Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use an unprivileged user in the Docker configuration #67

Merged
merged 2 commits into from
Mar 6, 2023
Merged

Use an unprivileged user in the Docker configuration #67

merged 2 commits into from
Mar 6, 2023

Conversation

mcdonnnj
Copy link
Member

@mcdonnnj mcdonnnj commented Mar 6, 2023

🗣 Description

This pull request updates the Docker configuration to use an unprivileged user. It also updates any remaining python calls to use python3.

💭 Motivation and context

Using an unprivileged user in Docker images is a best practice and we have been moving to using them whenever possible. Specifying python3 is a guard rail to ensure that we are using the Python 3 binary on a system in case it were to be configured with Python 2 as well.

🧪 Testing

Automated tests pass. I was able to run this configuration successfully when testing locally.

✅ Pre-approval checklist

  • This PR has an informative and human-readable title.
  • Changes are limited to a single goal - eschew scope creep!
  • All relevant type-of-change labels have been added.
  • I have read the CONTRIBUTING document.
  • These code changes follow cisagov code standards.
  • All new and existing tests pass.

mcdonnnj added 2 commits March 4, 2023 20:05
@mcdonnnj
Use an unprivileged user in the Docker image
21205cb 
Create and use an unprivileged user in the Docker configuration with
our standard configuration.
@mcdonnnj
Consistently use python3 instead of python
75f8fde 
Make sure that all RUN instructions use `python3` instead of `python`.
@mcdonnnj mcdonnnj added improvement This issue or pull request will add or improve functionality, maintainability, or ease of use security This issue or pull request addresses a security issue labels Mar 6, 2023
@mcdonnnj mcdonnnj requested review from dav3r, felddy and jsf9k as code owners March 6, 2023 05:05
@mcdonnnj mcdonnnj self-assigned this Mar 6, 2023
dav3r
dav3r approved these changes Mar 6, 2023
View reviewed changes
Copy link
Member

@dav3r dav3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@mcdonnnj mcdonnnj merged commit dce1145 into improvement/project_updates Mar 6, 2023
@mcdonnnj mcdonnnj deleted the improvement/use_unprivileged_user branch March 6, 2023 15:45
@mcdonnnj mcdonnnj mentioned this pull request Mar 6, 2023
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r dav3r approved these changes

@jsf9k jsf9k jsf9k approved these changes

@felddy felddy Awaiting requested review from felddy

Assignees

@mcdonnnj mcdonnnj

Labels
improvement This issue or pull request will add or improve functionality, maintainability, or ease of use security This issue or pull request addresses a security issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mcdonnnj @jsf9k @dav3r