Run pods as non-root user

Change-Id: Ia95d58b0dbf498c4d6295e42c1c430de6493c11b
Issue-ID: SDC-2798
Signed-off-by: MichaelMorris <michael.morris@est.tech>

2 files changed, 9 insertions, 7 deletions

diff --git a/docker/docker_be/Dockerfile b/docker/docker_be/Dockerfile
index c9eccf6..6821956 100644
--- a/docker/docker_be/Dockerfile
+++ b/docker/docker_be/Dockerfile
@@ -1,8 +1,8 @@
-FROM onap/base_sdc-jetty:1.4.1
+FROM onap/base_sdc-jetty:1.6.0
 
-COPY chef-solo /root/chef-solo/
+COPY --chown=jetty:jetty chef-solo ${JETTY_BASE}/chef-solo/
 
-COPY chef-repo/cookbooks /root/chef-solo/cookbooks/
+COPY --chown=jetty:jetty chef-repo/cookbooks ${JETTY_BASE}/chef-solo/cookbooks/
 
 ADD --chown=jetty:jetty target/dcae.war ${JETTY_BASE}/webapps/
 
@@ -10,8 +10,10 @@ USER root
 
 RUN apk add --no-cache python
 
-COPY startup.sh /root/
+USER jetty 
 
-RUN chmod 770 /root/startup.sh
+COPY --chown=jetty:jetty startup.sh ${JETTY_BASE}/
 
-ENTRYPOINT [ "/root/startup.sh" ]
+RUN chmod 770 ${JETTY_BASE}/startup.sh
+
+ENTRYPOINT  ${JETTY_BASE}/startup.sh
diff --git a/docker/docker_be/startup.sh b/docker/docker_be/startup.sh
index 3a2814f..fc56b2c 100644
--- a/docker/docker_be/startup.sh
+++ b/docker/docker_be/startup.sh
@@ -7,7 +7,7 @@ JAVA_OPTIONS=" ${JAVA_OPTIONS} -Dconfig.home=${JETTY_BASE}/config \
                -Djavax.net.ssl.trustStorePassword=].][xgtze]hBhz*wy]}m#lf* \
                -Djetty.console-capture.dir=${JETTY_BASE}/logs"
 
-cd /root/chef-solo
+cd /var/lib/jetty/chef-solo
 chef-solo -c solo.rb -E ${ENVNAME}
 
 status=$?