diff options
Diffstat (limited to 'src/main/docker/Dockerfile')
| -rw-r--r-- | src/main/docker/Dockerfile | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile index c99d763..343ed4d 100644 --- a/src/main/docker/Dockerfile +++ b/src/main/docker/Dockerfile @@ -22,6 +22,22 @@ COPY *.sh $BIN_HOME COPY bundleconfig-local $MICRO_HOME/bundleconfig COPY bundleconfig-local/etc/logback.xml $MICRO_HOME/bundleconfig/etc RUN chmod 755 $BIN_HOME/* + +# Changes related to:AAI-2177 +# Change aai gizmo container processes to run as non-root on the host + +#Note:The group id and user id used below (492382 & 341790 respectively) are chosen arbitarily based on assumption that +# these are not used elsewhere. Please see https://jira.onap.org/browse/AAI-2172 for more background on this. + +RUN mkdir /opt/aaihome && \ + groupadd -g 492382 aaiadmin && \ + useradd -r -u 341790 -g 492382 -ms /bin/sh -d /opt/aaihome/aaiadmin aaiadmin && \ + chown -R aaiadmin:aaiadmin $MICRO_HOME &&\ + mkdir /logs && \ + chown -R aaiadmin:aaiadmin /logs + +USER aaiadmin + RUN ln -s /logs $MICRO_HOME/logs EXPOSE 9520 9520 |