summaryrefslogtreecommitdiffstats
path: root/components/bbs-event-processor/Dockerfile
diff options
context:
space:
mode:
Diffstat (limited to 'components/bbs-event-processor/Dockerfile')
-rw-r--r--components/bbs-event-processor/Dockerfile18
1 files changed, 11 insertions, 7 deletions
diff --git a/components/bbs-event-processor/Dockerfile b/components/bbs-event-processor/Dockerfile
index a9e6a898..226d0b8c 100644
--- a/components/bbs-event-processor/Dockerfile
+++ b/components/bbs-event-processor/Dockerfile
@@ -1,24 +1,28 @@
-FROM openjdk:11-jre-slim
+FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0
ARG PROJECT_BUILD_DIR_NAME
ARG FINAL_JAR
ARG DEPENDENCIES_DIR
ARG DOCKER_ARTIFACT_DIR
+ARG user=bbs-ep
+ARG group=bbs-ep
+
#Add a new user and group to allow container to be run as non-root
-RUN addgroup --system bbs-ep && adduser --system --ingroup bbs-ep bbs-ep
+USER root
+RUN addgroup $group && adduser --system --disabled-password --no-create-home --ingroup $group $user
#Copy dependencies and executable jar
WORKDIR ${DOCKER_ARTIFACT_DIR}
-COPY ${PROJECT_BUILD_DIR_NAME}/${FINAL_JAR} .
-COPY KeyStore.jks .
-COPY KeyStorePass.txt .
+COPY --chown=${user}:${group} ${PROJECT_BUILD_DIR_NAME}/${FINAL_JAR} .
+COPY --chown=${user}:${group} KeyStore.jks .
+COPY --chown=${user}:${group} KeyStorePass.txt .
#Overcome Docker limitation to put ARG inside ENTRYPOINT
RUN ln -s ${FINAL_JAR} bbs-ep.jar
-COPY ${PROJECT_BUILD_DIR_NAME}/${DEPENDENCIES_DIR} ./${DEPENDENCIES_DIR}
+COPY --chown=${user}:${group} ${PROJECT_BUILD_DIR_NAME}/${DEPENDENCIES_DIR} ./${DEPENDENCIES_DIR}
EXPOSE 8100
-USER bbs-ep:bbs-ep
+USER ${user}
ENTRYPOINT ["java", "-jar", "bbs-ep.jar"]