From 25b3e875b06ff5fea675183adb3b1c2f4343595a Mon Sep 17 00:00:00 2001
From: Aaron Riedel <git@ar21.de>
Date: Sun, 16 Mar 2025 12:21:40 +0100
Subject: [PATCH] Set default to rootless but provide seperate root image

---
 .woodpecker.yaml | 22 ++++++++++++++++++++++
 Dockerfile       | 16 ++++++++--------
 Dockerfile-root  | 19 +++++++++++++++++++
 3 files changed, 49 insertions(+), 8 deletions(-)
 create mode 100644 Dockerfile-root

diff --git a/.woodpecker.yaml b/.woodpecker.yaml
index 5793e10..b23fe44 100644
--- a/.woodpecker.yaml
+++ b/.woodpecker.yaml
@@ -18,6 +18,28 @@ steps:
   when:
     - branch: main
       event: [push, manual]
+
+- name: docker-root
+  image: woodpeckerci/plugin-docker-buildx
+  privileged: true
+  settings:
+    dockerfile: Dockerfile-root
+    registry: git.ar21.de
+    username:
+      from_secret: REGISTRY_USER
+    password:
+      from_secret: REGISTRY_PASS
+    repo: git.ar21.de/aaron/ansible-lint
+    tags:
+      - root
+      - root-${CI_PIPELINE_NUMBER}
+    platforms:
+      - linux/arm64
+      - linux/amd64
+  when:
+    - branch: main
+      event: [push, manual]
+
 - name: docker-build
   image: woodpeckerci/plugin-docker-buildx
   privileged: true
diff --git a/Dockerfile b/Dockerfile
index 6f505e4..c547b39 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,17 +1,17 @@
 FROM python:3.13.2-slim-bookworm
 RUN apt-get update -qq && apt-get install -qq git --no-install-recommends && rm -rf /var/lib/apt/lists/*
 WORKDIR ./
-# ARG PUID=1000
-# ENV GROUP dockergroup
-# ENV USER docker
-# ENV HOMEDIR "/home/${USER}"
-# ENV PATH ${HOMEDIR}/.local/bin:$PATH
+ARG PUID=1000
+ENV GROUP dockergroup
+ENV USER docker
+ENV HOMEDIR "/home/${USER}"
+ENV PATH ${HOMEDIR}/.local/bin:$PATH
 ENV PLUGIN_PROFILE production
-# RUN useradd -u "${PUID}" -m "${USER}"
+RUN useradd -u "${PUID}" -m "${USER}"
 COPY script.sh /bin/
 RUN chmod +x /bin/script.sh
-# USER ${USER}
-# WORKDIR ${HOMEDIR}
+USER ${USER}
+WORKDIR ${HOMEDIR}
 COPY requirements.txt .
 RUN pip install --no-cache-dir -r requirements.txt
 RUN rm requirements.txt
diff --git a/Dockerfile-root b/Dockerfile-root
new file mode 100644
index 0000000..6f505e4
--- /dev/null
+++ b/Dockerfile-root
@@ -0,0 +1,19 @@
+FROM python:3.13.2-slim-bookworm
+RUN apt-get update -qq && apt-get install -qq git --no-install-recommends && rm -rf /var/lib/apt/lists/*
+WORKDIR ./
+# ARG PUID=1000
+# ENV GROUP dockergroup
+# ENV USER docker
+# ENV HOMEDIR "/home/${USER}"
+# ENV PATH ${HOMEDIR}/.local/bin:$PATH
+ENV PLUGIN_PROFILE production
+# RUN useradd -u "${PUID}" -m "${USER}"
+COPY script.sh /bin/
+RUN chmod +x /bin/script.sh
+# USER ${USER}
+# WORKDIR ${HOMEDIR}
+COPY requirements.txt .
+RUN pip install --no-cache-dir -r requirements.txt
+RUN rm requirements.txt
+
+ENTRYPOINT [ "script.sh" ]
\ No newline at end of file