From b461e34d743867b0d9cc6d890475a81617e3578a Mon Sep 17 00:00:00 2001
From: Wojciech Sliwka <wojciech.sliwka@nokia.com>
Date: Mon, 8 Apr 2019 15:12:40 +0200
Subject: [PATCH] Run tomcat as onap user

Issue-ID: VID-423
Change-Id: I5ec25252e325216e0835c55ae9b8ddb47ce11161
Signed-off-by: Wojciech Sliwka <wojciech.sliwka@nokia.com>
---
 deliveries/src/main/docker/docker-files/Dockerfile | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/deliveries/src/main/docker/docker-files/Dockerfile b/deliveries/src/main/docker/docker-files/Dockerfile
index 3f9c1ade3..9b468530d 100755
--- a/deliveries/src/main/docker/docker-files/Dockerfile
+++ b/deliveries/src/main/docker/docker-files/Dockerfile
@@ -3,6 +3,8 @@ FROM tomcat:8.0-jre8-alpine
 # add vim and uncomment alias to speedup troubleshooting purpose
 RUN apk update && apk add openjdk8 vim net-tools
 
+RUN adduser --disabled-password onap onap
+RUN mkdir -p /opt/app
 COPY conf.d/ /etc/onap/vid/conf.d/
 
 # MariaDB variables
@@ -90,6 +92,7 @@ ADD maven/config/server.xml ${VID_TOMCAT_PATH}
 ADD maven/scripts/*.sh /tmp/vid/
 ADD maven/artifacts/vid.war /tmp/vid/stage/
 
+RUN chown onap:onap /tmp/vid /usr/local/tomcat /etc/onap/vid /opt/app -R
 RUN chmod +x /tmp/vid/localize.sh
-
-CMD ["/tmp/vid/localize.sh"]
\ No newline at end of file
+USER onap
+CMD ["/tmp/vid/localize.sh"]
-- 
2.16.6