diff options
Diffstat (limited to 'mod/onboardingapi')
| -rw-r--r-- | mod/onboardingapi/ChangeLog.md | 4 | ||||
| -rw-r--r-- | mod/onboardingapi/Dockerfile | 18 | ||||
| -rw-r--r-- | mod/onboardingapi/dcae_cli/_version.py | 2 | ||||
| -rw-r--r-- | mod/onboardingapi/dcae_cli/http.py | 2 | ||||
| -rw-r--r-- | mod/onboardingapi/pom.xml | 2 | ||||
| -rwxr-xr-x | mod/onboardingapi/start.sh | 1 |
6 files changed, 20 insertions, 9 deletions
diff --git a/mod/onboardingapi/ChangeLog.md b/mod/onboardingapi/ChangeLog.md index 21d0f0c..28578d2 100644 --- a/mod/onboardingapi/ChangeLog.md +++ b/mod/onboardingapi/ChangeLog.md @@ -6,6 +6,10 @@ The format is based on [Keep a Changelog](http://keepachangelog.com/) and this project adheres to [Semantic Versioning](http://semver.org/). +## [2.12.1] + +* Run as non-root + ## [2.12.0] * Add HTTP support using Flask/flask-restplus diff --git a/mod/onboardingapi/Dockerfile b/mod/onboardingapi/Dockerfile index 606ca5b..2c3cd0d 100644 --- a/mod/onboardingapi/Dockerfile +++ b/mod/onboardingapi/Dockerfile @@ -1,12 +1,18 @@ FROM python:3.7-alpine -RUN apk update && \ - apk add --virtual build-deps gcc python-dev musl-dev && \ - apk add postgresql-dev bash +ARG UID=1000 +ARG GID=1000 + COPY . /code WORKDIR /code -RUN pip install . \ - && mkdir -p ~/.config/dcae-cli -EXPOSE 80 +RUN apk update && \ + apk add --virtual build-deps gcc python-dev musl-dev && \ + apk add postgresql-dev bash && \ + addgroup -g $GID dcaemod && \ + adduser -s /bin/bash -u $UID -G dcaemod -D dcaemod && \ + pip install . + +EXPOSE 8080 +USER dcaemod CMD /code/start.sh diff --git a/mod/onboardingapi/dcae_cli/_version.py b/mod/onboardingapi/dcae_cli/_version.py index e1ceca3..b61bd9a 100644 --- a/mod/onboardingapi/dcae_cli/_version.py +++ b/mod/onboardingapi/dcae_cli/_version.py @@ -19,4 +19,4 @@ # ECOMP is a trademark and service mark of AT&T Intellectual Property. # -*- coding: utf-8 -*- -__version__ = "2.12.0" +__version__ = "2.12.1" diff --git a/mod/onboardingapi/dcae_cli/http.py b/mod/onboardingapi/dcae_cli/http.py index 792cd7f..4d3ae0c 100644 --- a/mod/onboardingapi/dcae_cli/http.py +++ b/mod/onboardingapi/dcae_cli/http.py @@ -498,4 +498,4 @@ def start_http_server(catalog, debug=True): if debug: _app.run(debug=True) else: - _app.run(host="0.0.0.0", port=80, debug=False) + _app.run(host="0.0.0.0", port=8080, debug=False) diff --git a/mod/onboardingapi/pom.xml b/mod/onboardingapi/pom.xml index 588a9b2..be5e683 100644 --- a/mod/onboardingapi/pom.xml +++ b/mod/onboardingapi/pom.xml @@ -22,7 +22,7 @@ limitations under the License. <groupId>org.onap.dcaegen2.platform.mod</groupId> <artifactId>dcaegen2-platform-mod-onboardingapi</artifactId> <name>dcaegen2-platform-mod-onboardingapi</name> - <version>2.12.0</version> + <version>2.12.1-SNAPSHOT</version> <url>http://maven.apache.org</url> <properties> <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> diff --git a/mod/onboardingapi/start.sh b/mod/onboardingapi/start.sh index 6d7d9e5..a938c98 100755 --- a/mod/onboardingapi/start.sh +++ b/mod/onboardingapi/start.sh @@ -6,6 +6,7 @@ if [ -z $PG_CONN ]; then exit 1 fi +mkdir -p ~/.config/dcae-cli if [ ! -f ~/.config/dcae-cli/config.json ]; then echo "Creating dcae-cli config" # TODO: Make this into a variable that gets fed in via docker run |