summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBin Yang <bin.yang@windriver.com>2019-02-21 03:59:31 +0000
committerBin Yang <bin.yang@windriver.com>2019-02-21 06:03:58 +0000
commit673917e3ba016364af77e034ebb579991127a76a (patch)
treee36140ea1f842211fa2ce1277e434fc29347113a
parentb2db65360d0c531491eaf0ab89f9ae0cd5d77752 (diff)
Run multicloud broker service as non root user
Change-Id: Ib9e2d1647a3b18a6916e672bb6017bdd01908749 Issue-ID: MULTICLOUD-495 Signed-off-by: Bin Yang <bin.yang@windriver.com>
-rw-r--r--multivimbroker/docker/Dockerfile9
1 files changed, 7 insertions, 2 deletions
diff --git a/multivimbroker/docker/Dockerfile b/multivimbroker/docker/Dockerfile
index bc72323..1525e47 100644
--- a/multivimbroker/docker/Dockerfile
+++ b/multivimbroker/docker/Dockerfile
@@ -10,6 +10,8 @@ ENV AAI_PASSWORD "AAI"
EXPOSE 9001
+RUN groupadd -r onap && useradd -r -g onap onap
+
# COPY ./ /opt/multivimbroker/
RUN apt-get update && \
apt-get install -y unzip && \
@@ -17,7 +19,10 @@ RUN apt-get update && \
wget -O multicloud-framework.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=snapshots&g=org.onap.multicloud.framework.broker&a=multicloud-framework-broker&e=zip&v=1.2.3-SNAPSHOT" && \
unzip -q -o -B multicloud-framework.zip && \
rm -f multicloud-framework.zip && \
- pip install -r /opt/multivimbroker/requirements.txt
+ pip install -r /opt/multivimbroker/requirements.txt && \
+ chown onap:onap /opt/multivimbroker -R
+
+USER onap
WORKDIR /opt/multivimbroker
-CMD /bin/sh -c /opt/multivimbroker/run.sh \ No newline at end of file
+CMD /bin/sh -c /opt/multivimbroker/run.sh