Skip to content

chore: Change default user id and gid #1164

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 3, 2025
Merged

chore: Change default user id and gid #1164

merged 1 commit into from
Jul 3, 2025

Conversation

lfrancke
Copy link
Member

Description

Part of stackabletech/issues#645
Part of stackabletech/issues#651

Note

This was already applied once before and later reverted.
It was merged prematurely back then but now the immediate parent issue has been done and it should be good to go again

Change default user id and gid to the same ones we use in the operators themselves.
These are only the defaults that are used when a Pod does not specify their own securityContext.runAsUser or runAsGroup.

All of our operators have been changed to not set the user and group id anymore which means they'll fall back to the values from the image.

Definition of Done Checklist

  • Changes are OpenShift compatible
  • Add an entry to the CHANGELOG.md file
  • Integration tests ran successfully
TIP: Running integration tests with a new product image

The image can be built and uploaded to the kind cluster with the following commands:

bake --product <product> --image-version <stackable-image-version>
kind load docker-image <image-tagged-with-the-major-version> --name=<name-of-your-test-cluster>

See the output of bake to retrieve the image tag for <image-tagged-with-the-major-version>.

@lfrancke lfrancke force-pushed the feat/update-default-uid-gid branch from 6e517d2 to 29694c6 Compare June 12, 2025 21:29
@lfrancke lfrancke self-assigned this Jun 12, 2025
@lfrancke lfrancke moved this to Development: Waiting for Review in Stackable Engineering Jun 12, 2025
@lfrancke lfrancke mentioned this pull request Jun 12, 2025
Closed
32 tasks
@lfrancke lfrancke moved this from Development: Waiting for Review to Development: In Progress in Stackable Engineering Jun 12, 2025
@lfrancke lfrancke mentioned this pull request Jun 12, 2025
Open
26 tasks
@lfrancke
Copy link
Member Author

lfrancke commented Jul 3, 2025

I have tested this by installing the waterlevel demo on 25.3, updated everything to current 0.0.0-dev and then updated to use custom built images with this PR included.

All pods and tools came up without a problem. The FSGroup setting makes it possible that all mounts are still readable/writable.

@lfrancke lfrancke force-pushed the feat/update-default-uid-gid branch from 29694c6 to dd85797 Compare July 3, 2025 06:57
@lfrancke lfrancke moved this from Development: In Progress to Development: Waiting for Review in Stackable Engineering Jul 3, 2025
@lfrancke lfrancke enabled auto-merge July 3, 2025 06:58
sbernauer
sbernauer approved these changes Jul 3, 2025
View reviewed changes
Copy link
Member

@sbernauer sbernauer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the tests!

@lfrancke lfrancke added this pull request to the merge queue Jul 3, 2025
Merged via the queue into main with commit e93d8f3 Jul 3, 2025
3 checks passed
@lfrancke lfrancke deleted the feat/update-default-uid-gid branch July 3, 2025 07:04
@sbernauer sbernauer moved this from Development: Waiting for Review to Development: Done in Stackable Engineering Jul 3, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sbernauer sbernauer sbernauer approved these changes

Assignees

@lfrancke lfrancke

Labels
release/25.7.0
Projects
Stackable Engineering
Status: Development: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@lfrancke @sbernauer