summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjananib <janani.b@huawei.com>2020-04-23 19:28:43 +0530
committerDan Timoney <dtimoney@att.com>2020-04-28 14:03:43 +0000
commite2d379be0f177196553da53c78561433abb28ef5 (patch)
treeec5663ba182544a77d6b8faad7a6c7f42ebc408c
parent263b5c1cc1de8c9429d25e6b2aa23159f8c7ee9e (diff)
Making POD run as non-root
Non-root user addition Change-Id: Id110aebea3d3526aaf319d8994670644a7bab698 Issue-ID: CCSDK-2149 Signed-off-by: jananib <janani.b@huawei.com> (cherry picked from commit be864c3d32ea9dfe88f0e121734abdc950401449)
-rwxr-xr-xms/blueprintsprocessor/application/src/main/docker/Dockerfile4
-rw-r--r--ms/command-executor/src/main/docker/Dockerfile4
-rw-r--r--ms/py-executor/docker/Dockerfile1
-rwxr-xr-xms/sdclistener/distribution/src/main/docker/Dockerfile3
4 files changed, 9 insertions, 3 deletions
diff --git a/ms/blueprintsprocessor/application/src/main/docker/Dockerfile b/ms/blueprintsprocessor/application/src/main/docker/Dockerfile
index 042041ebb..bd1b3804a 100755
--- a/ms/blueprintsprocessor/application/src/main/docker/Dockerfile
+++ b/ms/blueprintsprocessor/application/src/main/docker/Dockerfile
@@ -11,11 +11,13 @@ FROM omahoco1/alpine-java-python
COPY startService.sh /startService.sh
RUN addgroup -S onap && adduser -S onap -G onap
RUN chown onap:onap /startService.sh
+RUN touch /velocity.log && chmod 777 /velocity.log
+RUN chown onap:onap /velocity.log
RUN chmod 777 /startService.sh && dos2unix /startService.sh
# add application
COPY --from=extractor /opt /opt
-RUN mkdir /opt/app/onap/blueprints
+RUN mkdir -p /opt/app/onap/blueprints/deploy
RUN chown onap:onap /opt -R
USER onap
diff --git a/ms/command-executor/src/main/docker/Dockerfile b/ms/command-executor/src/main/docker/Dockerfile
index c38126066..e91265b56 100644
--- a/ms/command-executor/src/main/docker/Dockerfile
+++ b/ms/command-executor/src/main/docker/Dockerfile
@@ -11,7 +11,6 @@ COPY start.sh /opt/app/onap/start.sh
RUN chmod u+x /opt/app/onap/start.sh
RUN mkdir -p /opt/app/onap/logs/ && touch /opt/app/onap/logs/application.log
-RUN chown onap:onap /opt -R
COPY @project.build.finalName@-@assembly.id@.tar.gz /source.tar.gz
RUN tar -xzf /source.tar.gz -C /tmp \
@@ -19,6 +18,9 @@ RUN tar -xzf /source.tar.gz -C /tmp \
&& rm -rf /source.tar.gz \
&& rm -rf /tmp/@project.build.finalName@
+RUN mkdir -p /opt/app/onap/blueprints/deploy
+RUN chown onap:onap /opt -R
+
VOLUME /opt/app/onap/blueprints/deploy/
USER onap
ENTRYPOINT /opt/app/onap/start.sh
diff --git a/ms/py-executor/docker/Dockerfile b/ms/py-executor/docker/Dockerfile
index bb1b0f79c..638b09f39 100644
--- a/ms/py-executor/docker/Dockerfile
+++ b/ms/py-executor/docker/Dockerfile
@@ -12,6 +12,7 @@ RUN tar -xzf /source.tar.gz -C /tmp \
RUN pip install --no-cache-dir -r /opt/app/onap/python/requirements/docker.txt
+RUN mkdir -p /opt/app/onap/blueprints/deploy
RUN chown onap:onap /opt -R
VOLUME /opt/app/onap/blueprints/deploy/
diff --git a/ms/sdclistener/distribution/src/main/docker/Dockerfile b/ms/sdclistener/distribution/src/main/docker/Dockerfile
index 5168dd9c2..e9ecb8d66 100755
--- a/ms/sdclistener/distribution/src/main/docker/Dockerfile
+++ b/ms/sdclistener/distribution/src/main/docker/Dockerfile
@@ -12,7 +12,8 @@ RUN tar -xzf /source.tar.gz -C /tmp \
&& rm -rf /source.tar.gz \
&& rm -rf /tmp/@project.build.finalName@
-RUN mkdir /opt/app/onap/cds-sdc-listener
+RUN mkdir -p /opt/app/onap/cds-sdc-listener
RUN chown onap:onap /opt -R
+
USER onap
ENTRYPOINT /startService.sh