# limitations under the License.
# ============LICENSE_END====================================================
#
-FROM openjdk:8-jre-alpine
+FROM openjdk:11.0.5-jre-slim
MAINTAINER DMAAP Team
WORKDIR /opt/app/dmaapbc
-RUN mv etc/dbc-api.jks etc/keystore && \
+RUN apt-get update && \
+ apt-get install -y \
+ curl \
+ jq \
+ openssl \
+ net-tools \
+ wget \
+ procps \
+ bash
+
+# Install AAF CA certificate
+RUN apt install ca-certificates
+RUN mkdir -p /usr/local/share/ca-certificates && \
+ mv misc/aaf-ca.crt /usr/local/share/ca-certificates/aaf-ca.crt
+RUN update-ca-certificates
+
+
+#prepare certificate location for cadi
+RUN mkdir -p /opt/app/osaaf && \
+ ln -s /opt/app/dmaapbc/etc /opt/app/osaaf/local
+
+RUN mv etc/org.onap.dmaap-bc.jks etc/keystore && \
chmod 600 etc/keystore && \
chmod 600 etc/org.onap.dmaap-bc.trust.jks && \
- chmod +x misc/cert-client-init.sh && \
chmod +x bin/* && \
mkdir logs && \
mkdir www && \
VOLUME /opt/app/dmaapbc/log
+RUN addgroup --system -gid 1001 onap \
+ && adduser --ingroup onap --system --disabled-password --no-create-home --uid 1000 dbc \
+ && chown -R dbc:onap /opt/
+
+USER dbc
+
ENTRYPOINT ["sh", "./bin/dmaapbc", "deploy"]