Update Dockerfile to run as unprivileged user
What does this MR do and why?
This MR updates the Dockerfile
to run as an unprivileged user. Since the release-cli
application only talks to the GitLab API, there is no requirement for it to run with such high privileges. Running as root is on the top of the security checklist for most organisations and squashing it should help improve adoption.
To ensure backwards compatibility, the releaser
user has a gid
of 0
. This has the added benefit of OpenShift compatibility.
Checklist
-
I added tests -
Green pipeline -
Assign to reviewer
Edited by Vladimir Shushlin