From 8ec995121b60870819f523c0cd6b42368e3175ee Mon Sep 17 00:00:00 2001
From: Dan Timoney <dtimoney@att.com>
Date: Wed, 8 Apr 2020 09:03:01 -0400
Subject: Start as non-root

Updated dmaap-listener and ueb-listener Dockerfiles to run as non-root
user 'sdnc'.

Change-Id: I2bb0e4d8677c37b6311f70463c18e7d0a7bfdb0d
Issue-ID: SDNC-1145
Signed-off-by: Dan Timoney <dtimoney@att.com>

Former-commit-id: 986379139be8097c1c3ef35f09b606593ccf518c
---
 .../ueb-listener/src/main/docker/Dockerfile         | 21 +++++++++++++++++++--
 1 file changed, 19 insertions(+), 2 deletions(-)

(limited to 'installation/ueb-listener')

diff --git a/installation/ueb-listener/src/main/docker/Dockerfile b/installation/ueb-listener/src/main/docker/Dockerfile
index 8008dfd9..daecd1cc 100644
--- a/installation/ueb-listener/src/main/docker/Dockerfile
+++ b/installation/ueb-listener/src/main/docker/Dockerfile
@@ -1,6 +1,6 @@
 # Base alpine with added packages needed for open ecomp
-FROM onap/ccsdk-alpine-image:${ccsdk.docker.version}
-MAINTAINER SDNC Team (onap-sdnc@lists.onap.org)
+FROM onap/ccsdk-alpine-image:${ccsdk.docker.version} AS stage0
+
 ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
 ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
 
@@ -8,4 +8,21 @@ ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
 # copy deliverables to opt
 COPY opt /opt
 
+# End of stage0
+
+FROM onap/ccsdk-alpine-image:${ccsdk.docker.version}
+MAINTAINER SDNC Team (onap-sdnc@lists.onap.org)
+
+ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
+ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
+
+USER root
+
+
+# Create sdnc user
+RUN addgroup -S sdnc && adduser -S sdnc -G sdnc
+
+# Copy /opt and change user/owner to sdnc
+COPY --from=stage0 --chown=sdnc:sdnc /opt /opt
 
+USER sdnc
\ No newline at end of file
-- 
cgit 1.2.3-korg