From ca6e8ce35a53c26cfdecd25157c74aa9683ba275 Mon Sep 17 00:00:00 2001
From: hsiegeln <37154749+hsiegeln@users.noreply.github.com>
Date: Tue, 7 Apr 2026 15:48:22 +0200
Subject: [PATCH] fix: add cameleer user to root group for Docker socket access

The mounted /var/run/docker.sock is owned by root:root with rw-rw----
permissions. The cameleer user needs to be in the root group to
read/write the socket for building images and managing containers.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index 7edf931..c8d6066 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -24,6 +24,7 @@ RUN --mount=type=cache,target=/root/.m2/repository ./mvnw package -DskipTests -B
 FROM eclipse-temurin:21-jre-alpine
 WORKDIR /app
 RUN addgroup -S cameleer && adduser -S cameleer -G cameleer \
+ && addgroup cameleer root \
  && mkdir -p /data/jars && chown -R cameleer:cameleer /data
 COPY --from=build /build/target/*.jar app.jar
 USER cameleer