summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorHaibin Huang <haibin.huang@intel.com>2019-02-26 09:01:24 +0800
committerHaibin Huang <haibin.huang@intel.com>2019-02-26 13:54:18 +0800
commit14f5c284ae2aa346d5472a3ea46f7b8acdda6a17 (patch)
tree29d40670a574786cf645dd01b1ca8c03857a4c99
parentd880bc87d826ddded5e48bb5b78e0024762a5ad7 (diff)
Run Pike plugin as non root user
Change-Id: Iabd2eaeea44fa0f98679ef06a86ce5c455456578 Issue-ID: MULTICLOUD-500 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
-rw-r--r--pike/docker/Dockerfile4
1 files changed, 4 insertions, 0 deletions
diff --git a/pike/docker/Dockerfile b/pike/docker/Dockerfile
index d5cfd85e..9a3f3231 100644
--- a/pike/docker/Dockerfile
+++ b/pike/docker/Dockerfile
@@ -31,6 +31,7 @@ ENV AAI_PASSWORD "AAI"
EXPOSE 9007
+RUN groupadd -r onap && useradd -r -g onap onap
WORKDIR /opt/pike
RUN apt-get update && apt-get install -y memcached unzip
RUN wget -O /opt/multicloud-openstack-pike.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=snapshots&g=org.onap.multicloud.openstack&a=multicloud-openstack-pike&e=zip&v=1.3.0-SNAPSHOT" && \
@@ -39,5 +40,8 @@ RUN wget -O /opt/multicloud-openstack-pike.zip "https://nexus.onap.org/service/l
RUN mkdir -p /var/log/onap/multicloud/openstack/pike/
#COPY ./ .
RUN pip install -r requirements.txt
+RUN chown onap:onap /opt/pike -R
+
+USER onap
CMD "/opt/pike/run.sh"