# ============LICENSE_START===================================================
# Copyright (C) 2020 China Mobile.
# Copyright (C) 2021 Wipro Limited
+# Copyright (C) 2021 Samsung Electronics.
# ============================================================================
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
#
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=====================================================
-
FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0
-MAINTAINER Kai Lu <lukai@chinamobile.com>
+LABEL maintainer="Kai Lu <lukai@chinamobile.com>"
+
+ARG user=datalake
+ARG group=datalake
EXPOSE 1681
USER root
-RUN addgroup datalake && adduser -G datalake -h /home/datalake -D datalake
-RUN mkdir /home/datalake/db_init
-
-WORKDIR /home/datalake
+WORKDIR /datalake
+RUN addgroup $group && adduser --system --shell /bin/false --disabled-password --no-create-home --ingroup $group $user && \
+ mkdir -p /datalake/db_init && \
+ chown -R $user:$group /datalake && \
+ chmod g+s /datalake
#add the fat jar
-COPY target/${JAR_FILE} .
-COPY src/assembly/run.sh .
-COPY src/assembly/init_db/db_scripts/init_db.sql .
-COPY src/assembly/init_db/db_scripts/init_db_data.sql .
-
-WORKDIR /home/datalake/db_init
-ADD src/assembly/init_db/scripts/db_init .
-
-WORKDIR /home/datalake
-
-RUN chmod -R 0755 ./* && \
- chown -R datalake:datalake /home/datalake
-
-RUN apk --update add postgresql-client curl
-
-USER datalake
-
-ENTRYPOINT /home/datalake/run.sh
+COPY --chown=$user:$group target/${JAR_FILE} .
+COPY --chown=$user:$group src/assembly/run.sh .
+COPY --chown=$user:$group src/assembly/init_db/db_scripts/init_db.sql .
+COPY --chown=$user:$group src/assembly/init_db/db_scripts/init_db_data.sql .
+COPY --chown=$user:$group src/assembly/init_db/scripts/db_init ./db_init/
+
+RUN chmod -R 0755 *.sql && \
+ chmod u+x run.sh && \
+ apk add --no-cache postgresql-client curl
+
+USER $user
+ENTRYPOINT ["/bin/sh"]
+CMD ["run.sh"]
FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0
-MAINTAINER Guobiao Mo <guobiaomo@chinamobile.com>
+LABEL maintainer="Guobiao Mo <guobiaomo@chinamobile.com>"
+
+ARG user=datalake
+ARG group=datalake
EXPOSE 1680
USER root
-RUN addgroup datalake && adduser -G datalake -h /home/datalake -D datalake
-RUN mkdir /home/datalake/db_init
-
-WORKDIR /home/datalake
+WORKDIR /datalake
+RUN addgroup $group && adduser --system --shell /bin/false --disabled-password --no-create-home --ingroup $group $user && \
+ chown -R $user:$group /datalake && \
+ chmod g+s /datalake && \
+ mkdir -p /datalake/db_init
#add the fat jar
-COPY target/${JAR_FILE} /home/datalake/
-COPY src/assembly/run.sh /home/datalake/
-
-WORKDIR /home/datalake/db_init
-ADD src/assembly/init_db/scripts/db_init .
-WORKDIR /home/datalake
-COPY src/assembly/init_db/db_scripts/init_db.sql .
-COPY src/assembly/init_db/db_scripts/init_db_data.sql .
-
-RUN chmod -R 0755 ./* && \
- chown -R datalake:datalake /home/datalake
-
-RUN apk --update add postgresql-client curl
-
-USER datalake
-
-ENTRYPOINT /home/datalake/run.sh
+COPY --chown=$user:$group target/${JAR_FILE} .
+COPY --chown=$user:$group src/assembly/run.sh .
+COPY --chown=$user:$group src/assembly/init_db/scripts/db_init ./db_init/
+COPY --chown=$user:$group src/assembly/init_db/db_scripts/init_db.sql .
+COPY --chown=$user:$group src/assembly/init_db/db_scripts/init_db_data.sql .
+
+RUN chmod -R 0755 *.sql && \
+ chmod u+x run.sh && \
+ apk add --no-cache postgresql-client curl
+
+USER $user
+ENTRYPOINT ["/bin/sh"]
+CMD ["run.sh"]
Code Review / dcaegen2 / services.git / commitdiff