diff options
| author |   Kai <lukai@chinamobile.com> | 2021-03-29 11:48:10 +0800 |
|---|---|---|
| committer |   Remigiusz Janeczek <remigiusz.janeczek@nokia.com> | 2021-05-12 17:11:08 +0200 |
| commit | 9bb841d5faa995c2170057f93cd65303fba7979c (patch) | |
| tree | b3fe5deaa60844546984d74adb82b9217a6f4705 /dcae-analytics/dcae-analytics-tca-web/Dockerfile | |
| parent | 6302edb304f69068b108a69001d69bc6213b6a6a (diff) | |
Fix mongodb errors on application startup1.3.0-tca-gen2
Revert Dockerfile refactor due to permissions issues
Issue-ID: DCAEGEN2-2747
Issue-ID: DCAEGEN2-2590
Signed-off-by: Kai Lu <lukai@chinamobile.com>
Change-Id: I84075575cc75090876416cb13e0ac197a8e0f6e3
Signed-off-by: Remigiusz Janeczek <remigiusz.janeczek@nokia.com>
Diffstat (limited to 'dcae-analytics/dcae-analytics-tca-web/Dockerfile')
| -rw-r--r-- | dcae-analytics/dcae-analytics-tca-web/Dockerfile | 28 |
1 files changed, 14 insertions, 14 deletions
diff --git a/dcae-analytics/dcae-analytics-tca-web/Dockerfile b/dcae-analytics/dcae-analytics-tca-web/Dockerfile index 2791e03..a2c59c4 100644 --- a/dcae-analytics/dcae-analytics-tca-web/Dockerfile +++ b/dcae-analytics/dcae-analytics-tca-web/Dockerfile @@ -9,23 +9,23 @@ ARG DOCKER_ARTIFACT_DIR ARG user=tca-gen2 ARG group=tca-gen2 -WORKDIR ${DOCKER_ARTIFACT_DIR} -#Copy dependencies and executable jar -COPY ${PROJECT_BUILD_DIR_NAME}/${FINAL_JAR} . - USER root -#Symlink to overcome Docker limitation to put ARG inside ENTRYPOINT -RUN mkdir -p /var/log/ONAP/dcaegen2/analytics/tca-gen2 && \ - addgroup $group && adduser --system --disabled-password --no-create-home --ingroup $group $user && \ - chmod g+rwx /opt; \ - chmod u+rw /var/log/ONAP/dcaegen2/analytics/tca-gen2 && \ - chown -R $user /opt && \ - chown -R $user /var/log/ONAP/dcaegen2/analytics/tca-gen2 && \ - ln -s ${FINAL_JAR} tca-gen2.jar && \ - chown $user ${FINAL_JAR} tca-gen2.jar +RUN mkdir -p /var/log/ONAP/dcaegen2/analytics/tca-gen2 +#Add a new user and group to allow container to be run as non-root +RUN addgroup $group && adduser --system --disabled-password --no-create-home --ingroup $group $user && \ + chmod 775 /opt && \ + chmod 775 /var/log/ONAP/dcaegen2/analytics/tca-gen2 && \ + chown -R $user:$group /opt && \ + chown -R $user:$group /var/log/ONAP/dcaegen2/analytics/tca-gen2 + +#Copy dependencies and executable jar +WORKDIR ${DOCKER_ARTIFACT_DIR} +COPY ${PROJECT_BUILD_DIR_NAME}/${FINAL_JAR} . +#Overcome Docker limitation to put ARG inside ENTRYPOINT +RUN ln -s ${FINAL_JAR} tca-gen2.jar EXPOSE 8100 -USER $user +USER $user:$group ENTRYPOINT ["java", "-Dspring.profiles.active=configBindingService,dmaap,mongo", "-jar", "tca-gen2.jar"] |