As documentation states, when we use ADD instruction on Dockerfile, the file will be added as UID and GID 0.
All new files and directories are created with a UID and GID of 0.
Best practice says we should not run the container as
When we use the base image as
scratch, how we can change the file owner and/or file permission?
In the example below, the file
app will be
root:root and the permission will be the same as I have in my host.
FROM scratch COPY app /app COPY /etc/passwd /etc/group /etc/shadow /etc/ USER nobody:nogroup ENTRYPOINT ["/app"]