Code Review / sdc.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Run pods as non-root user
[sdc.git] / openecomp-be / dist / sdc-onboard-backend-docker / artifacts / Dockerfile
diff --git a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile
index e6a0dc1..acc84ab 100644 (file)
--- a/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile
+++ b/openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile
@@ -1,17 +1,15 @@
 FROM onap/base_sdc-jetty:1.6.0
 
-COPY chef-solo /root/chef-solo/
+COPY --chown=jetty:jetty chef-solo ${JETTY_BASE}/chef-solo/
 
-COPY chef-repo/cookbooks /root/chef-solo/cookbooks/
+COPY --chown=jetty:jetty chef-repo/cookbooks ${JETTY_BASE}/chef-solo/cookbooks/
 
 ADD --chown=jetty:jetty onboarding-be-*.war    ${JETTY_BASE}/webapps/
 
 ADD --chown=jetty:jetty api-docs.war           ${JETTY_BASE}/webapps/
 
-USER root
+COPY --chown=jetty:jetty startup.sh ${JETTY_BASE}/ 
 
-COPY startup.sh /root/
+RUN chmod 770 ${JETTY_BASE}/startup.sh
 
-RUN chmod 770 /root/startup.sh
-
-ENTRYPOINT [ "/root/startup.sh" ]
+ENTRYPOINT ${JETTY_BASE}/startup.sh
SDC Parent Project Catalog FE and BE