Fix: do not override uid/git in buildpack builder (#2819)

* Fix: do not override uid/git in buildpack builder Zero value implies override (to root presumably), we must set it to negative value. Signed-off-by: Matej Vašek <mvasek@redhat.com> * Fixup tests Since we do not override uid/gid==0 we need to make mounted data less readable to all. Signed-off-by: Matej Vašek <mvasek@redhat.com> --------- Signed-off-by: Matej Vašek <mvasek@redhat.com>
2025-04-30 04:45:05 +02:00 · 2025-04-30 04:45:05 +02:00 · 41666714f2
parent f6b5e39b7c
commit 41666714f2
2 changed files with 4 additions and 2 deletions
--- a/pkg/builders/builders_int_test.go
+++ b/pkg/builders/builders_int_test.go
@ -65,7 +65,7 @@ func TestPrivateGitRepository(t *testing.T) {
 	}

 	gitCredsDir := t.TempDir()
-	err := os.WriteFile(filepath.Join(gitCredsDir, "type"), []byte(`git-credentials`), 0600)
+	err := os.WriteFile(filepath.Join(gitCredsDir, "type"), []byte(`git-credentials`), 0644)
 	if err != nil {
 		t.Fatal(err)
 	}
@ -74,7 +74,7 @@ func TestPrivateGitRepository(t *testing.T) {
 username=developer
 password=nbusr123
 `
-	err = os.WriteFile(filepath.Join(gitCredsDir, "credentials"), []byte(gitCred), 0600)
+	err = os.WriteFile(filepath.Join(gitCredsDir, "credentials"), []byte(gitCred), 0644)
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/pkg/builders/buildpacks/builder.go
+++ b/pkg/builders/buildpacks/builder.go
@ -153,6 +153,8 @@ func (b *Builder) Build(ctx context.Context, f fn.Function, platforms []fn.Platf
 	}
 	// Pack build options
 	opts := pack.BuildOptions{
+		GroupID:        -1,
+		UserID:         -1,
 		AppPath:        f.Root,
 		Image:          f.Build.Image,
 		LifecycleImage: DefaultLifecycleImage,