We had a discussion about how folks should use the new app user and whether they should use its name or UID for the USER instruction. We decided that the UID is best since it works better with the runAsNonUser Kubernetes feature.
Plan:
- Add
ENV APP_UID=64198 to runtime-deps layer
- Encourage users to use the following pattern:
USER $APP_UID
It's possible that having an ENV for the UID may be useful for other scenarios.
Note: Check #4693 and #4715 for final plan.
@karolz-ms
We had a discussion about how folks should use the new
appuser and whether they should use its name or UID for theUSERinstruction. We decided that the UID is best since it works better with therunAsNonUserKubernetes feature.Plan:
ENV APP_UID=64198toruntime-depslayerUSER $APP_UIDIt's possible that having an ENV for the UID may be useful for other scenarios.
Note: Check #4693 and #4715 for final plan.
@karolz-ms