diff options
author | vrvarma <vikas.varma@att.com> | 2020-03-05 11:13:48 -0500 |
---|---|---|
committer | vrvarma <vikas.varma@att.com> | 2020-03-05 11:13:58 -0500 |
commit | bcc32d6305104ecfd054f8223fc4d667319590a5 (patch) | |
tree | 1e377964e3e5711115fb680bb9b0dd3df9d03a3f /cmso-ticketmgt/src/main/docker | |
parent | bb21f15fa12db8ebb39c3aadd8a0a34aa7fa1b01 (diff) |
making cmso pods run as non-root user
Change-Id: I0cd576964077038790b302d38e48c52da2867546
Signed-off-by: vrvarma <vikas.varma@att.com>
Issue-ID: OPTFRA-711
Diffstat (limited to 'cmso-ticketmgt/src/main/docker')
-rw-r--r-- | cmso-ticketmgt/src/main/docker/Dockerfile | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/cmso-ticketmgt/src/main/docker/Dockerfile b/cmso-ticketmgt/src/main/docker/Dockerfile index 86f04dd..b846a9c 100644 --- a/cmso-ticketmgt/src/main/docker/Dockerfile +++ b/cmso-ticketmgt/src/main/docker/Dockerfile @@ -17,6 +17,9 @@ RUN test -n "$http_proxy" && echo "Acquire::Proxy \"http://$http_proxy\";" > /et apt-get install -y openjdk-11-jre-headless && \ apt-get install -y curl +RUN groupadd onap \ + && useradd -m -g onap onap + COPY onap-cmso-tm/cmso-ticketmgt.jar ${APP_HOME}/app.jar VOLUME /share/etc @@ -29,7 +32,10 @@ COPY onap-cmso-tm/data ${APP_HOME}/data RUN chmod 700 ${APP_HOME}/startService.sh && \ ln -s /share/etc ${APP_HOME}/etc && \ ln -s /share/logs ${APP_HOME}/logs && \ - ln -s /share/debug-logs ${APP_HOME}/debug-logs + ln -s /share/debug-logs ${APP_HOME}/debug-logs && \ + chown -R onap:onap ${APP_HOME} + +USER onap WORKDIR ${APP_HOME} ENTRYPOINT ./startService.sh |