-FROM tomcat:8.0-jre8-alpine
+FROM tomcat:9-jdk11-openjdk-slim
# add vim and uncomment alias to speedup troubleshooting purpose
RUN apk update && apk add openjdk8 vim net-tools
-COPY conf.d/ /etc/onap/vid/conf.d/
+ARG user=onap
+ARG group=onap
+
+# Create a group and user
+RUN groupadd -r $group && useradd -ms /bin/bash $user -g $group && \
+ mkdir /opt/$user && \
+ chown -R $user:$group /opt/$user && \
+ mkdir /var/log/$user && \
+ chown -R $user:$group /var/log/$user
# MariaDB variables
ENV VID_MYSQL_HOST="vid-mariadb-docker-instance" \
# Keystore variables
ENV VID_KEYSTORE_FILENAME="${ROOT_DIR}/etc/org.onap.vid.jks" \
VID_TRUSTSTORE_FILENAME="${ROOT_DIR}/etc/org.onap.vid.trust.jks" \
- VID_KEYSTORE_PASSWORD="ry1RLC(?M6?2fQ]1a2)2y{P:" \
+ VID_KEYSTORE_PASSWORD="ry1RLC\(\?M6\?2fQ\]1a2\)2y\{P:" \
VID_TRUSTSTORE_PASSWORD="OBF:1dx01j0e1hs01t981mis1dws156s1ojc1qjc1zsx1pw31qob1qr71pyj1zst1qhy1ojq156i1dua1mm21tb61hvi1j0g1du2" \
VID_TOMCAT_PATH="/usr/local/tomcat/conf/"
# Custom options
ENV JAVA_OPTS="-Xmx1536m -Xms1536m"
-ENV CATALINA_OPTS="-Dvid.keystore.password=${VID_KEYSTORE_PASSWORD} -Dvid.keyalias=vid@vid.onap.org -Dvid.keystore.filename=${VID_KEYSTORE_FILENAME}"
-ADD maven/config/org.onap.vid.jks ${VID_KEYSTORE_FILENAME}
-ADD maven/config/org.onap.vid.trust.jks ${VID_TRUSTSTORE_FILENAME}
ADD maven/config/server.xml ${VID_TOMCAT_PATH}
ADD maven/scripts/*.sh /tmp/vid/
ADD maven/artifacts/vid.war /tmp/vid/stage/
+RUN chown $user:$group /tmp/vid /usr/local/tomcat -R
RUN chmod +x /tmp/vid/localize.sh
-
-CMD ["/tmp/vid/localize.sh"]
\ No newline at end of file
+USER $user
+CMD ["/tmp/vid/localize.sh"]
Code Review / vid.git / blobdiff