Thanks for putting this together! One thing I'd strongly suggest to do is to define a USER in your Dockerfile. If you don't do this, the container (typically) unnecessarily runs as root, which is a big anti-pattern. Unfortunately, we still find way over half of the images on Dockerhub not defining a user due to a lack of education. See also canihaznonprivilegedcontainers.info where we provide some more background.
I had no idea but this is great information. I will update this tutorial and the sample images on dockerhub so I’m not helping perpetuate an anitpattern. Thank you!
Thanks for putting this together! One thing I'd strongly suggest to do is to define a
USERin your Dockerfile. If you don't do this, the container (typically) unnecessarily runs as root, which is a big anti-pattern. Unfortunately, we still find way over half of the images on Dockerhub not defining a user due to a lack of education. See also canihaznonprivilegedcontainers.info where we provide some more background.I had no idea but this is great information. I will update this tutorial and the sample images on dockerhub so I’m not helping perpetuate an anitpattern. Thank you!
Thank you and KUTGW!