diff options
author | jananib <janani.b@huawei.com> | 2020-04-15 11:05:22 +0530 |
---|---|---|
committer | Dan Timoney <dtimoney@att.com> | 2020-04-15 13:51:06 +0000 |
commit | b1362860131464876a09890c59cb949e1587bf23 (patch) | |
tree | 33ef13be4f4a1b9ee0e2dc84b0867b4d681d83f6 /ms/blueprintsprocessor | |
parent | 5f21c169bbeae55797a61238208290a763b3f86b (diff) |
Making POD run as non-root
Non-root user addition
Change-Id: I82995b0c0a6eb815e0422c6072c111c889c8c84a
Issue-ID: CCSDK-2149
Signed-off-by: jananib <janani.b@huawei.com>
(cherry picked from commit 3a27f2fee05ef874181ea818f28329c2567e52c5)
Diffstat (limited to 'ms/blueprintsprocessor')
-rwxr-xr-x | ms/blueprintsprocessor/application/src/main/docker/Dockerfile | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/ms/blueprintsprocessor/application/src/main/docker/Dockerfile b/ms/blueprintsprocessor/application/src/main/docker/Dockerfile index 1035915f1..042041ebb 100755 --- a/ms/blueprintsprocessor/application/src/main/docker/Dockerfile +++ b/ms/blueprintsprocessor/application/src/main/docker/Dockerfile @@ -9,9 +9,14 @@ FROM omahoco1/alpine-java-python # add entrypoint COPY startService.sh /startService.sh +RUN addgroup -S onap && adduser -S onap -G onap +RUN chown onap:onap /startService.sh RUN chmod 777 /startService.sh && dos2unix /startService.sh # add application COPY --from=extractor /opt /opt +RUN mkdir /opt/app/onap/blueprints +RUN chown onap:onap /opt -R +USER onap ENTRYPOINT [ "/startService.sh" ] |