joschi36 opened a new pull request #25: URL: https://github.com/apache/cloudstack-kubernetes-provider/pull/25
I have detected that our container 1. does run as root user 2. can't run as non-root user Therefore, I updated the deployment to run as user 1000 by default and moved the binary out of the `/root/` directory. Also, I changed the `CMD` to `ENTRYPOINT`, so you can use `args` in the Kubernetes deployment. Then you don't need to know the command to start the daemon and can just add multiple arguments Ref: - https://amazicworld.com/get-the-evil-out-dont-run-containers-as-root/ - https://engineering.bitnami.com/articles/why-non-root-containers-are-important-for-security.html -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org
