Code Review / sdc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Run pods as non-root user
[sdc.git] / catalog-fe / sdc-frontend / Dockerfile
diff --git a/catalog-fe/sdc-frontend/Dockerfile b/catalog-fe/sdc-frontend/Dockerfile
index 5733dd2..66aea7b 100644 (file)
--- a/catalog-fe/sdc-frontend/Dockerfile
+++ b/catalog-fe/sdc-frontend/Dockerfile
@@ -1,17 +1,17 @@
 FROM onap/base_sdc-jetty:1.6.0
 
-COPY chef-solo /root/chef-solo/
+RUN mkdir -p ${JETTY_BASE}/config/catalog-fe
 
-COPY chef-repo/cookbooks /root/chef-solo/cookbooks/
+COPY --chown=jetty:jetty chef-solo ${JETTY_BASE}/chef-solo/
+
+COPY --chown=jetty:jetty chef-repo/cookbooks ${JETTY_BASE}/chef-solo/cookbooks/
 
 ADD --chown=jetty:jetty onboarding*.war         ${JETTY_BASE}/webapps/
 
 ADD --chown=jetty:jetty catalog-fe-*.war        ${JETTY_BASE}/webapps/
 
-USER root
-
-COPY startup.sh /root/
+COPY --chown=jetty:jetty startup.sh ${JETTY_BASE}
 
-RUN chmod 770 /root/startup.sh
+RUN chmod 770 ${JETTY_BASE}/startup.sh
 
-ENTRYPOINT [ "/root/startup.sh" ]
+ENTRYPOINT ${JETTY_BASE}/startup.sh
SDC Parent Project Catalog FE and BE