Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Rootless DinD sidecar #148

Closed
viceice opened this issue Aug 3, 2021 · 2 comments
Closed

Rootless DinD sidecar #148

viceice opened this issue Aug 3, 2021 · 2 comments
Labels
enhancement New feature or request help wanted Extra attention is needed

Comments

@viceice
Copy link
Member

viceice commented Aug 3, 2021

We now can use the renovate slim image with DinD sidecar.

The downside is, that the DinD container needs privileged security context

helm-charts/charts/renovate/templates/cronjob.yaml

Lines 132 to 133 in 0f1da58

securityContext:
privileged: true

So It would be nice to use to rootless DinD version, so we don't need a priviliged container.
@viceice viceice added enhancement New feature or request help wanted Extra attention is needed labels Aug 3, 2021
@viceice viceice pinned this issue Aug 3, 2021
@kvanzuijlen
Copy link
Contributor

so we don't need a priviliged container

Not sure if this is the case, since according to the docs, privileged is still a requirement. I still think this is an improvement though since docker itself will run as a nonroot user (user id 1000).

@viceice viceice unpinned this issue May 16, 2023
@viceice
Copy link
Member Author

viceice commented May 16, 2023

closing in favor of:

@viceice viceice closed this as not planned Won't fix, can't repro, duplicate, stale May 16, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
enhancement New feature or request help wanted Extra attention is needed
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@viceice @kvanzuijlen