Revert "Customize container user permissions using PUID and PGID. #9657"

[khushboovashi]

Summary by CodeRabbit

Release Notes

• Chores
  • Updated container execution to run the application as a non-root user (UID 5050), enhancing security and reducing operational complexity.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 4cc74c1 and 9cc471a.

📒 Files selected for processing (2)

• Dockerfile
• pkg/docker/entrypoint.sh

---

Walkthrough

The pull request removes the su-exec-based execution model from the Docker container setup. The Dockerfile now creates a non-root user with UID 5050 and adds an ENTRYPOINT script, while the entrypoint.sh script removes UID/GID normalization logic, the safe_chown helper function, and su-exec wrapper invocations.

Changes

Cohort / File(s)	Summary
Docker Image Configuration Dockerfile	Removed su-exec from package list, created non-root user (UID 5050), and added ENTRYPOINT directive for direct script execution.
Entrypoint Script Cleanup pkg/docker/entrypoint.sh	Removed UID/GID normalization, safe_chown helper function, su-exec wrapper logic, and directory ownership changes; updated Gunicorn invocation to call /venv/bin/gunicorn directly in both TLS and non-TLS execution paths.

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20 minutes

Possibly related PRs

• docker arbitrary user support via PUID and PGID #9633: Introduced the su-exec wrapper, UID/GID handling, and chown logic in Dockerfile and entrypoint.sh that this PR removes to transition to non-root USER-based execution.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The PR title accurately describes the main change: reverting a previous feature that customized container user permissions using PUID and PGID environment variables.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

• 📝 Generate docstrings (stacked PR)
• 📝 Generate docstrings (commit on current branch)

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch revert-9633-feature/docker-arbitrary-user-support

Tip

Try Coding Plans. Let us write the prompt for your AI agent so you can ship faster (with fewer bugs).
Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}