make COPY copy as the set USER when using a Containerfile to build a container

[jerabaul29]

Feature request description

For now, the following:

USER username
COPY file_on_host file_inside_container

results in file_inside_container to be owned by root:root. This feels inconsistent with the fact that USER is set. The workaround is to write:

COPY --chown=username:username file_on_host file_inside_container

which feels quite heavy / more error prone than just having a "context" set by USER.

Suggest potential solution

Would it be possible to consider changing the behavior of COPY, so that it follows the context set by the last preceding USER directive?

I.e. that:

USER username
COPY file_on_host file_inside_container

results in file_inside_container to be owned by username:username

?

Have you considered any alternatives?

For now the solution is:

COPY --chown=username:username file_on_host file_inside_container

but that feels ugly / heavy / error prone when after a USER directive one thinks commands happen as USER.

Additional context

No response

[baude]

Our build code comes from buildah so moving there.

[nalind]

That's the long-documented behavior, and the COPY instruction provides a --chown flag for overriding that default. I don't expect to change the default.