This contain note that related to docker, for my personal use if I forget the command haha... :D
Before push image to registry we need to authenticate docker, to do that use this command
docker login -u username
# Or if you want to login using service account
cat auth.json | docker login -u _json_key --password-stdin https://asia.gcr.ioDocker auth command above which login using service account is an example to login to Google Container Registry (GCR), but before you perform that command you need to download service acount auth.json. The auth.json you can obtain from service account menu in Goggle Cloud Platform (GCP).
To checking docker was logged in to some registry you can see it in file config.json
cat ~/.docker/config.jsonYou will see output like this below.
{
"auths": {
"https://index.docker.io/v1/": {}
},
"credsStore": "desktop",
"currentContext": "desktop-linux"
}It mean that you have authenticate to docker hub. To see cred from docker hub you have beed logged in before use this command. If you have logged in to other registry example GCR you can simply change https://index.docker.io/v1/ to key present in config.josn above
echo "https://index.docker.io/v1/" | docker-credential-desktop getdocker logout https://index.docker.io/v1Why we need to change from Root user to non-root user for security reason.
Inspect the docker image and see Config.User.
docker inspect image_nameIf you get empty string "" or "root" it mean the image/container configured to as root by default. But if you see another value it indicate the non-root user.
Or to check the container user you can exec the container and simply run command whoami.
In dockerfile you can add like this
# Add non-root user
RUN adduser -D agungsptr
# Switch to non-root user
USER agungsptr