aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorwr148d <wr148d@att.com>2020-05-21 13:58:30 -0400
committerwr148d <wr148d@att.com>2020-05-21 16:16:30 -0400
commit02b1b37d795f0bccf4500e14de5586891e78d306 (patch)
treecb081a8b9e57a7bee01350dd6773d2b6a1c9ef12
parent2ac68fc25d26425f043bdf959985794e0f7622a1 (diff)
Updated docker scripts to use aaiadmin user
Issue-ID: AAI-2822 Change-Id: Ie1985e58230ebe53b6a961eed6bb9c9a7dbc6f20 Signed-off-by: wr148d <wr148d@att.com>
-rw-r--r--aai-traversal/src/main/docker/Dockerfile12
-rw-r--r--aai-traversal/src/main/docker/docker-entrypoint.sh25
2 files changed, 16 insertions, 21 deletions
diff --git a/aai-traversal/src/main/docker/Dockerfile b/aai-traversal/src/main/docker/Dockerfile
index 6ab1dd1..c8c346d 100644
--- a/aai-traversal/src/main/docker/Dockerfile
+++ b/aai-traversal/src/main/docker/Dockerfile
@@ -2,15 +2,23 @@ FROM @aai.docker.namespace@/aai-common-@aai.base.image@:@aai.base.image.version@
RUN mkdir -p /opt/aaihome/aaiadmin /opt/aai/logroot/AAI-GQ
-VOLUME /opt/aai/logroot/AAI-GQ
VOLUME /tmp
VOLUME /opt/tools
HEALTHCHECK --interval=40s --timeout=10s --retries=3 CMD nc -z -v localhost 8446 || exit 1
+RUN groupadd aaiadmin -g 1000
+
+RUN adduser -u 1000 -h /opt/aaihome/aaiadmin -S -D -G aaiadmin -s /bin/bash aaiadmin
+
# Add the proper files into the docker image from your build
WORKDIR /opt/app/aai-traversal
-COPY /maven/aai-traversal/ .
+
+RUN chown -R aaiadmin:aaiadmin /opt/app/aai-traversal /etc/profile.d /opt/aai/logroot/AAI-GQ /opt/app /opt/aai/logroot
+
+COPY --chown=aaiadmin:aaiadmin /maven/aai-traversal/ .
+
+USER aaiadmin
ENV AAI_BUILD_VERSION @aai.docker.version@
# Expose the ports for outside linux to use
diff --git a/aai-traversal/src/main/docker/docker-entrypoint.sh b/aai-traversal/src/main/docker/docker-entrypoint.sh
index c4c4a03..7d3ca9a 100644
--- a/aai-traversal/src/main/docker/docker-entrypoint.sh
+++ b/aai-traversal/src/main/docker/docker-entrypoint.sh
@@ -26,24 +26,12 @@ export SERVER_PORT=${SERVER_PORT:-8446};
USER_ID=${LOCAL_USER_ID:-9001}
GROUP_ID=${LOCAL_GROUP_ID:-9001}
-if [ $(cat /etc/passwd | grep aaiadmin | wc -l) -eq 0 ]; then
- groupadd aaiadmin -g ${GROUP_ID} || {
- echo "Unable to create the group id for ${GROUP_ID}";
- exit 1;
- }
- useradd --shell=/bin/bash -u ${USER_ID} -g ${GROUP_ID} -o -c "" -m aaiadmin || {
- echo "Unable to create the user id for ${USER_ID}";
- exit 1;
- }
-fi;
-
-chown -R aaiadmin:aaiadmin /opt/app /opt/aai/logroot
find /opt/app/ -name "*.sh" -exec chmod +x {} +
if [ -f ${APP_HOME}/aai.sh ]; then
- gosu aaiadmin ln -s bin scripts
- gosu aaiadmin ln -s /opt/aai/logroot/AAI-GQ logs
+ ln -s bin scripts
+ ln -s /opt/aai/logroot/AAI-GQ logs
mv ${APP_HOME}/aai.sh /etc/profile.d/aai.sh
chmod 755 /etc/profile.d/aai.sh
@@ -54,7 +42,7 @@ if [ -f ${APP_HOME}/aai.sh ]; then
if [ -f ${APP_HOME}/bin/${scriptName} ]; then
shift 1;
- gosu aaiadmin ${APP_HOME}/bin/${scriptName} "$@" || {
+ ${APP_HOME}/bin/${scriptName} "$@" || {
echo "Failed to run the ${scriptName}";
exit 1;
}
@@ -69,12 +57,11 @@ fi;
if [ -z ${DISABLE_UPDATE_QUERY} ]; then
UPDATE_QUERY_RAN_FILE="updateQueryRan.txt";
- gosu aaiadmin /opt/app/aai-traversal/bin/install/updateQueryData.sh
- gosu aaiadmin touch ${UPDATE_QUERY_RAN_FILE};
+ /opt/app/aai-traversal/bin/install/updateQueryData.sh
+ touch ${UPDATE_QUERY_RAN_FILE};
fi
mkdir -p /opt/app/aai-traversal/logs/gc
-chown -R aaiadmin:aaiadmin /opt/app/aai-traversal/logs/gc
if [ -f ${APP_HOME}/resources/aai-traversal-swm-vars.sh ]; then
source ${APP_HOME}/resources/aai-traversal-swm-vars.sh;
@@ -84,7 +71,7 @@ MIN_HEAP_SIZE=${MIN_HEAP_SIZE:-512m};
MAX_HEAP_SIZE=${MAX_HEAP_SIZE:-1024m};
MAX_METASPACE_SIZE=${MAX_METASPACE_SIZE:-512m};
-JAVA_CMD="exec gosu aaiadmin java";
+JAVA_CMD="exec java";
JVM_OPTS="${PRE_JVM_ARGS} -Xloggc:/opt/app/aai-traversal/logs/gc/aai_gc.log";
JVM_OPTS="${JVM_OPTS} -XX:HeapDumpPath=/opt/app/aai-traversal/logs/ajsc-jetty/heap-dump";