Run bootstrap container as non-root user1.12.0

Issue-ID: DCAEGEN2-2072 Signed-off-by: Jack Lucas <jflucas@research.att.com> Change-Id: I2555fdd6d1606d9f05a8711cf1fdacd43a9a1e35
author: Jack Lucas <jflucas@research.att.com> 2020-03-04 11:06:57 -0500
committer: Jack Lucas <jflucas@research.att.com> 2020-03-05 12:57:04 -0500
commit: 879dbd69fd7801798d8e2e2662de1758accb9105 (patch)
tree: d50c24e3b63688f960c0ac21c3209f3310ec73b2 /Dockerfile-template
parent: 483be066adba0b4bb0f7214bc9f89ee41076a3c3 (diff)
1 files changed, 9 insertions, 0 deletions
diff --git a/Dockerfile-template b/Dockerfile-template
index 8c2e084..54609ca 100644
--- a/Dockerfile-template
+++ b/Dockerfile-template
@@ -61,3 +61,12 @@ COPY blueprints/  /blueprints
 
 # Set up runtime script
 ENTRYPOINT exec "/scripts/bootstrap.sh"
+
+# Set up a non-root user
+RUN mkdir -p /opt/bootstrap \
+  && useradd -d /opt/bootstrap bootstrap \
+  && chown -R bootstrap:bootstrap /opt/bootstrap \
+  && chown -R bootstrap:bootstrap /scripts \
+  && chown -R bootstrap:bootstrap /blueprints \
+  && chown -R bootstrap:bootstrap /opt/consul
+USER bootstrap
author	Jack Lucas <jflucas@research.att.com>	2020-03-04 11:06:57 -0500
committer	Jack Lucas <jflucas@research.att.com>	2020-03-05 12:57:04 -0500
commit	879dbd69fd7801798d8e2e2662de1758accb9105 (patch)
tree	d50c24e3b63688f960c0ac21c3209f3310ec73b2 /Dockerfile-template
parent	483be066adba0b4bb0f7214bc9f89ee41076a3c3 (diff)