summaryrefslogtreecommitdiffstats
path: root/Dockerfile
diff options
context:
space:
mode:
authorTommy Carpenter <tommy@research.att.com>2019-06-17 10:39:53 -0400
committerTommy Carpenter <tommy@research.att.com>2019-06-17 10:40:02 -0400
commit373a87753cfa0d46ff6689a323b8c9cd0f5783e5 (patch)
treeb3cabb11c9adfe41312c037e71ebacecaa2c8ffc /Dockerfile
parent3c28f082432d640d53311de3e64382539f4c53fe (diff)
Switch to alpine, non root.5.0.0-ONAP2.5.1el-alto
Also closes issue DCAEGEN2-1564 Issue-ID: DCAEGEN2-1553 Change-Id: Ife5bd346343f329dbd6012909d9cb2bf4c1d4fa6 Signed-off-by: Tommy Carpenter <tommy@research.att.com>
Diffstat (limited to 'Dockerfile')
-rw-r--r--Dockerfile20
1 files changed, 16 insertions, 4 deletions
diff --git a/Dockerfile b/Dockerfile
index 1e65511..abfbad5 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,14 +1,26 @@
-FROM python:3.6
+FROM python:3.6-alpine
MAINTAINER tommy@research.att.com
COPY . /tmp
WORKDIR /tmp
-RUN pip install --upgrade pip
-RUN pip install .
-RUN mkdir -p /opt/logs/
EXPOSE 10000
+# it is an ONAP requirement to make, and switch to, a non root user
+ENV CBSUSER cbs
+RUN addgroup -S $CBSUSER && adduser -S -G $CBSUSER $CBSUSER
+
+# create logs dir and install
+# alpine does not come with GCC like the standard "python" docker base does, which the install needs, see https://wiki.alpinelinux.org/wiki/GCC
+RUN apk add build-base && \
+ mkdir -p /opt/logs/ && \
+ chown $CBSUSER:$CBSUSER /opt/logs && \
+ pip install --upgrade pip && \
+ pip install .
+
+# turn on file based EELF logging
ENV PROD_LOGGING 1
+# Run the application
+USER $CBSUSER
CMD run.py