From b1c6b3c1f0fbdb64018e7d7c0bff62f8851e7a2e Mon Sep 17 00:00:00 2001 From: David Pine Date: Wed, 20 Mar 2024 08:37:43 -0500 Subject: [PATCH 1/4] Fix #40019 --- docs/core/docker/build-container.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/docs/core/docker/build-container.md b/docs/core/docker/build-container.md index 649089390ab67..0054d3c33ef9b 100644 --- a/docs/core/docker/build-container.md +++ b/docs/core/docker/build-container.md @@ -1,7 +1,7 @@ --- title: Containerize an app with Docker tutorial description: In this tutorial, you learn how to containerize a .NET application with Docker. -ms.date: 03/15/2024 +ms.date: 03/20/2024 ms.topic: tutorial ms.custom: "mvc" zone_pivot_groups: dotnet-version-7-8 @@ -303,8 +303,8 @@ Docker will process each line in the *Dockerfile*. The `.` in the `docker build` ```console docker images -REPOSITORY TAG IMAGE ID CREATED SIZE -counter-image latest 2f15637dc1f6 10 minutes ago 217MB +REPOSITORY TAG IMAGE ID CREATED SIZE +counter-image latest 2f15637dc1f6 10 minutes ago 217MB ``` The `counter-image` repository is the name of the image. The `latest` tag is the tag that is used to identify the image. The `2f15637dc1f6` is the image ID. The `10 minutes ago` is the time the image was created. The `217MB` is the size of the image. The final steps of the _Dockerfile_ are to create a container from the image and run the app, copy the published app to the container, and define the entry point. @@ -321,8 +321,8 @@ ENTRYPOINT ["dotnet", "DotNet.Docker.dll"] ```console docker images -REPOSITORY TAG IMAGE ID CREATED SIZE -counter-image latest 2f15637dc1f6 10 minutes ago 208MB +REPOSITORY TAG IMAGE ID CREATED SIZE +counter-image latest 2f15637dc1f6 10 minutes ago 208MB ``` The `counter-image` repository is the name of the image. The `latest` tag is the tag that is used to identify the image. The `2f15637dc1f6` is the image ID. The `10 minutes ago` is the time the image was created. The `208MB` is the size of the image. The final steps of the _Dockerfile_ are to create a container from the image and run the app, copy the published app to the container, and define the entry point. @@ -336,9 +336,9 @@ ENTRYPOINT ["dotnet", "DotNet.Docker.dll"] :::zone-end -The `COPY` command tells Docker to copy the specified folder on your computer to a folder in the container. In this example, the *publish* folder is copied to a folder named *App/out* in the container. +The `FROM` command specifies the base image and tag to use. The `WORKDIR` command changes the **current directory** inside of the container to *App*. -The `WORKDIR` command changes the **current directory** inside of the container to *App*. +The `COPY` command tells Docker to copy the specified source directory to a destination folder. In this example, the *publish* contents in the `build-env` layer were output into the folder named *App/out*, so it's the source to copy from. All of the published contents in the *App/out* directory are copied into current working directory (*App*). The next command, `ENTRYPOINT`, tells Docker to configure the container to run as an executable. When the container starts, the `ENTRYPOINT` command runs. When this command ends, the container will automatically stop. From 743004f08d9a8053abd789d5b4bd3da70ea3ba97 Mon Sep 17 00:00:00 2001 From: David Pine Date: Wed, 20 Mar 2024 08:52:51 -0500 Subject: [PATCH 2/4] Fix #39082 --- docs/core/docker/publish-as-container.md | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/docs/core/docker/publish-as-container.md b/docs/core/docker/publish-as-container.md index 43a6d64ce7794..da9e850ec5cf3 100644 --- a/docs/core/docker/publish-as-container.md +++ b/docs/core/docker/publish-as-container.md @@ -1,7 +1,7 @@ --- title: Containerize an app with dotnet publish description: In this tutorial, you'll learn how to containerize a .NET application with dotnet publish. -ms.date: 01/16/2024 +ms.date: 03/20/2024 ms.topic: tutorial zone_pivot_groups: dotnet-version-7-8 --- @@ -580,7 +580,7 @@ The app command instruction configuration helps control