尝试创建非特权用户

2025-02-16 07:52:29 +08:00 · 2025-02-16 07:52:29 +08:00 · 1c1bd57c92
commit 1c1bd57c92
parent 991b99f5a5
1 changed files with 15 additions and 0 deletions
--- a/.gitea/workflows/docker-build.yml
+++ b/.gitea/workflows/docker-build.yml
@ -27,6 +27,18 @@ jobs:
      - name: install podman
        run: apt update && apt install podman -y
      - name: 创建非特权用户
        run: |
          # 2. 创建用户 (如果需要)
          adduser podmanuser
          # 3. 配置 subuid/subgid
          echo "podmanuser:100000:65536" >> /etc/subuid
          echo "podmanuser:100000:65536" >> /etc/subgid
          # 4. 切换到非 root 用户
          su - podmanuser
      - uses: redhat-actions/buildah-build@v2
        with:
          image: my-new-image
@ -34,6 +46,9 @@ jobs:
          dockerfiles: |
            ./Dockerfile
      # - name: Print to Log
      #   id: print-to-log
      #   uses: ./