Code Review / dmaap / kafka11aaf.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | review | tree
raw | inline | side by side
Merge "run container as non root user"
[dmaap/kafka11aaf.git] / src / main / docker / Dockerfile
diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile
index 7fa0d36..d08cc51 100644 (file)
--- a/src/main/docker/Dockerfile
+++ b/src/main/docker/Dockerfile
@@ -28,9 +28,14 @@ ENV PATH ${PATH}:${KAFKA_HOME}/bin
 ADD start-kafka.sh /usr/bin/start-kafka.sh
 ADD broker-list.sh /usr/bin/broker-list.sh
 ADD create-topics.sh /usr/bin/create-topics.sh
-# The scripts need to have executable permission
-RUN chmod a+x /usr/bin/start-kafka.sh && \
-    chmod a+x /usr/bin/broker-list.sh && \
-    chmod a+x /usr/bin/create-topics.sh
-# Use "exec" form so that it runs as PID 1 (useful for graceful shutdown)
+ADD start-kafkaOrMirrorMaker.sh /usr/bin/start-kafkaOrMirrorMaker.sh
+ADD start-mirrormaker.sh /usr/bin/start-mirrormaker.sh
+ADD kafka-run-class.sh ${KAFKA_HOME}/bin/kafka-run-class.sh
+
+RUN set -x \
+    && useradd kafka \
+    && chown -R kafka:kafka  /opt/kafka /opt/logs /opt/etc /kafka /tmp/kafka-logs /usr/bin
+
+USER kafka
+
 CMD ["start-kafkaOrMirrorMaker.sh"]
Creates a generic light weight kafka client library