summaryrefslogtreecommitdiffstats
path: root/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes
diff options
context:
space:
mode:
authorMichaelMorris <michael.morris@est.tech>2020-03-10 12:37:48 +0000
committerOfir Sonsino <ofir.sonsino@intl.att.com>2020-03-16 08:45:20 +0000
commita2abf6ea18d512d367277bacaf7476754dc0eff5 (patch)
tree595dbda50b67c33936b754b0930416e892ff3ea2 /catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes
parent1dcbd56c897602f15f6659e113fd4c8011227fc2 (diff)
Run pods as non-root user
Summary of changes: sdc-cassandra-init Added user sdc (in base image base_sdc-cqlsh - https://gerrit.onap.org/r/103436) Run entrypoint as user sdc Moved relevant files from /root/ to /home/sdc/ sdc-backend-init Added user sdc (in base image base_sdc-python - https://gerrit.onap.org/r/103436) Run entrypoint as user sdc Moved relevant files from /root/ to /home/sdc/ sdc-backend Run entrypoint as user jetty Moved relevant files from /root/ to /var/lib/jetty/ Moved cadi & cert files from /opt/app/jetty to /var/lib/jetty/ Moved ready_probe from /var/lib/read-probe.sh to /var/lib/jetty/read-probe.sh sdc-frontend Run entrypoint as user jetty Moved relevant files from /root/ to /var/lib/jetty/ Moved ready_probe from /var/lib/read-probe.sh to /var/lib/jetty/read-probe.sh sdc-onboard-backend-docker Run entrypoint as user jetty Moved relevant files from /root/ to /var/lib/jetty/ Moved ready_probe from /var/lib/read-probe.sh to /var/lib/jetty/read-probe.sh sdc-onboard-db-init-docker Run entrypoint as user sdc Added user sdc (in base image base_sdc-cqlsh - https://gerrit.onap.org/r/103436) Moved relevant files from /root/ to /home/sdc/ Signed-off-by: MichaelMorris <michael.morris@est.tech> Issue-ID: SDC-2798 Change-Id: I85be320a4a5e1cc5aeebbb98c4484d5d6fd06dfc
Diffstat (limited to 'catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes')
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb48
-rw-r--r--catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb4
2 files changed, 2 insertions, 50 deletions
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb
index b06f8a5342..3a79cfc874 100644
--- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb
@@ -35,51 +35,3 @@ template "#{jetty_base}/etc/cadi.properties" do
mode "0755"
end
-
-#Workaround due to hardcode definition in cata,log-be web.xml file
-directory "/opt/app/jetty" do
- path "/opt/app/jetty"
- owner 'jetty'
- group 'jetty'
- mode '0755'
- recursive true
- action :create
-end
-
-directory "/opt/app/jetty/base/" do
- path "/opt/app/jetty/base/"
- owner 'jetty'
- group 'jetty'
- mode '0755'
- recursive true
- action :create
-end
-
-
-directory "/opt/app/jetty/base/be/" do
- path "/opt/app/jetty/base/be/"
- owner 'jetty'
- group 'jetty'
- mode '0755'
- recursive true
- action :create
-end
-
-directory "/opt/app/jetty/base/be/etc" do
- path "/opt/app/jetty/base/be/etc"
- owner 'jetty'
- group 'jetty'
- mode '0755'
- recursive true
- action :create
-end
-
-#Workaround due to hardcode definition in catalog-be web.xml file
-template "/opt/app/jetty/base/be/etc/cadi.properties" do
- path "/opt/app/jetty/base/be/etc/cadi.properties"
- source "cadi.properties.erb"
- owner "jetty"
- group "jetty"
- mode "0755"
-end
-
diff --git a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb
index 8d42c26acc..81e1a855f4 100644
--- a/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb
+++ b/catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb
@@ -6,7 +6,7 @@ else
port = "#{node['BE'][:http_port]}"
end
-template "/var/lib/ready-probe.sh" do
+template "/var/lib/jetty/ready-probe.sh" do
source "ready-probe.sh.erb"
sensitive true
mode 0755
@@ -14,4 +14,4 @@ template "/var/lib/ready-probe.sh" do
:protocol => protocol,
:port => port
})
-end \ No newline at end of file
+end