From a1f2a07763cda156c149624b09c48ff85aa0d4a7 Mon Sep 17 00:00:00 2001
From: Harish Venkata Kajur <vk250x@att.com>
Date: Wed, 15 Jul 2020 12:07:57 -0400
Subject: Ensure Non-root user for haproxy

Issue-ID: AAI-2822
Change-Id: Ic5ea276e4f344ef9e2c321069ba8b4ffeb38312f
Signed-off-by: Harish Venkata Kajur <vk250x@att.com>
---
 aai-common-docker/aai-haproxy-image/src/main/docker/Dockerfile | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/aai-common-docker/aai-haproxy-image/src/main/docker/Dockerfile b/aai-common-docker/aai-haproxy-image/src/main/docker/Dockerfile
index 7bf9b20a..a96c3640 100644
--- a/aai-common-docker/aai-haproxy-image/src/main/docker/Dockerfile
+++ b/aai-common-docker/aai-haproxy-image/src/main/docker/Dockerfile
@@ -9,7 +9,11 @@ ENV https_proxy  ""
 RUN apk add --no-cache \
     ca-certificates \
     curl \
-    openssl
+    openssl \
+    shadow \
+    util-linux && \
+    groupadd haproxy -g 1000 && \
+    adduser -u 1000 -S -D -G haproxy -s /bin/bash haproxy
 
 RUN mkdir -p /etc/ssl/certs/ && mkdir -p /etc/ssl/private
 
-- 
cgit 1.2.3-korg