Code Review
/
multicloud
/
framework.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Run multicloud broker service as non root user
[multicloud/framework.git]
/
multivimbroker
/
docker
/
Dockerfile
diff --git
a/multivimbroker/docker/Dockerfile
b/multivimbroker/docker/Dockerfile
index
4cd71c0
..
1525e47
100644
(file)
--- a/
multivimbroker/docker/Dockerfile
+++ b/
multivimbroker/docker/Dockerfile
@@
-10,14
+10,19
@@
ENV AAI_PASSWORD "AAI"
EXPOSE 9001
EXPOSE 9001
+RUN groupadd -r onap && useradd -r -g onap onap
+
# COPY ./ /opt/multivimbroker/
RUN apt-get update && \
apt-get install -y unzip && \
cd /opt/ && \
# COPY ./ /opt/multivimbroker/
RUN apt-get update && \
apt-get install -y unzip && \
cd /opt/ && \
- wget -O multicloud-framework.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=snapshots&g=org.onap.multicloud.framework
&a=multicloud-framework&e=zip&v=LATES
T" && \
+ wget -O multicloud-framework.zip "https://nexus.onap.org/service/local/artifact/maven/redirect?r=snapshots&g=org.onap.multicloud.framework
.broker&a=multicloud-framework-broker&e=zip&v=1.2.3-SNAPSHO
T" && \
unzip -q -o -B multicloud-framework.zip && \
rm -f multicloud-framework.zip && \
unzip -q -o -B multicloud-framework.zip && \
rm -f multicloud-framework.zip && \
- pip install -r /opt/multivimbroker/requirements.txt
+ pip install -r /opt/multivimbroker/requirements.txt && \
+ chown onap:onap /opt/multivimbroker -R
+
+USER onap
WORKDIR /opt/multivimbroker
WORKDIR /opt/multivimbroker
-CMD /bin/sh -c /opt/multivimbroker/run.sh
\ No newline at end of file
+CMD /bin/sh -c /opt/multivimbroker/run.sh