Updated dmaap-listener and ueb-listener Dockerfiles to run as non-root
user 'sdnc'.
Change-Id: I2bb0e4d8677c37b6311f70463c18e7d0a7bfdb0d
Issue-ID: SDNC-1145
Signed-off-by: Dan Timoney <dtimoney@att.com>
Former-commit-id:
986379139be8097c1c3ef35f09b606593ccf518c
# Base ubuntu with added packages needed for open ecomp
# Base ubuntu with added packages needed for open ecomp
+FROM alpine:3.8 AS stage0
+
+ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
+ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
+
+# copy deliverables to opt
+COPY opt /opt
+
+# End of stage 0
+
FROM alpine:3.8
MAINTAINER SDNC Team (onap-sdnc@lists.onap.org)
ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
FROM alpine:3.8
MAINTAINER SDNC Team (onap-sdnc@lists.onap.org)
ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
RUN apk update && apk add \
bash \
git \
RUN apk update && apk add \
bash \
git \
-# copy deliverables to opt
-COPY opt /opt
+# Create sdnc user
+RUN addgroup -S sdnc && adduser -S sdnc -G sdnc
+
+
+# Copy /opt and change owner/group to sdnc
+COPY --from=stage0 --chown=sdnc:sdnc /opt /opt
+USER sdnc
\ No newline at end of file
# Base alpine with added packages needed for open ecomp
# Base alpine with added packages needed for open ecomp
-FROM onap/ccsdk-alpine-image:${ccsdk.docker.version}
-MAINTAINER SDNC Team (onap-sdnc@lists.onap.org)
+FROM onap/ccsdk-alpine-image:${ccsdk.docker.version} AS stage0
+
ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
# copy deliverables to opt
COPY opt /opt
# copy deliverables to opt
COPY opt /opt
+# End of stage0
+
+FROM onap/ccsdk-alpine-image:${ccsdk.docker.version}
+MAINTAINER SDNC Team (onap-sdnc@lists.onap.org)
+
+ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
+ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
+
+USER root
+
+
+# Create sdnc user
+RUN addgroup -S sdnc && adduser -S sdnc -G sdnc
+
+# Copy /opt and change user/owner to sdnc
+COPY --from=stage0 --chown=sdnc:sdnc /opt /opt
+USER sdnc
\ No newline at end of file