Secure files and custom docker image


I’m trying to use with Gitlab’s Secure File with my custom Docker image but I can’t handle how to use it with some rules I must respect : USER and image as slim as possible.

Here is a sample project that simplifies my needs.

It contains :

  • a .gitlab-ci.yaml :
    • build stage : create a custom image alpine based with a simple script burried in (justs an example, cat $1 in $2)
    • test stage : use this custom image to handle the secured file
  • Dockerfile

Quite trivial, but USER directive and alpine’s slim gives me headache : must I really

  • use a root image ?
    Using a non root forbids mkdir :thinking: ?
    If so, there’s no directive to override the user specified in Dockerfile, except maybe a shell command that overrides the entrypoint (ugly useradd newuser -c sh && su newuser) :frowning:
  • add useless components in my image (bad practice) ?
    I don’t want to install either bash or curl or anything else (ruby & co) used by secure file installer to mount my SECURE_FILES_DOWNLOAD_PATH :confused:

Thanks a lot for any explanation, advice or clues to solve this :slight_smile: