summaryrefslogtreecommitdiffstats
path: root/dgbuilder-docker/src
diff options
context:
space:
mode:
authorTimoney, Dan (dt5972) <dtimoney@att.com>2019-02-21 14:57:34 -0500
committerTimoney, Dan (dt5972) <dtimoney@att.com>2019-02-21 14:57:34 -0500
commit38e175fa6762c27b85df450002e6458d9b0a41d6 (patch)
treeffee3f46477dd521269f9a010d6c59ce71508b97 /dgbuilder-docker/src
parenta794b4f8e543361e237f70aeae6bca2347f8dfee (diff)
Run CCSDK dockers as non-root
Update CCSDK docker images to run as non-root user by default Change-Id: Ia07c433a0e6f041d6684f24b765f4c1733b51162 Issue-ID: CCSDK-1099 Signed-off-by: Timoney, Dan (dt5972) <dtimoney@att.com>
Diffstat (limited to 'dgbuilder-docker/src')
-rw-r--r--dgbuilder-docker/src/main/docker/Dockerfile7
1 files changed, 6 insertions, 1 deletions
diff --git a/dgbuilder-docker/src/main/docker/Dockerfile b/dgbuilder-docker/src/main/docker/Dockerfile
index 90ade01f..c1fd8dbd 100644
--- a/dgbuilder-docker/src/main/docker/Dockerfile
+++ b/dgbuilder-docker/src/main/docker/Dockerfile
@@ -2,12 +2,17 @@
FROM onap/ccsdk-ubuntu-image:${project.docker.latestfulltag.version}
MAINTAINER CCSDK Team (onap-discuss@lists.onap.org)
+# Create non-root user
+RUN addgroup --system dgbuilder && adduser --system --ingroup dgbuilder dgbuilder
+
# copy onap
-COPY opt /opt
+COPY --chown=dgbuilder:dgbuilder opt /opt
WORKDIR /opt/onap/ccsdk/dgbuilder
# Set the proxy if needed
# RUN npm config set proxy http://your.proxy.com:8080
#RUN npm install
#ENTRYPOINT /bin/bash /opt/onap/ccsdk/dgbuilder/start sdnc1.0
+
+USER dgbuilder
EXPOSE 3100