From f6a8a8322d09d5f6012167d298dea6f0471cb82c Mon Sep 17 00:00:00 2001 From: Andrew Gauld Date: Fri, 27 Mar 2020 15:30:36 +0000 Subject: Update images to run as non-root Images updated and the new versions are: adapter.acumos:1.0.2 mod.distributorapi:1.0.1 mod.onboardingapi:2.12.1 mod.designtool-web:1.0.2 mod.genprocessor-job:1.0.1 mod.genprocessor-http:1.0.1 mod.runtime-web:1.0.2 Note: image names all start with "onap/org.onap.dcaegen2.platform." designtool-web was already running as a non-root user. The others have been changed to create user "dcaemod" and run as that user. The listen port numbers on mod.distributorapi, mod.onboardingapi, and mod.genprocessor-http are changed from 80 to 8080. URLs in designtool-web, distributorapi, and genprocessor-job are adjusted to reflect the new port numbers. Change-Id: I510122952666c21cb92f3f64552e99d50af7c355 Issue-ID: DCAEGEN2-2170 Signed-off-by: Andrew Gauld --- mod/onboardingapi/Dockerfile | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) (limited to 'mod/onboardingapi/Dockerfile') diff --git a/mod/onboardingapi/Dockerfile b/mod/onboardingapi/Dockerfile index 606ca5b..2c3cd0d 100644 --- a/mod/onboardingapi/Dockerfile +++ b/mod/onboardingapi/Dockerfile @@ -1,12 +1,18 @@ FROM python:3.7-alpine -RUN apk update && \ - apk add --virtual build-deps gcc python-dev musl-dev && \ - apk add postgresql-dev bash +ARG UID=1000 +ARG GID=1000 + COPY . /code WORKDIR /code -RUN pip install . \ - && mkdir -p ~/.config/dcae-cli -EXPOSE 80 +RUN apk update && \ + apk add --virtual build-deps gcc python-dev musl-dev && \ + apk add postgresql-dev bash && \ + addgroup -g $GID dcaemod && \ + adduser -s /bin/bash -u $UID -G dcaemod -D dcaemod && \ + pip install . + +EXPOSE 8080 +USER dcaemod CMD /code/start.sh -- cgit 1.2.3-korg