I would like to build with non-root user. To achieve this I'm looking at run-as build spec.
run-as: Optional sequence. Available to Linux users only. Specifies a Linux user that runs commands in this buildspec file. run-as grants the specified user read and execute permissions. When you specify run-as at the top of the buildspec file, it applies globally to all commands. If you don't want to specify a user for all buildspec file commands, you can specify one for commands in a phase by using run-as in one of the phases blocks. If run-as is not specified, then all commands run as the root.
run-as
?Go to aws-codebuild-docker-images, find the docker file for the environment image you are using, and in the docker file, you can see the user that is added to to build environement.
Im my case, I was using ubuntu/standard/3.0, so I could find the user here:
RUN useradd codebuild-user
So to switch to a non root user, you can do:
run-as: codebuild-user
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With