From bae9a31570313a5498e958bd074aef52564e9554 Mon Sep 17 00:00:00 2001
From: yangyan <yangyanyj@chinamobile.com>
Date: Thu, 5 Mar 2020 14:20:10 +0800
Subject: Remove sudo capability for onap user for VF-C wfengine
 activiti-extension & wfenginemgrserver docker

Change-Id: I1e1d347c31d1fbd4959934c7aaf0a72db03cb006
Issue-ID: VFC-1640
Signed-off-by: yangyan <yangyanyj@chinamobile.com>
---
 activiti-extension/src/main/docker/Dockerfile | 14 ++++----------
 wfenginemgrservice/src/main/docker/Dockerfile |  4 ----
 2 files changed, 4 insertions(+), 14 deletions(-)

diff --git a/activiti-extension/src/main/docker/Dockerfile b/activiti-extension/src/main/docker/Dockerfile
index dd207cd..21bde27 100644
--- a/activiti-extension/src/main/docker/Dockerfile
+++ b/activiti-extension/src/main/docker/Dockerfile
@@ -1,22 +1,16 @@
-FROM openjdk:8u121-jre-alpine
+FOM openjdk:8u121-jre-alpine
 LABEL maintainer=Zhaoxing(mzhx.meng@gmail.com)
 
 WORKDIR /home/onap/workflow/wfengineactiviti
-EXPOSE 8080
-
 RUN apk add --update curl && \
-    apk --no-cache add sudo && \
+    rm -rf /var/cache/apk/* && \
     addgroup -g 1000 -S onap && \
-    adduser onap -D -G onap -u 1000 && \
-    chmod u+w /etc/sudoers && \
-    sed -i '/User privilege/a\\onap    ALL=(ALL:ALL) NOPASSWD:ALL' /etc/sudoers && \
-    chmod u-x /etc/sudoers && \
-    rm -rf /var/cache/apk/*
+    adduser onap -D -G onap -u 1000
 
 ADD apache-tomcat /home/onap/workflow/wfengineactiviti/
 RUN chmod 755 /home/onap/workflow/wfengineactiviti/bin/*.sh && chown onap:onap -R /home/onap
 
 USER onap
-WORKDIR /home/onap/workflow/wfengineactiviti
+EXPOSE 8080
 ENTRYPOINT ["./bin/entrypoint.sh"]
 CMD ["start"]
diff --git a/wfenginemgrservice/src/main/docker/Dockerfile b/wfenginemgrservice/src/main/docker/Dockerfile
index 0758a3b..d70fa73 100644
--- a/wfenginemgrservice/src/main/docker/Dockerfile
+++ b/wfenginemgrservice/src/main/docker/Dockerfile
@@ -5,12 +5,8 @@ WORKDIR /home/onap/workflow/wfenginemgrservice
 EXPOSE 10550
 
 RUN apk add --update curl && \
-    apk --no-cache add sudo && \
     addgroup -g 1000 -S onap && \
     adduser onap -D -G onap -u 1000 && \
-    chmod u+w /etc/sudoers && \
-    sed -i '/User privilege/a\\onap    ALL=(ALL:ALL) NOPASSWD:ALL' /etc/sudoers && \
-    chmod u-x /etc/sudoers && \
     rm -rf /var/cache/apk/*
 
 ADD bin /home/onap/workflow/wfenginemgrservice/
-- 
cgit 1.2.3-korg