centralcloud/oncall-engine
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
oncall-engine/engine
History
Alexander Cherepanov f67cfd0494
Run containers as a non-root user (#2053) 
# What this PR does

Create a custom non-root user and use it to start an app. So uwsgi does
not require to use `setUid` and `setGid` system calls.

It handles errors while starting in Kubernetes with `runAsNonRoot: true`
check.

## Which issue(s) this PR fixes

closes https://github.com/grafana/oncall/issues/445

## Checklist

- [x] Unit, integration, and e2e (if applicable) tests updated
- [ ] Documentation added (or `pr:no public docs` PR label added if not
required)
- [x] `CHANGELOG.md` updated (or `pr:no changelog` PR label added if not
required)

---------

Co-authored-by: Joey Orlando <joey.orlando@grafana.com>
Co-authored-by: Joey Orlando <joseph.t.orlando@gmail.com>
2023-06-08 07:12:00 +00:00
..
apps Add BaseFailed exceptions for phone_notificator (#2074) 2023-06-08 05:55:41 +00:00
common Make viewset actions more consistent (#2120) 2023-06-07 12:10:53 +00:00
config_integrations Fix demo alert for inbound email (#2081) 2023-06-02 09:44:32 +00:00
engine Remove request reading middleware as we use post-buffering (#2094) 2023-06-05 11:49:39 +08:00
settings Remove request reading middleware as we use post-buffering (#2094) 2023-06-05 11:49:39 +08:00
static/images World, meet OnCall! 2022-06-03 08:09:47 -06:00
.dockerignore One startup command to rule them all (#760) 2022-11-07 16:34:43 +01:00
.gitignore modify push notification settings + use fcm-django library (#998) 2022-12-20 12:41:34 +01:00
celery_with_exporter.sh Add flag to debug logs (#912) 2022-11-29 11:16:42 +08:00
conftest.py OnCall prometheus metrics exporter (#1605) 2023-05-25 18:26:13 +00:00
Dockerfile Run containers as a non-root user (#2053) 2023-06-08 07:12:00 +00:00
manage.py World, meet OnCall! 2022-06-03 08:09:47 -06:00
pyproject.toml World, meet OnCall! 2022-06-03 08:09:47 -06:00
requirements.txt make make test command much more robust + address several more backend test warnings (#2115) 2023-06-07 10:51:58 +00:00
tox.ini Add RBAC Support (#777) 2022-11-29 09:41:56 +01:00
uwsgi.ini Run containers as a non-root user (#2053) 2023-06-08 07:12:00 +00:00
wait_for_test_mysql_start.sh Revert "Revert "speed up ci builds from 15 to <7 minutes"" (#1643) 2023-03-28 09:34:03 +02:00