Run Starlingx plugin as non root user

Change-Id: Icb45c00205948399010662783e6268402df77e10 Issue-ID: MULTICLOUD-500 Signed-off-by: Haibin Huang <haibin.huang@intel.com>
author: Haibin Huang <haibin.huang@intel.com> 2019-02-22 15:24:21 +0800
committer: Haibin Huang <haibin.huang@intel.com> 2019-02-22 15:24:21 +0800
commit: d880bc87d826ddded5e48bb5b78e0024762a5ad7 (patch)
tree: 62ffcbb019ceceb2e808cfc66a9ec1e59c60cb6a
parent: 3692d889d572f31c601bd77460f4d2aab2f80af7 (diff)
1 files changed, 5 insertions, 1 deletions
diff --git a/starlingx/docker/Dockerfile b/starlingx/docker/Dockerfile
index 49da0aba..be9928c7 100644
--- a/starlingx/docker/Dockerfile
+++ b/starlingx/docker/Dockerfile
@@ -31,6 +31,7 @@ ENV AAI_PASSWORD "AAI"
 
 EXPOSE 9009
 
+RUN groupadd -r onap && useradd -r -g onap onap
 WORKDIR /opt/starlingx
 RUN apt-get update && apt-get install -y memcached unzip
 RUN wget -O /opt/multicloud-openstack-starlingx.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=snapshots&g=org.onap.multicloud.openstack&a=multicloud-openstack-starlingx&e=zip&v=1.3.0-SNAPSHOT" && \
@@ -38,6 +39,9 @@ RUN wget -O /opt/multicloud-openstack-starlingx.zip "https://nexus.onap.org/serv
     rm -f /opt/multicloud-openstack-starlingx.zip
 RUN mkdir -p /var/log/onap/multicloud/openstack/starlingx/
 #COPY ./ .
-RUN pip install -r requirements.txt
+RUN pip install -r requirements.txt &&
+RUN chown onap:onap /opt/stalingx -R
+
+USER onap
 
 CMD "/opt/starlingx/run.sh"
author	Haibin Huang <haibin.huang@intel.com>	2019-02-22 15:24:21 +0800
committer	Haibin Huang <haibin.huang@intel.com>	2019-02-22 15:24:21 +0800
commit	d880bc87d826ddded5e48bb5b78e0024762a5ad7 (patch)
tree	62ffcbb019ceceb2e808cfc66a9ec1e59c60cb6a
parent	3692d889d572f31c601bd77460f4d2aab2f80af7 (diff)