From 0f08018a05f3eff7cacb91d7b3b0fe272f19e269 Mon Sep 17 00:00:00 2001 From: Alexander Mazuruk Date: Wed, 24 Feb 2021 09:30:38 +0100 Subject: Change openjdk baseOS img to integration-java11 Since 7.2.0 integration images switched over to alpine, adjusted Dockerfile to accomodate the switch. Benefits from switching over: * minimal {java11,python} images maintained by integration team * using currently "blessed by seccom" versions (:latest tag used) * should limit spread of legal issues across layers * integration images will be the first to have automated compliance documentation * should limit spread of base layers (contributing to deployment footprint - more base layers = more to download, more to store etc...) Issue-ID: INT-1864 Issue-ID: DCAEGEN2-2420 Signed-off-by: Alexander Mazuruk Change-Id: Iecf2654c6732d796c10838284f0882e8c34dac34 --- src/main/resources/Dockerfile | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) (limited to 'src/main/resources') diff --git a/src/main/resources/Dockerfile b/src/main/resources/Dockerfile index cfd8372..1142259 100644 --- a/src/main/resources/Dockerfile +++ b/src/main/resources/Dockerfile @@ -1,6 +1,7 @@ # # ============LICENSE_START======================================================= # Copyright (C) 2019-2020 Nordix Foundation. +# Copyright (C) 2021 Samsung Electronics. # ================================================================================ # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -17,28 +18,27 @@ # SPDX-License-Identifier: Apache-2.0 # ============LICENSE_END========================================================= # -FROM openjdk:11.0.7-jre-slim +FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0 WORKDIR /opt/app/pm-mapper -RUN apt-get update && \ - apt-get install --no-install-recommends -y curl nano && \ - apt-get clean && \ - rm -rf /var/lib/apt/lists/* +ARG user=pm-mapper +ARG group=pm-mapper -RUN mkdir -p /var/log/ONAP +USER root +RUN apk add --no-cache curl && \ + mkdir -p /var/log/ONAP && \ + addgroup $group && adduser --system --disabled-password --no-create-home --ingroup $group $user && \ + chmod u=rwx /var/log/ONAP && \ + chown -R $user:$group /opt/app/pm-mapper /var/log/ONAP -RUN adduser pm-mapper; \ - chmod a+rwx /var/log/ONAP; \ - chown -R pm-mapper /opt/app/pm-mapper - -USER pm-mapper +USER $user COPY ${project.build.directory}/${ext.dep.dir.path}/ ${ext.dep.dir.path}/ -COPY ${project.build.directory}/${JAR} . +COPY --chown=$user:$group ${project.build.directory}/${JAR} . COPY ${project.build.directory}/classes/schemas ./etc/schemas/ COPY ${project.build.directory}/classes/templates ./etc/templates/ -COPY --chown=pm-mapper ${project.build.directory}/classes/logback.xml ./etc/logback.xml +COPY --chown=$user:$group ${project.build.directory}/classes/logback.xml ./etc/logback.xml LABEL git.branch="${git.branch}" \ @@ -55,5 +55,5 @@ LABEL git.branch="${git.branch}" \ git.commit.user.name="${git.commit.user.name}" -ENTRYPOINT ["/usr/local/openjdk-11/bin/java", "-jar", "${project.artifactId}-${project.version}.jar"] +ENTRYPOINT ["java", "-jar", "${project.artifactId}-${project.version}.jar"] ARG JAR -- cgit 1.2.3-korg