From: Sunder Tattavarada <statta@research.att.com>
Date: Mon, 6 Apr 2020 19:15:08 +0000 (+0000)
Subject: Merge "Assign default user sort type issue is fixed" into release-3.2.0
X-Git-Tag: 3.2.0~3
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=9c963ec9b87693d80c0a0b6d2f8b94a1196d13e6;hp=05f52f4488ac441f31b2857134542f9864595168;p=portal.git

Merge "Assign default user sort type issue is fixed" into release-3.2.0
---

diff --git a/deliveries/Dockerfile.be b/deliveries/Dockerfile.be
index afc39816..21bb1a2c 100644
--- a/deliveries/Dockerfile.be
+++ b/deliveries/Dockerfile.be
@@ -39,7 +39,9 @@ RUN cd ${PORTALCONTEXT} && unzip -q *.war && rm *.war
 
 VOLUME ${TOMCATHOME}/logs
 
+# Switch to unprivileged user
 RUN addgroup -g 1000 -S portal && adduser -u 1000 -S portal -G portal && chown -R portal:portal . && chmod -R 777 /etc/ssl/certs/java /var/
+USER portal
 
 # Switch back to root
 WORKDIR /
diff --git a/deliveries/Dockerfile.portal b/deliveries/Dockerfile.portal
index f12a3e30..cce3ed09 100644
--- a/deliveries/Dockerfile.portal
+++ b/deliveries/Dockerfile.portal
@@ -41,6 +41,10 @@ COPY ${FE_DIR} ${PORTALCONTEXT}/public
 
 VOLUME ${TOMCATHOME}/logs
 
+# Switch to unprivileged user
+RUN addgroup -g 1000 -S portal && adduser -u 1000 -S portal -G portal
+USER portal
+
 # Switch back to root
 WORKDIR /
 
diff --git a/deliveries/Dockerfile.sdk b/deliveries/Dockerfile.sdk
index 5f96aaad..4757d8a4 100644
--- a/deliveries/Dockerfile.sdk
+++ b/deliveries/Dockerfile.sdk
@@ -38,6 +38,10 @@ RUN cd ${SDKCONTEXT} && unzip -q *.war && rm *.war
 
 VOLUME ${TOMCATHOME}/logs
 
+# Switch to unprivileged user
+RUN addgroup -g 1000 -S portal && adduser -u 1000 -S portal -G portal
+USER portal
+
 # Switch back to root
 WORKDIR /
 
diff --git a/deliveries/Dockerfile.widgetms b/deliveries/Dockerfile.widgetms
index 82a2e4c6..8f4b1072 100644
--- a/deliveries/Dockerfile.widgetms
+++ b/deliveries/Dockerfile.widgetms
@@ -14,7 +14,9 @@ RUN sh -c 'touch /app.jar'
 # Launch script
 COPY start-wms.sh /
 
+# Switch to unprivileged user
 RUN addgroup -g 1000 -S portal && adduser -u 1000 -S portal -G portal && mkdir logs / && chown -R portal:portal /start-wms.sh /tmp /etc/ssl/certs/java /logs && chmod -R 755 /start-wms.sh /etc/ssl/certs/java /logs /tmp
+USER portal
 
 # Define default command
 CMD /start-wms.sh