FROM @aai.docker.namespace@/aai-common-@aai.base.image@:@aai.base.image.version@
-RUN mkdir -p /opt/aaihome/aaiadmin /opt/aai/logroot/AAI-RES
+RUN mkdir -p /opt/aaihome/aaiadmin /opt/aai/logroot/AAI-RES /opt/bulkprocess_load
+
-VOLUME /opt/aai/logroot/AAI-RES
VOLUME /tmp
VOLUME /opt/tools
HEALTHCHECK --interval=40s --timeout=10s --retries=3 CMD nc -z -v localhost ${SERVER_PORT:-8447} || exit 1
-# Add the proper files into the docker image from your build
-WORKDIR /opt/app/aai-resources
-COPY /maven/aai-resources/ .
+
ENV AAI_BUILD_VERSION @aai.docker.version@
# Expose the ports for outside linux to use
# 8447 is the important one to be used
EXPOSE 8447
-ENTRYPOINT ["/bin/bash", "/opt/app/aai-resources/docker-entrypoint.sh"]
\ No newline at end of file
+
+RUN groupadd aaiadmin -g 1000
+
+RUN adduser -u 1000 -h /opt/aaihome/aaiadmin -S -D -G aaiadmin -s /bin/bash aaiadmin
+
+# Add the proper files into the docker image from your build
+WORKDIR /opt/app/aai-resources
+
+RUN chown -R aaiadmin:aaiadmin /opt/app/aai-resources /etc/profile.d /opt/aai/logroot/AAI-RES /opt/bulkprocess_load
+
+COPY --chown=aaiadmin:aaiadmin /maven/aai-resources/ .
+
+USER aaiadmin
+
+ENTRYPOINT ["/bin/bash", "/opt/app/aai-resources/docker-entrypoint.sh"]
USER_ID=${LOCAL_USER_ID:-9001}
GROUP_ID=${LOCAL_GROUP_ID:-9001}
-if [ $(cat /etc/passwd | grep aaiadmin | wc -l) -eq 0 ]; then
-
- groupadd aaiadmin -g ${GROUP_ID} || {
- echo "Unable to create the group id for ${GROUP_ID}";
- exit 1;
- }
- useradd --shell=/bin/bash -u ${USER_ID} -g ${GROUP_ID} -o -c "" -m aaiadmin || {
- echo "Unable to create the user id for ${USER_ID}";
- exit 1;
- }
-fi;
-
-chown -R aaiadmin:aaiadmin /opt/app /opt/aai/logroot /opt/bulkprocess_load
find /opt/app/ -name "*.sh" -exec chmod +x {} +
if [ -f ${APP_HOME}/aai.sh ]; then
- gosu aaiadmin ln -s bin scripts
- gosu aaiadmin ln -s /opt/aai/logroot/AAI-RES logs
+ ln -s bin scripts
+ ln -s /opt/aai/logroot/AAI-RES logs
mv ${APP_HOME}/aai.sh /etc/profile.d/aai.sh
chmod 755 /etc/profile.d/aai.sh
if [ -f ${APP_HOME}/bin/${scriptName} ]; then
shift 1;
- gosu aaiadmin ${APP_HOME}/bin/${scriptName} "$@" || {
+ ${APP_HOME}/bin/${scriptName} "$@" || {
echo "Failed to run the ${scriptName}";
exit 1;
}
echo "Unable to find the updatePem script";
exit 1;
else
- gosu aaiadmin ${APP_HOME}/scripts/updatePem.sh
+ ${APP_HOME}/scripts/updatePem.sh
fi;
fi;
mkdir -p /opt/app/aai-resources/logs/gc
-chown -R aaiadmin:aaiadmin /opt/app/aai-resources/logs/gc
if [ -f ${APP_HOME}/resources/aai-resources-swm-vars.sh ]; then
source ${APP_HOME}/resources/aai-resources-swm-vars.sh;
MAX_HEAP_SIZE=${MAX_HEAP_SIZE:-1024m};
MAX_METASPACE_SIZE=${MAX_METASPACE_SIZE:-512m};
-JAVA_CMD="exec gosu aaiadmin java";
+JAVA_CMD="exec java";
JVM_OPTS="${PRE_JVM_ARGS} -Xloggc:/opt/app/aai-resources/logs/gc/aai_gc.log";
JVM_OPTS="${JVM_OPTS} -XX:HeapDumpPath=/opt/app/aai-resources/logs/ajsc-jetty/heap-dump";
Code Review / aai / resources.git / commitdiff