Code Review
/
vfc
/
nfvo
/
wfengine.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Change wfengigne pod startup to non root
[vfc/nfvo/wfengine.git]
/
activiti-extension
/
src
/
main
/
docker
/
Dockerfile
diff --git
a/activiti-extension/src/main/docker/Dockerfile
b/activiti-extension/src/main/docker/Dockerfile
index
6a5bed4
..
dd207cd
100644
(file)
--- a/
activiti-extension/src/main/docker/Dockerfile
+++ b/
activiti-extension/src/main/docker/Dockerfile
@@
-5,15
+5,18
@@
WORKDIR /home/onap/workflow/wfengineactiviti
EXPOSE 8080
RUN apk add --update curl && \
EXPOSE 8080
RUN apk add --update curl && \
+ apk --no-cache add sudo && \
+ addgroup -g 1000 -S onap && \
+ adduser onap -D -G onap -u 1000 && \
+ chmod u+w /etc/sudoers && \
+ sed -i '/User privilege/a\\onap ALL=(ALL:ALL) NOPASSWD:ALL' /etc/sudoers && \
+ chmod u-x /etc/sudoers && \
rm -rf /var/cache/apk/*
ADD apache-tomcat /home/onap/workflow/wfengineactiviti/
rm -rf /var/cache/apk/*
ADD apache-tomcat /home/onap/workflow/wfengineactiviti/
-RUN chmod 755 /home/onap/workflow/wfengineactiviti/bin/*.sh
+RUN chmod 755 /home/onap/workflow/wfengineactiviti/bin/*.sh
&& chown onap:onap -R /home/onap
-ENTRYPOINT ["./bin/entrypoint.sh"]
+USER onap
+WORKDIR /home/onap/workflow/wfengineactiviti
+ENTRYPOINT ["./bin/entrypoint.sh"]
CMD ["start"]
CMD ["start"]
-
-
-
-
-