Marat, Sorry for late reply. Il lun 29 lug 2019, 19:00 <[email protected]> ha scritto:
> Hi community. > > I use Maven with Maven Resources plugin and Dockerfile Maven plugin > (https://github.com/spotify/dockerfile-maven) for building my Docker > images > and this approach works fine (much better than shell scripts) except one > issue - refer to "The backlash of chmod/chown/mv in your Dockerfile" > article > ( > https://medium.com/@lmakarov/the-backlash-of-chmod-chown-mv-in-your-dockerf > ile-f12fe08c0b55 > <https://medium.com/@lmakarov/the-backlash-of-chmod-chown-mv-in-your-dockerfile-f12fe08c0b55>). > I was able to solve this issue in terms of location and > file / directory permissions with Maven Assembly plugin and TAR format but > ownership of files and directories is still an issue - refer to > https://issues.apache.org/jira/browse/MASSEMBLY-918 for details. > So you need to create tar files with root:root as owner of files? Enrico > > This issue with ownership is important for the business project I work in > because this issue becomes security issue (well, it's **minor** security > issue to be honest, but I'd prefer to not prove that for software security > team but just fix the issue) when Red Hat OpenShift and RHEL 7 are used, > i.e. the same issue may be important for other business projects > ("corporates") utilizing the same (popular) stack. > > I implemented PoC which demonstrates that MASSEMBLY-918 can be easily > solved > (refer to issue description). It's still PoC because it doesn't follow all > the rules required for official pull requests and contains no unit tests > for > the new feature I implemented. > > I'd like to understand: > > 1. If MASSEMBLY-918 is actual for other developers? Does anybody else use > Maven for building of Docker images and have the same limits because of > RHEL > and OpenShift? > 2. Does it make sense to invest into official pull requests for further > promotion of changes (these changes may be helpful not only for building of > Docker images)? > > Thank you. > > Regards, > Marat Abrarov. > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > >
