Run DFC docker container as a non-root user

Change-Id: I82504ebebc8ddf48f6ee6b1c1dfbe433c60ab1aa
Issue-ID: DCAEGEN2-1269
Signed-off-by: RehanRaza <muhammad.rehan.raza@est.tech>

3 files changed, 54 insertions, 27 deletions

diff --git a/datafile-app-server/config/application.yaml b/datafile-app-server/config/application.yaml
index b66f7b6e..f2538578 100644
--- a/datafile-app-server/config/application.yaml
+++ b/datafile-app-server/config/application.yaml
@@ -16,6 +16,6 @@ logging:
     org.springframework.data: ERROR
     org.springframework.web.reactive.function.client.ExchangeFunctions: ERROR
     org.onap.dcaegen2.collectors.datafile: ERROR
-  file: opt/log/application.log
+  file: /var/log/ONAP/application.log
 app:
-  filepath: config/datafile_endpoints.json
+  filepath: /opt/app/datafile/config/datafile_endpoints.json
diff --git a/datafile-app-server/pom.xml b/datafile-app-server/pom.xml
index 90b6fea6..3ceccdbe 100644
--- a/datafile-app-server/pom.xml
+++ b/datafile-app-server/pom.xml
@@ -1,7 +1,7 @@
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
   ~ ============LICENSE_START=======================================================
-  ~ Copyright (C) 2018 NOKIA Intellectual Property, 2018 Nordix Foundation. All rights reserved.
+  ~ Copyright (C) 2018 NOKIA Intellectual Property, 2018-2019 Nordix Foundation. All rights reserved.
   ~ ================================================================================ 
   ~ Licensed under the Apache License, Version 2.0 (the "License");
   ~ you may not use this file except in compliance with the License.
@@ -32,6 +32,7 @@
   <packaging>jar</packaging>
 
   <properties>
+    <dockerfile.maven.version>1.4.10</dockerfile.maven.version>
     <docker.image.name>onap/${project.groupId}.${project.artifactId}</docker.image.name>
     <maven.build.timestamp.format>yyyyMMdd'T'HHmmss</maven.build.timestamp.format>
   </properties>
@@ -54,31 +55,15 @@
       </plugin>
       <plugin>
         <groupId>com.spotify</groupId>
-        <artifactId>docker-maven-plugin</artifactId>
+        <artifactId>dockerfile-maven-plugin</artifactId>
+        <version>${dockerfile.maven.version}</version>
         <configuration>
-          <serverId>${onap.nexus.dockerregistry.daily}</serverId>
-          <imageName>${docker.image.name}</imageName>
-          <imageTags>
-            <tag>latest</tag>
-          </imageTags>
-          <baseImage>openjdk:8-jre-alpine</baseImage>
-          <resources>
-            <resource>
-              <directory>${project.build.directory}</directory>
-              <include>${project.artifactId}.jar</include>
-              <targetPath>/target</targetPath>
-            </resource>
-            <resource>
-              <targetPath>/config</targetPath>
-              <directory>${project.basedir}/config</directory>
-              <include>*</include>
-            </resource>
-          </resources>
-          <exposes>
-            <expose>8100</expose>
-            <expose>8433</expose>
-          </exposes>
-          <cmd>["java", "-jar", "/target/${project.artifactId}.jar"]</cmd>
+          <repository>${onap.nexus.dockerregistry.daily}/${docker.image.name}</repository>
+          <tag>${project.version}</tag>
+          <dockerfile>${project.build.outputDirectory}/Dockerfile</dockerfile>
+          <buildArgs>
+            <JAR_FILE>${project.build.finalName}.jar</JAR_FILE>
+          </buildArgs>
         </configuration>
         <executions>
           <execution>
diff --git a/datafile-app-server/src/main/resources/Dockerfile b/datafile-app-server/src/main/resources/Dockerfile
new file mode 100644
index 00000000..1869d364
--- /dev/null
+++ b/datafile-app-server/src/main/resources/Dockerfile
@@ -0,0 +1,42 @@
+#
+# ============LICENSE_START=======================================================
+#  Copyright (C) 2019 Nordix Foundation.
+# ================================================================================
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+#
+# SPDX-License-Identifier: Apache-2.0
+# ============LICENSE_END=========================================================
+#
+FROM openjdk:8-jre-alpine
+
+WORKDIR /opt/app/datafile
+RUN mkdir -p /var/log/ONAP
+
+ARG JAR_FILE
+ADD /target/${JAR_FILE} /opt/app/datafile/datafile-app-server.jar
+
+ADD /config/application.yaml /opt/app/datafile/config/
+ADD /config/cacerts /opt/app/datafile/config/
+ADD /config/datafile_endpoints.json /opt/app/datafile/config/
+ADD /config/ftpKey.jks /opt/app/datafile/config/
+ADD /config/keystore /opt/app/datafile/config/
+
+EXPOSE 8100 8433
+
+RUN addgroup -S onap && adduser -S datafile -G onap
+RUN chown -R datafile:onap /opt/app/datafile
+RUN chown -R datafile:onap /var/log/ONAP
+
+USER datafile
+
+ENTRYPOINT ["/usr/bin/java", "-jar", "/opt/app/datafile/datafile-app-server.jar"]
\ No newline at end of file