBUILD USER root -ONBUILD RUN chown -R hugo:hugo /src /target +ONBUILD RUN chown -R hugo:hugo /src /target /home/hugo ONBUILD USER hugo ONBUILD RUN if [ -e "$ONBUILD_SCRIPT_VALUE" ]; then exec sh $ONBUILD_SCRIPT_VALUE; else exec hugo $HUGO_CMD; fi diff --git a/src/docker/alpine-ext/ext-alpine.df b/src/docker/alpine-ext/ext-alpine.df index 69e4058..d05c591 100644 --- a/src/docker/alpine-ext/ext-alpine.df +++ b/src/docker/alpine-ext/ext-alpine.df @@ -46,7 +46,7 @@ RUN true \ # # Prepare folders && mkdir -p /src /target \ - && chown -R hugo:hugo /src /target \ + && chown -R hugo:hugo /src /target /home/hugo \ && chmod a+wrx /src /target \ # # add /src to safe.directory diff --git a/src/docker/alpine-ext/ext-asciidoctor.df b/src/docker/alpine-ext/ext-asciidoctor.df index c4c90e6..d598327 100644 --- a/src/docker/alpine-ext/ext-asciidoctor.df +++ b/src/docker/alpine-ext/ext-asciidoctor.df @@ -8,7 +8,7 @@ RUN apk -U upgrade && apk --no-cache add asciidoctor \ && gem install coderay --no-document \ && find /tmp -mindepth 1 -maxdepth 1 | xargs rm -rf \ && mkdir -p /src /target \ - && chown -R hugo:hugo /src /target \ + && chown -R hugo:hugo /src /target /home/hugo \ && chmod -R a+rwx /src /target VOLUME [ "/src", "/target" ] diff --git a/src/docker/alpine/alpine.df b/src/docker/alpine/alpine.df index ecabe9e..45681e3 100644 --- a/src/docker/alpine/alpine.df +++ b/src/docker/alpine/alpine.df @@ -21,7 +21,7 @@ IMPORT ../_imports/default_nonroot_user_alpine.df RUN apk -U upgrade && apk --no-cache add busybox-suid bash bash-completion tzdata make \ && find /tmp -mindepth 1 -maxdepth 1 | xargs rm -rf \ && mkdir -p /src /target \ - && chown -R hugo:hugo /src /target \ + && chown -R hugo:hugo /src /target /home/hugo \ && chmod a+rwx /src /target VOLUME [ "/src", "/target" ] diff --git a/src/docker/busybox/Dockerfile b/src/docker/busybox/Dockerfile index e0775ca..22199aa 100644 --- a/src/docker/busybox/Dockerfile +++ b/src/docker/busybox/Dockerfile @@ -21,7 +21,7 @@ COPY --from=image / / IMPORT ../_imports/default_nonroot_user_alpine.df RUN mkdir -p /src /target \ - && chown -R hugo:hugo /src /target \ + && chown -R hugo:hugo /src /target /home/hugo \ && chmod a+wrx /src /target VOLUME [ "/src", "/target" ] diff --git a/src/docker/debian-ext/Dockerfile b/src/docker/debian-ext/Dockerfile index a483b1d..e25c573 100644 --- a/src/docker/debian-ext/Dockerfile +++ b/src/docker/debian-ext/Dockerfile @@ -55,7 +55,7 @@ RUN true \ && rm -rf /var/lib/apt/lists/* \ && find /tmp -mindepth 1 -maxdepth 1 | xargs rm -rf \ && mkdir -p /src /target \ - && chown -R hugo:hugo /src /target \ + && chown -R hugo:hugo /src /target /home/hugo \ && chmod a+wrx /src /target \ # # add /src to safe.directory diff --git a/src/docker/debian/base.df b/src/docker/debian/base.df index 818b817..2691212 100644 --- a/src/docker/debian/base.df +++ b/src/docker/debian/base.df @@ -15,7 +15,7 @@ RUN apt update \ && rm -rf /var/lib/apt/lists/* \ && find /tmp -mindepth 1 -maxdepth 1 | xargs rm -rf \ && mkdir -p /src /target \ - && chown -R hugo:hugo /src /target \ + && chown -R hugo:hugo /src /target /home/hugo \ && chmod a+wrx /src /target COPY --from=base--files--debian / / diff --git a/src/docker/ubuntu-ext/Dockerfile b/src/docker/ubuntu-ext/Dockerfile index cd53fd4..59d8ddf 100644 --- a/src/docker/ubuntu-ext/Dockerfile +++ b/src/docker/ubuntu-ext/Dockerfile @@ -56,7 +56,7 @@ RUN true \ && rm -rf /var/lib/apt/lists/* \ && find /tmp -mindepth 1 -maxdepth 1 | xargs rm -rf \ && mkdir -p /src /target \ - && chown -R hugo:hugo /src /target \ + && chown -R hugo:hugo /src /target /home/hugo \ && chmod a+wrx /src /target \ # # add /src to safe.directory diff --git a/src/docker/ubuntu/base.df b/src/docker/ubuntu/base.df index 17334d4..bd03d21 100644 --- a/src/docker/ubuntu/base.df +++ b/src/docker/ubuntu/base.df @@ -19,7 +19,7 @@ RUN apt update \ && rm -rf /var/lib/apt/lists/* \ && find /tmp -mindepth 1 -maxdepth 1 | xargs rm -rf \ && mkdir -p /src /target \ - && chown -R hugo:hugo /src /target \ + && chown -R hugo:hugo /src /target /home/hugo \ && chmod a+wrx /src /target VOLUME [ "/src", "/target" ] From 79062574e88ed721e06d775e5af256b2184878b7 Mon Sep 17 00:00:00 2001 From: Florin Lungu Date: Sat, 11 Jan 2025 10:56:18 +0200 Subject: [PATCH 2/3] update user creation for alpine images --- src/docker/_imports/default_nonroot_user_alpine.df | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/docker/_imports/default_nonroot_user_alpine.df b/src/docker/_imports/default_nonroot_user_alpine.df index 5b22397..624ca69 100644 --- a/src/docker/_imports/default_nonroot_user_alpine.df +++ b/src/docker/_imports/default_nonroot_user_alpine.df @@ -1,2 +1,2 @@ RUN getent group hugo 2>&1 > /dev/null || addgroup -g 1234 hugo \ - && getent passwd hugo 2>&1 > /dev/null || adduser -u 1234 -D -H -G hugo -g "" hugo \ No newline at end of file + && getent passwd hugo 2>&1 > /dev/null || adduser -u 1234 -D -h /home/hugo -G hugo -g "" hugo \ No newline at end of file From 2398b88e5e4c9675dcb2d31c68c1e7584d90aa13 Mon Sep 17 00:00:00 2001 From: Florin Lungu Date: Sat, 11 Jan 2025 11:01:41 +0200 Subject: [PATCH 3/3] updates --- src/docker/_imports/ci.df | 2 +- src/docker/_imports/onbuild.df | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/docker/_imports/ci.df b/src/docker/_imports/ci.df index 01aa6b9..e907fc5 100644 --- a/src/docker/_imports/ci.df +++ b/src/docker/_imports/ci.df @@ -1,7 +1,7 @@ FROM main AS ci ENV HUGO_ENV="production" -RUN chown -R hugo:hugo /src /target /home/hugo +RUN chown -R hugo:hugo /src /target USER hugo ENTRYPOINT [ "" ] CMD [ "hugo" ] \ No newline at end of file diff --git a/src/docker/_imports/onbuild.df b/src/docker/_imports/onbuild.df index a3adb18..7a813ba 100644 --- a/src/docker/_imports/onbuild.df +++ b/src/docker/_imports/onbuild.df @@ -13,7 +13,7 @@ ONBUILD ENV HUGO_DESTINATION="${HUGO_DESTINATION_ARG:-/target}" \ ONBUILD COPY . /src ONBUILD WORKDIR ${HUGO_DIR:-/src} ONBUILD USER root -ONBUILD RUN chown -R hugo:hugo /src /target /home/hugo +ONBUILD RUN chown -R hugo:hugo /src /target ONBUILD USER hugo ONBUILD RUN if [ -e "$ONBUILD_SCRIPT_VALUE" ]; then exec sh $ONBUILD_SCRIPT_VALUE; else exec hugo $HUGO_CMD; fi