From 1c55cb8559bc2952abe05d6d6de9f7f70861db0c Mon Sep 17 00:00:00 2001
From: ZhenYi <434836402@qq.com>
Date: Tue, 12 May 2026 23:59:31 +0800
Subject: [PATCH] refactor(docker): run all containers as root, add compact log
 format support

- Docker: remove appuser creation and USER directive in all 7 Dockerfiles
- observability: recognize APP_LOG_FORMAT=compact as non-JSON pretty output
---
 docker/app.Dockerfile                 | 4 +---
 docker/email.Dockerfile               | 4 +---
 docker/gingress.Dockerfile            | 4 +---
 docker/githook.Dockerfile             | 4 +---
 docker/gitserver.Dockerfile           | 4 +---
 docker/metrics.Dockerfile             | 4 +---
 docker/static.Dockerfile              | 4 +---
 libs/observability/src/tracing_fmt.rs | 2 +-
 8 files changed, 8 insertions(+), 22 deletions(-)

diff --git a/docker/app.Dockerfile b/docker/app.Dockerfile
index bf08fd0..8c5db27 100644
--- a/docker/app.Dockerfile
+++ b/docker/app.Dockerfile
@@ -2,9 +2,7 @@ FROM ubuntu:24.04
 RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates libssl3 openssh-client procps git \
     && rm -rf /var/lib/apt/lists/*
-RUN useradd --system --create-home appuser
-WORKDIR /home/appuser
+WORKDIR /app
 COPY ./target/release/app /bin
-USER appuser
 EXPOSE 3000
 CMD ["app"]
\ No newline at end of file
diff --git a/docker/email.Dockerfile b/docker/email.Dockerfile
index 776e5ff..54588a7 100644
--- a/docker/email.Dockerfile
+++ b/docker/email.Dockerfile
@@ -2,9 +2,7 @@ FROM ubuntu:24.04
 RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates libssl3 \
     && rm -rf /var/lib/apt/lists/*
-RUN useradd --system --create-home appuser
-WORKDIR /home/appuser
+WORKDIR /app
 COPY ./target/release/email-worker /bin
-USER appuser
 EXPOSE 8084
 CMD ["email-worker"]
\ No newline at end of file
diff --git a/docker/gingress.Dockerfile b/docker/gingress.Dockerfile
index ef04051..8a9709e 100644
--- a/docker/gingress.Dockerfile
+++ b/docker/gingress.Dockerfile
@@ -2,9 +2,7 @@ FROM ubuntu:24.04
 RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates libssl3 \
     && rm -rf /var/lib/apt/lists/*
-RUN useradd --system --create-home appuser
-WORKDIR /home/appuser
+WORKDIR /app
 COPY ./target/release/gingress /bin
-USER appuser
 EXPOSE 80 443 8080
 ENTRYPOINT ["gingress"]
diff --git a/docker/githook.Dockerfile b/docker/githook.Dockerfile
index aac0e68..fb9f9f4 100644
--- a/docker/githook.Dockerfile
+++ b/docker/githook.Dockerfile
@@ -2,9 +2,7 @@ FROM ubuntu:24.04
 RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates libssl3 git \
     && rm -rf /var/lib/apt/lists/*
-RUN useradd --system --create-home appuser
-WORKDIR /home/appuser
+WORKDIR /app
 COPY ./target/release/git-hook /bin
-USER appuser
 EXPOSE 8083
 CMD ["git-hook"]
\ No newline at end of file
diff --git a/docker/gitserver.Dockerfile b/docker/gitserver.Dockerfile
index 8aa09e4..a2fb6fa 100644
--- a/docker/gitserver.Dockerfile
+++ b/docker/gitserver.Dockerfile
@@ -2,9 +2,7 @@ FROM ubuntu:24.04
 RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates libssl3 git openssh-client \
     && rm -rf /var/lib/apt/lists/*
-RUN useradd --system --create-home appuser
-WORKDIR /home/appuser
+WORKDIR /app
 COPY ./target/release/gitserver /bin
-USER appuser
 EXPOSE 8021 2222
 CMD ["gitserver"]
\ No newline at end of file
diff --git a/docker/metrics.Dockerfile b/docker/metrics.Dockerfile
index 66c7740..6fa1266 100644
--- a/docker/metrics.Dockerfile
+++ b/docker/metrics.Dockerfile
@@ -2,9 +2,7 @@ FROM ubuntu:24.04
 RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates libssl3 \
     && rm -rf /var/lib/apt/lists/*
-RUN useradd --system --create-home appuser
-WORKDIR /home/appuser
+WORKDIR /app
 COPY ./target/release/metrics-aggregator /bin
-USER appuser
 EXPOSE 9090
 CMD ["metrics-aggregator"]
\ No newline at end of file
diff --git a/docker/static.Dockerfile b/docker/static.Dockerfile
index a657d84..6a9113a 100644
--- a/docker/static.Dockerfile
+++ b/docker/static.Dockerfile
@@ -2,9 +2,7 @@ FROM ubuntu:24.04
 RUN apt-get update && apt-get install -y --no-install-recommends \
     ca-certificates libssl3 \
     && rm -rf /var/lib/apt/lists/*
-RUN useradd --system --create-home appuser
-WORKDIR /home/appuser
+WORKDIR /app
 COPY ./target/release/static-server /bin
-USER appuser
 EXPOSE 8081
 CMD ["static-server"]
\ No newline at end of file
diff --git a/libs/observability/src/tracing_fmt.rs b/libs/observability/src/tracing_fmt.rs
index 61e03bf..9c70c0c 100644
--- a/libs/observability/src/tracing_fmt.rs
+++ b/libs/observability/src/tracing_fmt.rs
@@ -41,7 +41,7 @@ pub fn instance_id() -> String {
 fn use_json() -> bool {
     match std::env::var("APP_LOG_FORMAT").as_deref() {
         Ok("json") => true,
-        Ok("pretty") => false,
+        Ok("pretty") | Ok("compact") => false,
         _ => !std::io::stdout().is_terminal(), // TTY → pretty, non-TTY → json
     }
 }