diff options
author | Dan Timoney <dtimoney@att.com> | 2020-04-28 14:03:13 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2020-04-28 14:03:13 +0000 |
commit | 263b5c1cc1de8c9429d25e6b2aa23159f8c7ee9e (patch) | |
tree | 8846d93f613f5711c7f06cb415d284baecf35c7c /ms/command-executor/src/main | |
parent | 8134100d6d92a75906a55cb56b993179e97e01ec (diff) | |
parent | 0973cd1d23c2917c840cf21630d8c565732bbe1b (diff) |
Merge "Making POD run as non-root" into frankfurt
Diffstat (limited to 'ms/command-executor/src/main')
-rw-r--r-- | ms/command-executor/src/main/docker/Dockerfile | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/ms/command-executor/src/main/docker/Dockerfile b/ms/command-executor/src/main/docker/Dockerfile index 70cf943f6..c38126066 100644 --- a/ms/command-executor/src/main/docker/Dockerfile +++ b/ms/command-executor/src/main/docker/Dockerfile @@ -5,10 +5,13 @@ RUN python -m pip install --upgrade pip RUN pip install grpcio==${GRPC_PYTHON_VERSION} grpcio-tools==${GRPC_PYTHON_VERSION} RUN pip install virtualenv==16.7.9 +RUN groupadd -r onap && useradd -r -g onap onap + COPY start.sh /opt/app/onap/start.sh RUN chmod u+x /opt/app/onap/start.sh RUN mkdir -p /opt/app/onap/logs/ && touch /opt/app/onap/logs/application.log +RUN chown onap:onap /opt -R COPY @project.build.finalName@-@assembly.id@.tar.gz /source.tar.gz RUN tar -xzf /source.tar.gz -C /tmp \ @@ -17,5 +20,5 @@ RUN tar -xzf /source.tar.gz -C /tmp \ && rm -rf /tmp/@project.build.finalName@ VOLUME /opt/app/onap/blueprints/deploy/ - +USER onap ENTRYPOINT /opt/app/onap/start.sh |