Add non-root user to Cirrus image
rachaelcrook opened this issue · comments
In order to run the Cirrus image in a container in the GCP v2 environment, we need to run it as a non-root user due to security policies. Running the image locally, I don't see a non-root user for this purpose. Please add a non-root user to the Cirrus image.
┆Issue is synchronized with this Jira Task
@rachaelcrook Can you please link to the security policies you're referring to?
There's a pod security policy set for our Kubernetes cluster. If we leave out the security context settings of the pod it will fail to deploy.
. securityContext: runAsUser: <non-root user uid> runAsGroup: <non-root group uid> allowPrivilegeEscalation: false capabilities: drop: ["ALL"]
However, the above settings can't be set since the image doesn't have a non-root user and runs as root by default.