diff options
| author |   Jack Lucas <jflucas@research.att.com> | 2020-03-04 11:06:57 -0500 |
|---|---|---|
| committer | Jack Lucas <jflucas@research.att.com> | 2020-03-05 12:57:04 -0500 |
| commit | 879dbd69fd7801798d8e2e2662de1758accb9105 (patch) | |
| tree | d50c24e3b63688f960c0ac21c3209f3310ec73b2 | |
| parent | 483be066adba0b4bb0f7214bc9f89ee41076a3c3 (diff) | |
Run bootstrap container as non-root user1.12.0
Issue-ID: DCAEGEN2-2072
Signed-off-by: Jack Lucas <jflucas@research.att.com>
Change-Id: I2555fdd6d1606d9f05a8711cf1fdacd43a9a1e35
| -rw-r--r-- | Dockerfile-template | 9 | ||||
| -rw-r--r-- | pom.xml | 2 | ||||
| -rw-r--r-- | version.properties | 2 |
3 files changed, 11 insertions, 2 deletions
diff --git a/Dockerfile-template b/Dockerfile-template index 8c2e084..54609ca 100644 --- a/Dockerfile-template +++ b/Dockerfile-template @@ -61,3 +61,12 @@ COPY blueprints/ /blueprints # Set up runtime script ENTRYPOINT exec "/scripts/bootstrap.sh" + +# Set up a non-root user +RUN mkdir -p /opt/bootstrap \ + && useradd -d /opt/bootstrap bootstrap \ + && chown -R bootstrap:bootstrap /opt/bootstrap \ + && chown -R bootstrap:bootstrap /scripts \ + && chown -R bootstrap:bootstrap /blueprints \ + && chown -R bootstrap:bootstrap /opt/consul +USER bootstrap @@ -28,7 +28,7 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property. <groupId>org.onap.dcaegen2.deployments</groupId> <artifactId>k8s-bootstrap-container</artifactId> <name>dcaegen2-deployments-k8s-bootstrap-container</name> - <version>1.11.0-SNAPSHOT</version> + <version>1.12.0-SNAPSHOT</version> <url>http://maven.apache.org</url> <packaging>pom</packaging> diff --git a/version.properties b/version.properties index 4d2c8f5..55e12fc 100644 --- a/version.properties +++ b/version.properties @@ -1,5 +1,5 @@ major=1
-minor=11
+minor=12
patch=0
base_version=${major}.${minor}.${patch}
release_version=${base_version}
|