aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTommy Carpenter <tommy@research.att.com>2019-06-17 10:39:53 -0400
committerTommy Carpenter <tommy@research.att.com>2019-06-17 10:40:02 -0400
commit373a87753cfa0d46ff6689a323b8c9cd0f5783e5 (patch)
treeb3cabb11c9adfe41312c037e71ebacecaa2c8ffc
parent3c28f082432d640d53311de3e64382539f4c53fe (diff)
Switch to alpine, non root.5.0.0-ONAP2.5.1el-alto
Also closes issue DCAEGEN2-1564 Issue-ID: DCAEGEN2-1553 Change-Id: Ife5bd346343f329dbd6012909d9cb2bf4c1d4fa6 Signed-off-by: Tommy Carpenter <tommy@research.att.com>
-rw-r--r--Changelog.md4
-rw-r--r--Dockerfile20
-rw-r--r--pom.xml2
-rw-r--r--setup.py2
-rw-r--r--version.properties2
5 files changed, 23 insertions, 7 deletions
diff --git a/Changelog.md b/Changelog.md
index 7576d1e..2f29e66 100644
--- a/Changelog.md
+++ b/Changelog.md
@@ -4,6 +4,10 @@ All notable changes to this project will be documented in this file.
The format is based on [Keep a Changelog](http://keepachangelog.com/)
and this project adheres to [Semantic Versioning](http://semver.org/).
+## [2.5.1] - 6/17/2019
+* Switch to alpine base
+* use a non root user
+
## [2.5.0] - 6/5/2019
* Add back HTTPS support and a flag to enable it
* Move exceptions into a common file
diff --git a/Dockerfile b/Dockerfile
index 1e65511..abfbad5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,14 +1,26 @@
-FROM python:3.6
+FROM python:3.6-alpine
MAINTAINER tommy@research.att.com
COPY . /tmp
WORKDIR /tmp
-RUN pip install --upgrade pip
-RUN pip install .
-RUN mkdir -p /opt/logs/
EXPOSE 10000
+# it is an ONAP requirement to make, and switch to, a non root user
+ENV CBSUSER cbs
+RUN addgroup -S $CBSUSER && adduser -S -G $CBSUSER $CBSUSER
+
+# create logs dir and install
+# alpine does not come with GCC like the standard "python" docker base does, which the install needs, see https://wiki.alpinelinux.org/wiki/GCC
+RUN apk add build-base && \
+ mkdir -p /opt/logs/ && \
+ chown $CBSUSER:$CBSUSER /opt/logs && \
+ pip install --upgrade pip && \
+ pip install .
+
+# turn on file based EELF logging
ENV PROD_LOGGING 1
+# Run the application
+USER $CBSUSER
CMD run.py
diff --git a/pom.xml b/pom.xml
index b4fcda6..904c3c7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -30,7 +30,7 @@ ECOMP is a trademark and service mark of AT&T Intellectual Property.
<groupId>org.onap.dcaegen2.platform</groupId>
<artifactId>configbinding</artifactId>
<name>dcaegen2-platform-configbinding</name>
- <version>2.5.0-SNAPSHOT</version>
+ <version>2.5.1-SNAPSHOT</version>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
diff --git a/setup.py b/setup.py
index a94ed38..b276e94 100644
--- a/setup.py
+++ b/setup.py
@@ -20,7 +20,7 @@ from setuptools import setup, find_packages
setup(
name="config_binding_service",
- version="2.5.0",
+ version="2.5.1",
packages=find_packages(exclude=["tests.*", "tests"]),
author="Tommy Carpenter",
author_email="tommy@research.att.com",
diff --git a/version.properties b/version.properties
index 6c69733..23c0525 100644
--- a/version.properties
+++ b/version.properties
@@ -1,6 +1,6 @@
major=2
minor=5
-patch=0
+patch=1
base_version=${major}.${minor}.${patch}
release_version=${base_version}
snapshot_version=${base_version}-SNAPSHOT