Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CodeQL runs slower if the container runs as a user other than root #41

Open
cmcdougall opened this issue Jul 26, 2022 · 1 comment
Open

CodeQL runs slower if the container runs as a user other than root #41

cmcdougall opened this issue Jul 26, 2022 · 1 comment

Comments

@cmcdougall
Copy link
Contributor

cmcdougall commented Jul 26, 2022
edited
Loading

I've extended the Dockerfile to make some changes to the startup.py file required for my use case. I changed the Dockerfile to run as another user instead of root, but I noticed that the code scanning takes significantly longer - hours, instead of minutes - to complete.

Here is the Dockerfile I'm using:

FROM mcr.microsoft.com/cstsectools/codeql-container

ARG USERNAME=codeql

RUN adduser --system $USERNAME
RUN apt update && apt install -y git

EXPOSE 5000

WORKDIR /usr/local/startup_scripts/

COPY requirements.txt ./
RUN pip install -r ./requirements.txt

COPY CodeQL/main.py ./startup_server.py

USER ${USERNAME}

ENTRYPOINT ["python3", "-u", "/usr/local/startup_scripts/startup_server.py"]

Any help would be really appreciated! 😄
@jacobmsft
Copy link
Member

Thanks for reporting the issue, Cameron! If you could send me a PR with the user being changed to a non privileged account, I'd be happy to accept it.

@cmcdougall cmcdougall mentioned this issue Aug 2, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jacobmsft @cmcdougall