From 811f423a80b2a10b93d20a0b6429277f86567801 Mon Sep 17 00:00:00 2001
From: Markus Frosch <markus.frosch@icinga.com>
Date: Sun, 1 Sep 2019 11:29:07 +0200
Subject: [PATCH] Update user to build and set USER

---
 15.0/Dockerfile | 12 +++++++-----
 42.3/Dockerfile | 12 +++++++-----
 2 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/15.0/Dockerfile b/15.0/Dockerfile
index 7b25dab..f1641de 100644
--- a/15.0/Dockerfile
+++ b/15.0/Dockerfile
@@ -13,11 +13,6 @@ RUN zypper --non-interactive install --no-recommends \
   cmake libopenssl-devel ccache \
  && zypper clean
 
-RUN groupadd -g 1000 jenkins \
- && useradd -u 1000 -g 1000 -m jenkins \
- && echo 'Defaults:jenkins !requiretty' | tee -a /etc/sudoers \
- && echo 'jenkins ALL=(ALL:ALL) NOPASSWD: ALL' | tee -a /etc/sudoers
-
 RUN OBS_DIST=openSUSE_Leap_15.0 \
  && zypper --non-interactive addrepo --refresh https://download.opensuse.org/repositories/home:/lazyfrosch:/devel:/languages:/go/"${OBS_DIST}"/home:lazyfrosch:devel:languages:go.repo \
  && zypper --non-interactive addrepo --refresh https://download.opensuse.org/repositories/home:/lazyfrosch:/devel:/tools/"${OBS_DIST}"/home:lazyfrosch:devel:tools.repo \
@@ -29,6 +24,13 @@ RUN rpm --import https://packages.icinga.com/icinga.key \
  && zypper --non-interactive refresh \
  && zypper clean -a
 
+RUN groupadd -g 1000 build \
+ && useradd -u 1000 -g 1000 -m build \
+ && echo 'Defaults:build !requiretty' | tee -a /etc/sudoers \
+ && echo 'build ALL=(ALL:ALL) NOPASSWD: ALL' | tee -a /etc/sudoers \
+ && chown build.build /usr/local/bin
+
+USER build
 RUN git clone https://git.icinga.com/build-docker/scripts.git /usr/local/bin
 ENTRYPOINT ["/usr/local/bin/icinga-build-entrypoint"]
 CMD ["icinga-build-package"]
diff --git a/42.3/Dockerfile b/42.3/Dockerfile
index b7c746e..9e78f51 100644
--- a/42.3/Dockerfile
+++ b/42.3/Dockerfile
@@ -13,11 +13,6 @@ RUN zypper --non-interactive install --no-recommends \
   cmake libopenssl-devel ccache \
  && zypper clean
 
-RUN groupadd -g 1000 jenkins \
- && useradd -u 1000 -g 1000 -m jenkins \
- && echo 'Defaults:jenkins !requiretty' | tee -a /etc/sudoers \
- && echo 'jenkins ALL=(ALL:ALL) NOPASSWD: ALL' | tee -a /etc/sudoers
-
 RUN OBS_DIST=openSUSE_Leap_42.3 \
  && zypper --non-interactive addrepo --refresh https://download.opensuse.org/repositories/home:/lazyfrosch:/devel:/languages:/go/"${OBS_DIST}"/home:lazyfrosch:devel:languages:go.repo \
  && zypper --non-interactive addrepo --refresh https://download.opensuse.org/repositories/home:/lazyfrosch:/devel:/tools/"${OBS_DIST}"/home:lazyfrosch:devel:tools.repo \
@@ -29,6 +24,13 @@ RUN rpm --import https://packages.icinga.com/icinga.key \
  && zypper --non-interactive refresh \
  && zypper clean -a
 
+RUN groupadd -g 1000 build \
+ && useradd -u 1000 -g 1000 -m build \
+ && echo 'Defaults:build !requiretty' | tee -a /etc/sudoers \
+ && echo 'build ALL=(ALL:ALL) NOPASSWD: ALL' | tee -a /etc/sudoers \
+ && chown build.build /usr/local/bin
+
+USER build
 RUN git clone https://git.icinga.com/build-docker/scripts.git /usr/local/bin
 ENTRYPOINT ["/usr/local/bin/icinga-build-entrypoint"]
 CMD ["icinga-build-package"]
-- 
GitLab