From 1af9b08091d1a185781b9a7d06d20b78f70c1731 Mon Sep 17 00:00:00 2001 From: Alexander Mazuruk Date: Thu, 18 Feb 2021 17:26:53 +0100 Subject: [PATCH] Change bbs-e-p baseOS img to integration- Benefits from switching over: * minimal {java11,python} images maintained by integration team * using currently "blessed by seccom" versions (:latest tag used) * should limit spread of legal issues across layers * integration images will be the first to have automated compliance documentation * should limit spread of base layers (contributing to deployment footprint - more base layers = more to download, more to store etc...) Issue-ID: INT-1864 Issue-ID: DCAEGEN2-2420 Signed-off-by: Alexander Mazuruk Change-Id: I48f6dda04e8a31bf175501e82aa776aba34aba72 --- components/bbs-event-processor/Dockerfile | 18 +++++++++++------- components/bbs-event-processor/pom.xml | 2 +- components/bbs-event-processor/version.properties | 2 +- 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/components/bbs-event-processor/Dockerfile b/components/bbs-event-processor/Dockerfile index a9e6a898..226d0b8c 100644 --- a/components/bbs-event-processor/Dockerfile +++ b/components/bbs-event-processor/Dockerfile @@ -1,24 +1,28 @@ -FROM openjdk:11-jre-slim +FROM nexus3.onap.org:10001/onap/integration-java11:8.0.0 ARG PROJECT_BUILD_DIR_NAME ARG FINAL_JAR ARG DEPENDENCIES_DIR ARG DOCKER_ARTIFACT_DIR +ARG user=bbs-ep +ARG group=bbs-ep + #Add a new user and group to allow container to be run as non-root -RUN addgroup --system bbs-ep && adduser --system --ingroup bbs-ep bbs-ep +USER root +RUN addgroup $group && adduser --system --disabled-password --no-create-home --ingroup $group $user #Copy dependencies and executable jar WORKDIR ${DOCKER_ARTIFACT_DIR} -COPY ${PROJECT_BUILD_DIR_NAME}/${FINAL_JAR} . -COPY KeyStore.jks . -COPY KeyStorePass.txt . +COPY --chown=${user}:${group} ${PROJECT_BUILD_DIR_NAME}/${FINAL_JAR} . +COPY --chown=${user}:${group} KeyStore.jks . +COPY --chown=${user}:${group} KeyStorePass.txt . #Overcome Docker limitation to put ARG inside ENTRYPOINT RUN ln -s ${FINAL_JAR} bbs-ep.jar -COPY ${PROJECT_BUILD_DIR_NAME}/${DEPENDENCIES_DIR} ./${DEPENDENCIES_DIR} +COPY --chown=${user}:${group} ${PROJECT_BUILD_DIR_NAME}/${DEPENDENCIES_DIR} ./${DEPENDENCIES_DIR} EXPOSE 8100 -USER bbs-ep:bbs-ep +USER ${user} ENTRYPOINT ["java", "-jar", "bbs-ep.jar"] diff --git a/components/bbs-event-processor/pom.xml b/components/bbs-event-processor/pom.xml index eb47fccb..f37dce5c 100644 --- a/components/bbs-event-processor/pom.xml +++ b/components/bbs-event-processor/pom.xml @@ -12,7 +12,7 @@ org.onap.dcaegen2.services.components bbs-event-processor - 2.1.0-SNAPSHOT + 2.1.1-SNAPSHOT dcaegen2-services-bbs-event-processor BBS Re-Registration and CPE Authentication Handler diff --git a/components/bbs-event-processor/version.properties b/components/bbs-event-processor/version.properties index 4b2b9f13..3c5fba7f 100644 --- a/components/bbs-event-processor/version.properties +++ b/components/bbs-event-processor/version.properties @@ -1,5 +1,5 @@ major=2 -minor=0 +minor=1 patch=1 base_version=${major}.${minor}.${patch} release_version=${base_version} -- 2.16.6