# limitations under the License.
#
-FROM openjdk:11-jre-slim
+FROM registry.gitlab.com/onap-integration/docker/onap-java
-ARG SERVER_PORT
-ARG PKG_FILENAME=nbi-rest-services-5.0.1-SNAPSHOT.jar
-ADD target/$PKG_FILENAME app.jar
+USER onap
-RUN addgroup appgroup && useradd -ms /bin/bash appuser && adduser appuser appgroup && mkdir temptoscafile && chown appuser:appgroup temptoscafile/
+ARG SERVER_PORT
+ARG PKG_FILENAME=nbi-rest-services-7.0.1-SNAPSHOT.jar
+ADD target/$PKG_FILENAME /opt/onap/app.jar
-COPY src/main/resources/certificate /certs
-ARG CERT_PASS=changeit
-RUN for cert in $(ls -d /certs/*); do \
- echo "adding $cert to java keystore..."; \
- keytool -import \
- -file "$cert" \
- -storepass "${CERT_PASS}" \
- -keystore $JAVA_HOME/lib/security/cacerts \
- -alias "$(basename $cert)" \
- --noprompt; \
- done
+RUN mkdir temptoscafile && chown onap:onap temptoscafile/
-USER appuser:appgroup
-ENV SERVER_PORT=${SERVER_PORT:-8443}
-ENV HTTP_PORT=${HTTP_PORT:-8080}
-ENV JAVA_OPTS="-Dspring.profiles.active=ssl -Djava.security.egd=file:/dev/./urandom"
+ENV SERVER_PORT=${SERVER_PORT:-8080}
+ENV JAVA_OPTS=${JAVA_OPTS:--Djava.security.egd=file:/dev/./urandom}
EXPOSE $SERVER_PORT
-EXPOSE $HTTP_PORT
-ENTRYPOINT java -XX:+UseContainerSupport $JAVA_OPTS -jar /app.jar
+ENTRYPOINT exec java -XX:+UseContainerSupport $JAVA_OPTS -jar /opt/onap/app.jar