From 51a09d871da85b7ee4e54f2506ff4c988b66492f Mon Sep 17 00:00:00 2001
From: Denis Mishin <dmishin@pomerium.com>
Date: Mon, 29 Jan 2024 11:34:39 -0500
Subject: [PATCH] use distroless noroot user and group

---
 config/pomerium/deployment/no-root.yaml | 4 ++--
 deployment.yaml                         | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/config/pomerium/deployment/no-root.yaml b/config/pomerium/deployment/no-root.yaml
index 79e9924e..3087817b 100644
--- a/config/pomerium/deployment/no-root.yaml
+++ b/config/pomerium/deployment/no-root.yaml
@@ -12,5 +12,5 @@ spec:
           securityContext:
             allowPrivilegeEscalation: false
             runAsNonRoot: true
-            runAsGroup: 1000
-            runAsUser: 1000
+            runAsGroup: 65532
+            runAsUser: 65532
diff --git a/deployment.yaml b/deployment.yaml
index e5e3c8c2..ec5b0a8a 100644
--- a/deployment.yaml
+++ b/deployment.yaml
@@ -622,9 +622,9 @@ spec:
         securityContext:
           allowPrivilegeEscalation: false
           readOnlyRootFilesystem: true
-          runAsGroup: 1000
+          runAsGroup: 65532
           runAsNonRoot: true
-          runAsUser: 1000
+          runAsUser: 65532
         volumeMounts:
         - mountPath: /tmp
           name: tmp