summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEthan Lynn <ethanlynnl@vmware.com>2019-02-21 16:04:03 +0800
committerEthan Lynn <ethanlynnl@vmware.com>2019-02-21 16:17:02 +0800
commit731dc6db54f4b77606f37512006af429e791d5e4 (patch)
treeb3929e7fa3001a4428c6c507324d15356a20232d
parent4023da169cdfa91674b06d6dcbc9d703480b8d8b (diff)
Use non-root user in docker image
Create onap user for vio plugin Change-Id: Idaf3edcf6cb411f462bb8b7d34b091125605abae Issue-ID: MULTICLOUD-497 Signed-off-by: Ethan Lynn <ethanlynnl@vmware.com>
-rw-r--r--vio/docker/Dockerfile8
-rwxr-xr-xvio/docker/instance-run.sh2
2 files changed, 7 insertions, 3 deletions
diff --git a/vio/docker/Dockerfile b/vio/docker/Dockerfile
index b5289e6..6cd1361 100644
--- a/vio/docker/Dockerfile
+++ b/vio/docker/Dockerfile
@@ -18,13 +18,17 @@ RUN apt-get update && \
apt-get install -y wget && \
apt-get install -y redis-server
+RUN groupadd -r onap && useradd -r -g onap onap
RUN cd /opt/ && \
wget -q -O multicloud-vio.zip 'https://nexus.onap.org/service/local/artifact/maven/redirect?r=snapshots&g=org.onap.multicloud.openstack.vmware&a=multicloud-openstack-vmware&v=1.3.0-SNAPSHOT&e=zip' && \
unzip multicloud-vio.zip && \
rm -rf multicloud-vio.zip && \
- pip install -r vio/requirements.txt
+ pip install -r vio/requirements.txt && \
+ chown onap:onap -R vio/
+USER onap
WORKDIR /opt
-ENTRYPOINT vio/docker/docker-entrypoint.sh
+# ENTRYPOINT vio/docker/docker-entrypoint.sh
+CMD ["/bin/sh", "-c", "/opt/vio/run.sh"]
diff --git a/vio/docker/instance-run.sh b/vio/docker/instance-run.sh
index 6ae160b..ca3437a 100755
--- a/vio/docker/instance-run.sh
+++ b/vio/docker/instance-run.sh
@@ -13,7 +13,7 @@
# See the License for the specific language governing permissions and
# limitations under the License.
-service redis-server start
+# service redis-server start
cd ./vio
./run.sh