From: Huabing Zhao <zhaohuabing@gmail.com>
Date: Thu, 11 Apr 2019 02:09:56 +0000 (+0000)
Subject: Run kube2ms registrator as non-root user
X-Git-Tag: 1.2.6~4
X-Git-Url: https://gerrit.onap.org/r/gitweb?a=commitdiff_plain;h=e8adf17d10549708f6459d989cefa100a26d06f1;p=oom%2Fregistrator.git

Run kube2ms registrator as non-root user

Change-Id: I2165e080af7c6027548288432c8437503903ee12
Issue-ID: MSB-322
Signed-off-by: Huabing Zhao <zhaohuabing@gmail.com>
---

diff --git a/build/docker/Dockerfile b/build/docker/Dockerfile
index f25e592..511964d 100644
--- a/build/docker/Dockerfile
+++ b/build/docker/Dockerfile
@@ -1,4 +1,9 @@
 FROM alpine:3.3
 COPY kube2msb /bin/
 
+RUN addgroup -g 1000 msb && \
+    adduser -D -u 1000 -G msb msb && \
+    chown msb:msb /bin/kube2msb
+USER msb
+
 ENTRYPOINT /bin/kube2msb --kube_master_url=${KUBE_MASTER_URL} --auth_token=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token) --msb_url=${MSB_URL}