From e3184fb92637badbbf18fbaf3fada29412a59c77 Mon Sep 17 00:00:00 2001
From: Alexander Mazuruk <a.mazuruk@samsung.com>
Date: Thu, 18 Feb 2021 17:09:53 +0100
Subject: Change openjdk baseOS img to integration-java11

Benefits from switching over:
* minimal {java11,python} images maintained by integration team
* using currently "blessed by seccom" versions (:latest tag used)
* should limit spread of legal issues across layers
* integration images will be the first to have automated compliance
  documentation
* should limit spread of base layers (contributing to deployment
  footprint - more base layers = more to download, more to store etc...)

Issue-ID: INT-1864
Issue-ID: DCAEGEN2-2420
Signed-off-by: Alexander Mazuruk <a.mazuruk@samsung.com>
Change-Id: Ibd6f379b869306c5f14f06f6efe60c5a3c32f779
---
 sources/hv-collector-main/Dockerfile               | 36 ++++++++++++----------
 sources/hv-collector-main/pom.xml                  |  2 +-
 sources/hv-collector-main/src/main/docker/entry.sh | 13 +++-----
 3 files changed, 25 insertions(+), 26 deletions(-)

(limited to 'sources/hv-collector-main')

diff --git a/sources/hv-collector-main/Dockerfile b/sources/hv-collector-main/Dockerfile
index 178045ce..5f2dda79 100644
--- a/sources/hv-collector-main/Dockerfile
+++ b/sources/hv-collector-main/Dockerfile
@@ -1,31 +1,33 @@
-FROM docker.io/openjdk:11-jre-slim
+FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0
 
-LABEL copyright="Copyright (C) 2018-2019 NOKIA"
-LABEL license.name="The Apache Software License, Version 2.0"
-LABEL license.url="http://www.apache.org/licenses/LICENSE-2.0"
-LABEL maintainer="Nokia Wroclaw ONAP Team"
+LABEL copyright="Copyright (C) 2018-2019 NOKIA" \
+      license.name="The Apache Software License, Version 2.0" \
+      license.url="http://www.apache.org/licenses/LICENSE-2.0" \
+      maintainer="Nokia Wroclaw ONAP Team"
 
 ARG HV_VES_USER=hvves
+ARG HV_VES_GROUP=hvves
 ARG HV_VES_USER_ID_NUMBER=1410
 
-RUN apt-get update \
-        && apt-get install -y --no-install-recommends curl netcat \
-        && apt-get clean
+USER root
+RUN apk add --no-cache curl netcat-openbsd
+RUN addgroup $HV_VES_GROUP && adduser --system --disabled-password \
+    --no-create-home --uid ${HV_VES_USER_ID_NUMBER} --ingroup $HV_VES_GROUP $HV_VES_USER && \
+    mkdir -p /etc/ves-hv/ssl && \
+    mkdir -p /var/log/ONAP/dcae-hv-ves-collector/ && \
+    chown -R ${HV_VES_USER}:${HV_VES_GROUP} /etc/ves-hv /var/log/ONAP/ /opt && \
+    chmod g+s /opt /etc/ves-hv
 
 WORKDIR /opt/ves-hv-collector
 
-RUN useradd --user-group --uid ${HV_VES_USER_ID_NUMBER} ${HV_VES_USER}
-
-RUN mkdir -p /etc/ves-hv/ssl && chown -R ${HV_VES_USER} /etc/ves-hv/ssl
+COPY --chown=${HV_VES_USER}:${HV_VES_GROUP} target/libs/external/* ./
+COPY --chown=${HV_VES_USER}:${HV_VES_GROUP} target/libs/internal/* ./
+COPY --chown=${HV_VES_USER}:${HV_VES_GROUP} src/main/docker/*.sh ./
+COPY --chown=${HV_VES_USER}:${HV_VES_GROUP} src/main/docker/base.json /etc/ves-hv/configuration/base.json
+COPY --chown=${HV_VES_USER}:${HV_VES_GROUP} target/hv-collector-main-*.jar ./
 
 USER ${HV_VES_USER}
 
 ENTRYPOINT ["./entry.sh"]
 CMD ["--configuration-file /etc/ves-hv/configuration/base.json"]
 
-COPY target/libs/external/* ./
-COPY target/libs/internal/* ./
-COPY src/main/docker/*.sh ./
-COPY src/main/docker/base.json /etc/ves-hv/configuration/base.json
-
-COPY target/hv-collector-main-*.jar ./
\ No newline at end of file
diff --git a/sources/hv-collector-main/pom.xml b/sources/hv-collector-main/pom.xml
index 91d30c6f..e208b802 100644
--- a/sources/hv-collector-main/pom.xml
+++ b/sources/hv-collector-main/pom.xml
@@ -33,7 +33,7 @@
     <parent>
         <groupId>org.onap.dcaegen2.collectors.hv-ves</groupId>
         <artifactId>hv-collector-sources</artifactId>
-        <version>1.8.0-SNAPSHOT</version>
+        <version>1.9.0-SNAPSHOT</version>
     </parent>
 
     <artifactId>hv-collector-main</artifactId>
diff --git a/sources/hv-collector-main/src/main/docker/entry.sh b/sources/hv-collector-main/src/main/docker/entry.sh
index a612e393..6bac5afe 100755
--- a/sources/hv-collector-main/src/main/docker/entry.sh
+++ b/sources/hv-collector-main/src/main/docker/entry.sh
@@ -1,20 +1,17 @@
-#!/usr/bin/env bash
-
-set -euo pipefail
+#!/usr/bin/env sh
 
 pid=-1
 
-function handle_sigterm() {
-  if [[ ${pid} -ge 0 ]]; then
+handle_sigterm() {
+  if [ ${pid} -ge 0 ]; then
     echo "Caught SIGTERM signal. Redirecting to process with pid=${pid}"
     kill -TERM "${pid}"
     wait ${pid}
   fi
   exit 143 # 128 + 15 -- SIGTERM
 }
-trap "handle_sigterm" SIGTERM
-
-java ${JAVA_OPTS:-} -cp '*:' org.onap.dcae.collectors.veshv.main.MainKt $@ &
+trap "handle_sigterm" TERM
+java ${JAVA_OPTS} -cp '*:' org.onap.dcae.collectors.veshv.main.MainKt "$@" &
 pid=$!
 echo "Service started with pid=${pid}"
 wait ${pid}
-- 
cgit 1.2.3-korg