From 38e175fa6762c27b85df450002e6458d9b0a41d6 Mon Sep 17 00:00:00 2001 From: "Timoney, Dan (dt5972)" Date: Thu, 21 Feb 2019 14:57:34 -0500 Subject: Run CCSDK dockers as non-root Update CCSDK docker images to run as non-root user by default Change-Id: Ia07c433a0e6f041d6684f24b765f4c1733b51162 Issue-ID: CCSDK-1099 Signed-off-by: Timoney, Dan (dt5972) --- odlsli/odlsli-alpine/src/main/docker/Dockerfile | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'odlsli/odlsli-alpine') diff --git a/odlsli/odlsli-alpine/src/main/docker/Dockerfile b/odlsli/odlsli-alpine/src/main/docker/Dockerfile index b9054670..2703a7d2 100644 --- a/odlsli/odlsli-alpine/src/main/docker/Dockerfile +++ b/odlsli/odlsli-alpine/src/main/docker/Dockerfile @@ -26,7 +26,7 @@ RUN sed -i -e "\|featuresRepositories|s|$|, ${CCSDK_SLI_CORE_REPO}, ${CCSDK_SLI_ RUN sed -i -e "\|featuresBoot[^a-zA-Z]|s|$|,${ODL_BOOT_FEATURES_EXTRA}|" $ODL_HOME/etc/org.apache.karaf.features.cfg # Create odl user -RUN adduser -S odl +RUN addgroup -S odl && adduser -S odl -G odl # Install ansible #COPY ansible-sources.list /etc/apt/sources.list.d @@ -46,9 +46,11 @@ RUN adduser -S odl # copy deliverables to opt -COPY opt /opt -COPY org.ops4j.pax.logging.cfg /opt/opendaylight/etc/org.ops4j.pax.logging.cfg +COPY --chown=odl:odl opt /opt +COPY --chown=odl:odl org.ops4j.pax.logging.cfg /opt/opendaylight/etc/org.ops4j.pax.logging.cfg +RUN chown -R odl:odl /opt +USER odl ENTRYPOINT /opt/onap/ccsdk/bin/startODL.sh EXPOSE 8181 -- cgit 1.2.3-korg