From 640a3451b334ec591a75eebd41665de37f6b7227 Mon Sep 17 00:00:00 2001
From: Seth Jennings <sjenning@redhat.com>
Date: Wed, 13 May 2026 16:53:24 -0500
Subject: [PATCH] fix(images): remove image-specific owner and mode set for
 gateway binary

---
 deploy/docker/Dockerfile.gateway | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/deploy/docker/Dockerfile.gateway b/deploy/docker/Dockerfile.gateway
index 30a45e8c1..e63b0a725 100644
--- a/deploy/docker/Dockerfile.gateway
+++ b/deploy/docker/Dockerfile.gateway
@@ -26,13 +26,7 @@ ARG TARGETARCH
 
 WORKDIR /app
 
-# --chmod=0550 preserves the executable bit through actions/upload-artifact +
-# download-artifact (which strip exec perms during the roundtrip) without
-# granting world-execute. --chown=nvs:nvs matches the image's only defined
-# non-root user (`nvs:1000`, the NVIDIA distroless convention) and aligns
-# with the Helm chart's `securityContext.runAsUser: 1000`, which overrides
-# the Dockerfile's USER at runtime.
-COPY --chown=nvs:nvs --chmod=0550 deploy/docker/.build/prebuilt-binaries/${TARGETARCH}/openshell-gateway /usr/local/bin/openshell-gateway
+COPY deploy/docker/.build/prebuilt-binaries/${TARGETARCH}/openshell-gateway /usr/local/bin/openshell-gateway
 
 USER nvs:nvs
 EXPOSE 8080