From 7cc8286412177553df76d6e4f23c7f535abd5da6 Mon Sep 17 00:00:00 2001 From: DongHyeonka Date: Fri, 20 Mar 2026 18:10:23 +0900 Subject: [PATCH] =?UTF-8?q?feat=20:dockerfile=20=EC=88=98=EC=A0=95=20?= =?UTF-8?q?=EB=B0=8F=20=EA=B6=8C=ED=95=9C=20=EC=84=A4=EC=A0=95=20=EC=88=98?= =?UTF-8?q?=EC=A0=95?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Dockerfile | 6 +++--- k8s/dev/deployment.yaml | 2 ++ k8s/dev/secret.yaml | 1 + 3 files changed, 6 insertions(+), 3 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4f305e5..880509e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -37,8 +37,8 @@ FROM eclipse-temurin:21-jre-jammy@sha256:fcf98f8a669c2778b2a1a145c7dac92a1f8fc71 RUN apt-get update && \ apt-get install -y --no-install-recommends curl && \ rm -rf /var/lib/apt/lists/* && \ - groupadd --system spring && \ - useradd --system --gid spring --create-home --home-dir /app spring + groupadd --system --gid 10001 spring && \ + useradd --system --uid 10001 --gid 10001 --create-home --home-dir /app spring WORKDIR /app @@ -49,7 +49,7 @@ COPY --chown=spring:spring --from=builder /workspace/extracted/application/ ./ EXPOSE 8080 -USER spring +USER 10001:10001 HEALTHCHECK --interval=30s --timeout=5s --start-period=30s --retries=3 \ CMD curl --fail --silent http://127.0.0.1:8080/actuator/health > /dev/null || exit 1 diff --git a/k8s/dev/deployment.yaml b/k8s/dev/deployment.yaml index 410ad82..ce390d6 100644 --- a/k8s/dev/deployment.yaml +++ b/k8s/dev/deployment.yaml @@ -19,6 +19,8 @@ spec: automountServiceAccountToken: false securityContext: runAsNonRoot: true + runAsUser: 10001 + runAsGroup: 10001 seccompProfile: type: RuntimeDefault containers: diff --git a/k8s/dev/secret.yaml b/k8s/dev/secret.yaml index e67c774..91e1740 100644 --- a/k8s/dev/secret.yaml +++ b/k8s/dev/secret.yaml @@ -2,6 +2,7 @@ apiVersion: v1 kind: Secret metadata: name: auth-server-secret + namespace: auth-dev type: Opaque stringData: APP_DATASOURCE_USERNAME: project_auth