From 1b548a33bf279b6d22b7a1a49a672151974706d7 Mon Sep 17 00:00:00 2001
From: MichaelMorris <michael.morris@est.tech>
Date: Tue, 10 Mar 2020 17:02:34 +0000
Subject: Run pods as non-root user

Signed-off-by: MichaelMorris <michael.morris@est.tech>
Issue-ID: SDC-2798
Change-Id: Ic50b8663f278b97185c471a4113de29b3e53e023
---
 sdc-workflow-designer-init/src/main/docker/Dockerfile | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

(limited to 'sdc-workflow-designer-init/src')

diff --git a/sdc-workflow-designer-init/src/main/docker/Dockerfile b/sdc-workflow-designer-init/src/main/docker/Dockerfile
index b5ee15ad..656a84ca 100644
--- a/sdc-workflow-designer-init/src/main/docker/Dockerfile
+++ b/sdc-workflow-designer-init/src/main/docker/Dockerfile
@@ -1,12 +1,19 @@
 FROM python:2.7-alpine3.8
 
-RUN pip install cqlsh==5.0.4 && \
-    mkdir ~/.cassandra/ && \
+RUN pip install cqlsh==5.0.4
+
+RUN addgroup -g 1000 sdc && adduser -S -u 1000 -G sdc -s /bin/sh sdc
+USER sdc
+RUN mkdir ~/.cassandra/ && \
     echo  '[cql]' > ~/.cassandra/cqlshrc  && \
     echo  'version=3.4.4' >> ~/.cassandra/cqlshrc
 
+USER root
 COPY create_keyspaces.cql create_tables.cql start.sh ./
+RUN chown sdc:sdc create_keyspaces.cql && \
+    chown sdc:sdc create_tables.cql && \
+    chown sdc:sdc start.sh && \
+    chmod 744 start.sh
 
-RUN chmod 744 start.sh
-
+USER sdc
 ENTRYPOINT ["./start.sh"]
-- 
cgit 1.2.3-korg