From f6668af5c6a624dc3053a2217dacce82ad7b547a Mon Sep 17 00:00:00 2001
From: Stavros Kanarakis <stavros.kanarakis@nokia.com>
Date: Mon, 22 Apr 2019 18:41:18 +0300
Subject: Run BBS-ep docker container as non-root

Replaced docker maven plugin to introduce Dockerfile.
Corrected component blueprint to deploy BBS-ep as a service component
instead of a platform one.

Change-Id: If3af67eef1a9f68554ee215d24b54f9cd4b7ce80
Issue-ID: DCAEGEN2-1446
Signed-off-by: Stavros Kanarakis <stavros.kanarakis@nokia.com>
---
 components/bbs-event-processor/Dockerfile | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)
 create mode 100644 components/bbs-event-processor/Dockerfile

(limited to 'components/bbs-event-processor/Dockerfile')

diff --git a/components/bbs-event-processor/Dockerfile b/components/bbs-event-processor/Dockerfile
new file mode 100644
index 00000000..e799bd92
--- /dev/null
+++ b/components/bbs-event-processor/Dockerfile
@@ -0,0 +1,21 @@
+FROM openjdk:8-jre-alpine
+
+ARG PROJECT_BUILD_DIR_NAME
+ARG FINAL_JAR
+ARG DEPENDENCIES_DIR
+ARG DOCKER_ARTIFACT_DIR
+
+#Add a new user and group to allow container to be run as non-root
+RUN addgroup -S bbs-ep && adduser -S -G bbs-ep bbs-ep
+
+#Copy dependencies and executable jar
+WORKDIR ${DOCKER_ARTIFACT_DIR}
+COPY ${PROJECT_BUILD_DIR_NAME}/${FINAL_JAR} .
+#Overcome Docker limitation to put ARG inside ENTRYPOINT
+RUN ln -s ${FINAL_JAR} bbs-ep.jar
+COPY ${PROJECT_BUILD_DIR_NAME}/${DEPENDENCIES_DIR} ./${DEPENDENCIES_DIR}
+
+EXPOSE 8100
+
+USER bbs-ep:bbs-ep
+ENTRYPOINT ["java", "-jar", "bbs-ep.jar"]
-- 
cgit 1.2.3-korg