the way the `ContainerEn ### `ContainerUser` -The user configuration property controls the default user that the container runs as. This is often used to run the container as a nonroot user, which is a best practice for security. There are a few constraints for this configuration to be aware of: +The user configuration property controls the default user that the container runs as. This is often used to run the container as a non-root user, which is a best practice for security. There are a few constraints for this configuration to be aware of: - It can take various forms—username, linux user ids, group name, linux group id, `username:groupname`, and other ID variants. - There's no verification that the user or group specified exists on the image. @@ -602,6 +602,20 @@ The default value of this field varies by project TFM and target operating syste > [!TIP] > The `APP_UID` environment variable is used to set user information in your container. This value can come from environment variables defined in your base image (like that Microsoft .NET images do), or you can set it yourself via the `ContainerEnvironmentVariable` syntax. +To configure your app to run as a root user, set the `ContainerUser` property to `root`. In your project file, add the following: + +```xml + + root + +``` + +Alternatively, you can set this value when calling `dotnet publish` from the command line: + +```dotnetcli +dotnet publish -p ContainerUser=root +``` + :::zone-end :::zone pivot="dotnet-7-0" @@ -673,8 +687,8 @@ docker images Consider the following example output: ```console -REPOSITORY TAG IMAGE ID CREATED SIZE -dotnet-worker-image 1.0.0 25aeb97a2e21 12 seconds ago 191MB +REPOSITORY TAG IMAGE ID CREATED SIZE +dotnet-worker-image 1.0.0 25aeb97a2e21 12 seconds ago 191MB ``` > [!TIP] From fcdbfee192b3b53254420c5e44c7c6919b2b21d5 Mon Sep 17 00:00:00 2001 From: David Pine Date: Wed, 20 Mar 2024 09:14:44 -0500 Subject: [PATCH 3/4] Fix #32355 --- docs/core/docker/publish-as-container.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/core/docker/publish-as-container.md b/docs/core/docker/publish-as-container.md index da9e850ec5cf3..02787117aa3e6 100644 --- a/docs/core/docker/publish-as-container.md +++ b/docs/core/docker/publish-as-container.md @@ -8,7 +8,7 @@ zone_pivot_groups: dotnet-version-7-8 # Containerize a .NET app with dotnet publish -Containers have many features and benefits, such as being an immutable infrastructure, providing a portable architecture, and enabling scalability. The image can be used to create containers for your local development environment, private cloud, or public cloud. In this tutorial, you'll learn how to containerize a .NET application using the [dotnet publish](../tools/dotnet-publish.md) command. +Containers have many features and benefits, such as being an immutable infrastructure, providing a portable architecture, and enabling scalability. The image can be used to create containers for your local development environment, private cloud, or public cloud. In this tutorial, you'll learn how to containerize a .NET application using the [dotnet publish](../tools/dotnet-publish.md) command without the use of a Dockerfile. ## Prerequisites From 2bd6c280e12b03fe9d924b87477cbc4423dd11ef Mon Sep 17 00:00:00 2001 From: David Pine Date: Wed, 20 Mar 2024 09:22:48 -0500 Subject: [PATCH 4/4] Fix #32355 --- docs/core/docker/publish-as-container.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/core/docker/publish-as-container.md b/docs/core/docker/publish-as-container.md index 02787117aa3e6..b2b442a285e3e 100644 --- a/docs/core/docker/publish-as-container.md +++ b/docs/core/docker/publish-as-container.md @@ -1,6 +1,6 @@ --- title: Containerize an app with dotnet publish -description: In this tutorial, you'll learn how to containerize a .NET application with dotnet publish. +description: In this tutorial, you'll learn how to containerize a .NET application with dotnet publish command and without the use of a Dockerfile. ms.date: 03/20/2024 ms.topic: tutorial zone_pivot_groups: dotnet-version-7-8