From e97a5ce265f7e1d3380fab9c4132e2b002e8636c Mon Sep 17 00:00:00 2001 From: Michal Jagiello Date: Mon, 27 Jul 2020 10:02:19 +0000 Subject: Run in Python 3.8 Use image recommended by SECCOM Issue-ID: DCAEGEN2-2292 Signed-off-by: Michal Jagiello Change-Id: I8d77f150c9fe314bf26bac2c9fac7ebc9782c9d8 --- Dockerfile | 58 +++++++++++++++++++++++++++++++--------------------------- 1 file changed, 31 insertions(+), 27 deletions(-) (limited to 'Dockerfile') diff --git a/Dockerfile b/Dockerfile index dd687c9..fee54d1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,13 +1,17 @@ -FROM python:3.6 +FROM python:3.8.2-alpine3.11 MAINTAINER gs244f@att.com -ENV INSROOT /opt/app -ENV APPUSER misshtbt -ENV APPDIR ${INSROOT}/${APPUSER} +ARG user=onap +ARG group=onap -RUN useradd -d ${APPDIR} ${APPUSER} - -WORKDIR ${APPDIR} +RUN addgroup -S $group && adduser -S -D -h /home/$user $user $group && \ + chown -R $user:$group /home/$user && \ + mkdir /var/log/$user && \ + chown -R $user:$group /var/log/$user && \ + mkdir /app && \ + chown -R $user:$group /app + +WORKDIR /app #ADD . /tmp #RUN mkdir /tmp/config @@ -20,27 +24,27 @@ COPY requirements.txt ./ COPY setup.py ./ #need pip > 8 to have internal pypi repo in requirements.txt -RUN pip install --upgrade pip #do the install -#WORKDIR /tmp -RUN pip install pyyaml --upgrade -RUN pip install -r requirements.txt -RUN pip install -e . - -RUN mkdir -p ${APPDIR}/data \ - && mkdir -p ${APPDIR}/logs \ - && mkdir -p ${APPDIR}/tmp \ - && chown -R ${APPUSER}:${APPUSER} ${APPDIR} \ - && chmod a+w ${APPDIR}/data \ - && chmod a+w ${APPDIR}/logs \ - && chmod a+w ${APPDIR}/tmp \ - && chmod a+w ${APPDIR}/etc \ - && chmod 500 ${APPDIR}/bin/*.py \ - && chmod 500 ${APPDIR}/bin/*.sh \ - && chmod 500 ${APPDIR}/bin/*/*.py - -USER ${APPUSER} -VOLUME ${APPDIR}/logs +RUN apk add build-base libffi-dev postgresql-dev && \ + pip install --upgrade pip && \ + pip install pyyaml --upgrade && \ + pip install -r requirements.txt && \ + pip install -e . + +RUN mkdir -p data \ + && mkdir -p logs \ + && mkdir -p tmp \ + && chown -R $user:$group . \ + && chmod a+w data \ + && chmod a+w logs \ + && chmod a+w tmp \ + && chmod a+w etc \ + && chmod 500 bin/*.py \ + && chmod 500 bin/*.sh \ + && chmod 500 bin/*/*.py + +USER $user +VOLUME logs CMD ["./bin/misshtbt.sh"] -- cgit 1.2.3-korg