Docker container no longer runs as root

[sjpalf]

We use the kics docker image for running tests and it is no longer working as in #7292 the dockerfile was updated to run as a specific user. It is not clear why this change was made so I am hoping that it can be reverted.

In the getting started documentation the first suggestion is to run kics as a docker container and mount a volume as a container. As in the example command, you will also most likely output a report to that volume. However, the user that is now running the container does not have access to that volume, and that is a very hard problem to solve, especially when the volume mount is a github repo used by multiple developers and your CI system. Can we get the change reverted so the container runs as root again? There is already a solution for running the container as a specific user (using the UBI based images) and I'm assuming this change wasn't meant to break the workflow I described above.

[ArturRibeiro-CX]

Hi @sjpalf,

This change was made for security reasons, as running a container as root at runtime is not a best practice. You can see this reflected in KICS' own security checks - last_user_is_root dockerfile query

However, the change has since been reverted in this commit, so your issue should now be resolved. Additionally, since we reverted the change, we also had to update the KICS GitHub Action workflow to exclude the last user is root query - see the updated workflow here.

I hope this clarifies things and helps restore your workflow.
Let me know if I can assist you further!