From a7292e18c1b22d11c7aedd2ffd0d78247dcd7f98 Mon Sep 17 00:00:00 2001
From: Tobias Florek <me@ibotty.net>
Date: Wed, 7 Jul 2021 11:22:18 +0000
Subject: [PATCH 1/2] specify user in rootless container numerically

With kubernetes' PodSecurityPolicy set to runAsNonRoot it will not allow starting the container.  The error message is
```
Error: container has runAsNonRoot and image has non-numeric user (git), cannot verify user is non-root
```
The `USER` directive has to be numerical for that to work.
---
 Dockerfile.rootless | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile.rootless b/Dockerfile.rootless
index 43ae308e3ac9..3bb6ef860369 100644
--- a/Dockerfile.rootless
+++ b/Dockerfile.rootless
@@ -56,7 +56,7 @@ COPY docker/rootless /
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /usr/local/bin/gitea
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
 
-USER git:git
+USER 1000:1000
 ENV GITEA_WORK_DIR /var/lib/gitea
 ENV GITEA_CUSTOM /var/lib/gitea/custom
 ENV GITEA_TEMP /tmp/gitea

From 1e39371c351eb08e5ea6dae27e232ff72c3fd82b Mon Sep 17 00:00:00 2001
From: Tobias Florek <me@ibotty.net>
Date: Wed, 7 Jul 2021 18:26:41 +0000
Subject: [PATCH 2/2] mention the name of the uid/gid

---
 Dockerfile.rootless | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Dockerfile.rootless b/Dockerfile.rootless
index 3bb6ef860369..a84f5b0db6cf 100644
--- a/Dockerfile.rootless
+++ b/Dockerfile.rootless
@@ -56,7 +56,7 @@ COPY docker/rootless /
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/gitea /usr/local/bin/gitea
 COPY --from=build-env --chown=root:root /go/src/code.gitea.io/gitea/environment-to-ini /usr/local/bin/environment-to-ini
 
-USER 1000:1000
+USER 1000:1000 # git:git
 ENV GITEA_WORK_DIR /var/lib/gitea
 ENV GITEA_CUSTOM /var/lib/gitea/custom
 ENV GITEA_TEMP /tmp/gitea