I need to run my build as a non-root user.
This shows how to do it but it would be better if there was a simple configuration step I could. Is there?
Using `run-as-user` did not work for me either. This is how I did it using gosu,
$ cat bitbucket-pipelines.yml
# You can use any Docker image from Docker Hub or your own container registry
depth: 50 # Need to clone more than 1 to allow builds to be rerun without requiring a rebase
script: # Modify the commands below to build and test your repository.
- id -u build &>/dev/null || useradd --user-group --create-home --shell /bin/false build
- gosu build mvn --version
- gosu build mvn -B clean install
$ cat bitbucket-pipelines-gosu.sh
apt-get install -y --no-install-recommends gosu
So effectively the default user in your image still is root I guess and the user is created in script runtime. This won't work as my image has a different default user. I wonder what the application specifications say for the bitbucket pipeline service in this scenario. Is there a requirement to run an image as root? So to share the root user resource between the host system and the pipeline?
Your docker image (in this case maven:3.3.3) has a default run-as-user directive (probably root) that is defined when the image was created and determines what user the build container is run as.
If you wish to run the build container as a different user you can do 2 things:
This feature simply allow you to instruct Pipelines to start the build container as a different user when more than 1 user exists in the image and the one you want to run as is not the default.
Connect with like-minded Atlassian users at free events near you!Find a group
Connect with like-minded Atlassian users at free events near you!
Unfortunately there are no AUG chapters near you at the moment.Start an AUG
We're bringing product updates and pro tips on teamwork to ten cities around the world.Save your spot