Skip to content

fix: make Docker images backward compatible with runAsUser: 1000#8105

Merged
buger merged 1 commit intorelease-5.8from
fix/dockerfile-chown-compat-release-5.8
Apr 20, 2026
Merged

fix: make Docker images backward compatible with runAsUser: 1000#8105
buger merged 1 commit intorelease-5.8from
fix/dockerfile-chown-compat-release-5.8

Conversation

@buger
Copy link
Copy Markdown
Member

@buger buger commented Apr 20, 2026

Summary

  • Remove --chown=65532:65532 from non-FIPS Dockerfile builds to restore backward compatibility with helm charts using runAsUser: 1000
  • Files are made world-readable via chmod -R a+rX
  • FIPS/DHI builds still get proper 65532 ownership via NONROOT_CHOWN build arg

Test plan

  • Gateway starts with runAsUser: 1000 (old helm default)
  • Gateway starts with runAsUser: 65532
  • FIPS image still has proper nonroot ownership

🤖 Generated with Claude Code

@buger @claude
fix: make Docker images backward compatible with runAsUser: 1000
75931f2 
- Remove --chown=65532:65532 from COPY for non-FIPS builds
- Add chmod -R a+rX so files are world-readable regardless of uid
- FIPS/DHI builds pass NONROOT_CHOWN=true for proper nonroot ownership

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@buger buger requested a review from a team as a code owner April 20, 2026 16:51
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 20, 2026

🚨 Jira Linter Failed

Commit: 75931f2
Failed at: 2026-04-20 16:51:45 UTC

The Jira linter failed to validate your PR. Please check the error details below:

🔍 Click to view error details 
failed to validate branch and PR title rules: branch name 'fix/dockerfile-chown-compat-release-5.8' must contain a valid Jira ticket ID (e.g., ABC-123)

Next Steps

  • Ensure your branch name contains a valid Jira ticket ID (e.g., ABC-123)
  • Verify your PR title matches the branch's Jira ticket ID
  • Check that the Jira ticket exists and is accessible

This comment will be automatically deleted once the linter passes.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 20, 2026

Failed to generate code suggestions for PR

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 20, 2026

API Changes

no api changes detected

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Apr 20, 2026

Quality Gate Passed Quality Gate passed

Issues
5 New issues
0 Accepted issues

Measures
0 Security Hotspots
91.1% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@buger buger merged commit 19fffaf into release-5.8 Apr 20, 2026
39 of 43 checks passed
@buger buger deleted the fix/dockerfile-chown-compat-release-5.8 branch April 20, 2026 17:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@buger