COPY org.onap.sdc.p12 org.onap.sdc.trust.jks ${JETTY_BASE}/etc/
-ADD ${ARTIFACT} ${JETTY_BASE}/webapps/
+ADD --chown=jetty:jetty ${ARTIFACT} ${JETTY_BASE}/webapps/
RUN chown -R jetty:jetty ${JETTY_BASE}/webapps ${JETTY_BASE}/etc/
-COPY startup.sh .
+COPY --chown=jetty:jetty startup.sh .
RUN chmod 744 startup.sh
+USER jetty
ENTRYPOINT [ "./startup.sh" ]