Skip to content

Commit c7c0ec9

Browse files
authored
fix(controller): fix Containerfile build with rootless Podman (#822)
1 parent 51971c2 commit c7c0ec9

1 file changed

Lines changed: 15 additions & 7 deletions

File tree

controller/Containerfile

Lines changed: 15 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -6,9 +6,17 @@ ARG GIT_VERSION=unknown
66
ARG GIT_COMMIT=unknown
77
ARG BUILD_DATE=unknown
88

9+
# Create a build directory owned by the build user (1001:0).
10+
# This avoids permission issues with rootless Podman where COPY
11+
# changes the working directory ownership to root.
12+
WORKDIR /build
13+
USER 0
14+
RUN chown 1001:0 /build
15+
USER 1001
16+
917
# Copy the Go Modules manifests
10-
COPY go.mod go.mod
11-
COPY go.sum go.sum
18+
COPY --chown=1001:0 go.mod go.mod
19+
COPY --chown=1001:0 go.sum go.sum
1220
# cache deps before building and copying source so that we don't need to re-download as much
1321
# and so that source changes don't invalidate our downloaded layer
1422
# Cache module downloads across builds
@@ -17,9 +25,9 @@ RUN --mount=type=cache,target=/opt/app-root/src/go/pkg/mod,sharing=locked,uid=10
1725
go mod download
1826

1927
# Copy the go source
20-
COPY cmd/ cmd/
21-
COPY api/ api/
22-
COPY internal/ internal/
28+
COPY --chown=1001:0 cmd/ cmd/
29+
COPY --chown=1001:0 api/ api/
30+
COPY --chown=1001:0 internal/ internal/
2331

2432
# Build
2533
# the GOARCH has not a default value to allow the binary be built according to the host where the command
@@ -41,8 +49,8 @@ RUN --mount=type=cache,target=/opt/app-root/src/go/pkg/mod,sharing=locked,uid=1
4149

4250
FROM registry.access.redhat.com/ubi9/ubi-micro:9.8-1779858820@sha256:b498b3ea26111ab4b81d65139f2ebd2ef9a2abb7a4588b7fdcc54889f95e9caa
4351
WORKDIR /
44-
COPY --from=builder /opt/app-root/src/manager .
45-
COPY --from=builder /opt/app-root/src/router .
52+
COPY --from=builder /build/manager .
53+
COPY --from=builder /build/router .
4654
USER 65532:65532
4755

4856
ENTRYPOINT ["/manager"]

0 commit comments

Comments
 (0)