From d0e295dc833d420b9d594185cb1ba209d31ea93b Mon Sep 17 00:00:00 2001
From: Andrea Spadaccini <andrea.spadaccini@gmail.com>
Date: Mon, 21 Aug 2023 12:18:53 +0200
Subject: [PATCH] fix: make Prometheus run as root

Following guidance in https://github.com/hassio-addons/addon-prometheus/pull/49#discussion_r926048521.

Tested in local dev container.
---
 prometheus/Dockerfile                                     | 2 --
 prometheus/rootfs/etc/services.d/prometheus-configgen/run | 3 +--
 prometheus/rootfs/etc/services.d/prometheus/run           | 5 +----
 3 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/prometheus/Dockerfile b/prometheus/Dockerfile
index 804ac52..103e1bb 100644
--- a/prometheus/Dockerfile
+++ b/prometheus/Dockerfile
@@ -30,7 +30,6 @@ RUN \
     \
     && curl -J -L -o /tmp/prometheus.tar.gz \
         "https://github.com/prometheus/prometheus/releases/download/v${PROMETHEUS_VERSION}/prometheus-${PROMETHEUS_VERSION}.linux-${ARCH}.tar.gz" \
-    && adduser -s /bin/false -D -H prometheus \
     && cd /tmp \
     && tar -xvf /tmp/prometheus.tar.gz \
     && mkdir -p /etc/prometheus \
@@ -39,7 +38,6 @@ RUN \
     && cp -R prometheus-${PROMETHEUS_VERSION}.linux-${ARCH}/console_libraries/ /etc/prometheus/ \
     && cp -R prometheus-${PROMETHEUS_VERSION}.linux-${ARCH}/consoles/ /etc/prometheus/ \
     && rm -r prometheus-${PROMETHEUS_VERSION}.linux-${ARCH} \
-    && chown -R prometheus:prometheus /etc/prometheus \
     && pip3 install \
         --no-cache-dir \
         --prefer-binary \
diff --git a/prometheus/rootfs/etc/services.d/prometheus-configgen/run b/prometheus/rootfs/etc/services.d/prometheus-configgen/run
index d1efb9d..21b364f 100755
--- a/prometheus/rootfs/etc/services.d/prometheus-configgen/run
+++ b/prometheus/rootfs/etc/services.d/prometheus-configgen/run
@@ -3,11 +3,10 @@ bashio::log.info 'Starting prometheus config generator...'
 
 if ! bashio::fs.directory_exists /share/prometheus/targets; then
   mkdir -p /share/prometheus/targets
-  chown -R prometheus:prometheus /share/prometheus/targets
 fi
 
 cd /opt/prometheus-configgen || bashio::exit.nok \
   "Could not change working directory for prometheus-configgen."
 
 # Run Prometheus
-exec s6-setuidgid prometheus python3 combiner
+exec python3 combiner
diff --git a/prometheus/rootfs/etc/services.d/prometheus/run b/prometheus/rootfs/etc/services.d/prometheus/run
index 19c8174..ded5762 100755
--- a/prometheus/rootfs/etc/services.d/prometheus/run
+++ b/prometheus/rootfs/etc/services.d/prometheus/run
@@ -28,18 +28,15 @@ done
 
 if ! bashio::fs.directory_exists /data/prometheus; then
   mkdir -p /data/prometheus
-  chown prometheus:prometheus /data/prometheus
 fi
 
 if ! bashio::fs.directory_exists /share/prometheus/rules; then
   mkdir -p /share/prometheus/rules
-  chown -R prometheus:prometheus /share/prometheus/rules
 fi
 
 if ! bashio::fs.directory_exists /share/prometheus/targets; then
   mkdir -p /share/prometheus/targets
-  chown -R prometheus:prometheus /share/prometheus/targets
 fi
 
 # Run Prometheus
-exec s6-setuidgid prometheus /usr/local/bin/prometheus "${options[@]}"
+exec /usr/local/bin/prometheus "${options[@]}"