From 14f5c284ae2aa346d5472a3ea46f7b8acdda6a17 Mon Sep 17 00:00:00 2001
From: Haibin Huang <haibin.huang@intel.com>
Date: Tue, 26 Feb 2019 09:01:24 +0800
Subject: Run Pike plugin as non root user

Change-Id: Iabd2eaeea44fa0f98679ef06a86ce5c455456578
Issue-ID: MULTICLOUD-500
Signed-off-by: Haibin Huang <haibin.huang@intel.com>
---
 pike/docker/Dockerfile | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'pike/docker')

diff --git a/pike/docker/Dockerfile b/pike/docker/Dockerfile
index d5cfd85e..9a3f3231 100644
--- a/pike/docker/Dockerfile
+++ b/pike/docker/Dockerfile
@@ -31,6 +31,7 @@ ENV AAI_PASSWORD "AAI"
 
 EXPOSE 9007
 
+RUN groupadd -r onap && useradd -r -g onap onap
 WORKDIR /opt/pike
 RUN apt-get update && apt-get install -y memcached unzip
 RUN wget -O /opt/multicloud-openstack-pike.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=snapshots&g=org.onap.multicloud.openstack&a=multicloud-openstack-pike&e=zip&v=1.3.0-SNAPSHOT" && \
@@ -39,5 +40,8 @@ RUN wget -O /opt/multicloud-openstack-pike.zip "https://nexus.onap.org/service/l
 RUN mkdir -p /var/log/onap/multicloud/openstack/pike/
 #COPY ./ .
 RUN pip install -r requirements.txt
+RUN chown onap:onap /opt/pike -R
+
+USER onap
 
 CMD "/opt/pike/run.sh"
-- 
cgit 1.2.3-korg