Skip to content

fix: make Docker images backward compatible with runAsUser: 1000#8106

Merged
buger merged 1 commit intorelease-5.8.13from
fix/dockerfile-chown-compat-release-5.8.13
Apr 20, 2026
Merged

fix: make Docker images backward compatible with runAsUser: 1000#8106
buger merged 1 commit intorelease-5.8.13from
fix/dockerfile-chown-compat-release-5.8.13

Conversation

@buger
Copy link
Copy Markdown
Member

@buger buger commented Apr 20, 2026

Summary

  • Remove --chown=65532:65532 from non-FIPS Dockerfile builds to restore backward compatibility with helm charts using runAsUser: 1000
  • Files are made world-readable via chmod -R a+rX
  • FIPS/DHI builds still get proper 65532 ownership via NONROOT_CHOWN build arg

Test plan

  • Gateway starts with runAsUser: 1000 (old helm default)
  • Gateway starts with runAsUser: 65532
  • FIPS image still has proper nonroot ownership

🤖 Generated with Claude Code

@buger @claude
fix: make Docker images backward compatible with runAsUser: 1000
632e08b 
- Remove --chown=65532:65532 from COPY for non-FIPS builds
- Add chmod -R a+rX so files are world-readable regardless of uid
- FIPS/DHI builds pass NONROOT_CHOWN=true for proper nonroot ownership

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@buger buger requested a review from a team as a code owner April 20, 2026 16:52
@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 20, 2026

🚨 Jira Linter Failed

Commit: 632e08b
Failed at: 2026-04-20 16:52:35 UTC

The Jira linter failed to validate your PR. Please check the error details below:

🔍 Click to view error details 
failed to validate branch and PR title rules: neither branch name 'fix/dockerfile-chown-compat-release-5.8.13' nor PR title 'fix: make Docker images backward compatible with runAsUser: 1000' contains a valid Jira ticket ID (e.g., ABC-123)

Next Steps

  • Ensure your branch name contains a valid Jira ticket ID (e.g., ABC-123)
  • Verify your PR title matches the branch's Jira ticket ID
  • Check that the Jira ticket exists and is accessible

This comment will be automatically deleted once the linter passes.

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 20, 2026

Failed to generate code suggestions for PR

@github-actions
Copy link
Copy Markdown
Contributor

github-actions bot commented Apr 20, 2026

API Changes

no api changes detected

@buger buger merged commit 534adb2 into release-5.8.13 Apr 20, 2026
31 of 39 checks passed
@buger buger deleted the fix/dockerfile-chown-compat-release-5.8.13 branch April 20, 2026 17:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@buger