The format is based on [Keep a Changelog](http://keepachangelog.com/)
and this project adheres to [Semantic Versioning](http://semver.org/).
+## [1.0.2] - 3/26/2020
+ * Run as non-root
## [1.0.1] - 3/20/2020
* Adjust URL paths for consistency with DCAE GEN design tool
## [1.0.0] - 11/13/2019
# ============LICENSE_END======================================================
FROM python:3.7
+ARG UID=1000
+ARG GID=1000
COPY setup.py /tmp/build/
COPY aoconversion/ /tmp/build/aoconversion/
RUN apt-get update && \
cd /tmp/build/ && \
python setup.py install && \
cd / && \
- rm -rf /tmp/*
+ rm -rf /tmp/* && \
+ groupadd -g $GID dcaemod && \
+ useradd -s /bin/bash -u $UID -g $GID -m dcaemod
EXPOSE 9000
ENV PYTHONUNBUFFERED TRUE
+USER dcaemod
ENTRYPOINT [ "/usr/local/bin/acumos-adapter" ]
CMD [ "/run/config/config.yaml" ]
Gateway of the ACUMOS instance.
certfile - The file path for the PEM file containing the private key, etc.
dockerhost - (optional) The URL for the docker host. By default,
- unix:///var/run/docker.sock.
+ tcp://localhost:2375.
dockerregistry - The host:port for the ONAP docker registry.
dockeruser - The user ID for uploading images to the docker registry.
dockerpass - The password for uploading images to the docker registry.
Configuration parameters as attributes, make sure the required ones are there,
populate defaults.
"""
- def __init__(self, dcaeurl, dcaeuser, onboardingurl, onboardinguser, onboardingpass, certfile, dockerregistry, dockeruser, dockerpass, acumosurl=None, interval=900, dockerhost='unix:///var/run/docker.sock', tmpdir='/var/tmp/aoadapter', certverify=True, catalogs=None, port=None, **extras):
+ def __init__(self, dcaeurl, dcaeuser, onboardingurl, onboardinguser, onboardingpass, certfile, dockerregistry, dockeruser, dockerpass, acumosurl=None, interval=900, dockerhost='tcp://localhost:2375', tmpdir='/var/tmp/aoadapter', certverify=True, catalogs=None, port=None, **extras):
self.dcaeurl = dcaeurl
self.dcaeuser = dcaeuser
else:
solution = aa.jsonget('/solutions/{}', self.qparams['solutionId'])
onboard(aa, callback, solution, self.qparams['revisionId'])
- self.replyraw('OK', 'text/plain')
+ self.replyraw('OK'.encode('utf-8'), 'text/plain')
return
self.send_error(400)
<modelVersion>4.0.0</modelVersion>
<groupId>org.onap.dcaegen2.platform.adapter</groupId>
<artifactId>dcaegen2-platform-adapter-acumos</artifactId>
- <version>1.0.1</version>
+ <version>1.0.2-SNAPSHOT</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<sonar.sources>.</sonar.sources>
setup(
name="aoconversion",
- version="1.0.1",
+ version="1.0.2",
packages=find_packages(exclude=["tests.*", "tests"]),
author="Tommy Carpenter, Andrew Gauld",
author_email="tommy@research.att.com, agauld@att.com",
<version>1.0.1-SNAPSHOT</version>
</parent>
<artifactId>designtool-web</artifactId>
+ <version>1.0.2-SNAPSHOT</version>
<packaging>war</packaging>
<name>dcaegen2-platform-mod-designtool-web</name>
<properties>
<dependency>
<groupId>org.onap.dcaegen2.platform.mod</groupId>
<artifactId>nifi-war-to-jar</artifactId>
- <version>${project.version}</version>
+ <version>1.0.1-SNAPSHOT</version>
<scope>provided</scope>
</dependency>
<dependency>
# replace value conditionally if the property name exists otherwise append
if grep -q 'nifi.dcae.jars.index.url' $nifi_props_file
then
- prop_replace 'nifi.dcae.jars.index.url' "${NIFI_DCAE_JARS_INDEX_URL:-http://genprocessor-http/nifi-jars/}"
+ prop_replace 'nifi.dcae.jars.index.url' "${NIFI_DCAE_JARS_INDEX_URL:-http://genprocessor-http:8080/nifi-jars/}"
else
- prop_append 'nifi.dcae.jars.index.url' "${NIFI_DCAE_JARS_INDEX_URL:-http://genprocessor-http/nifi-jars/}"
-fi
-
-if grep -q 'nifi.ui.dcae.distibutor.api.url' $nifi_props_file
-then
- prop_replace 'nifi.ui.dcae.distibutor.api.url' "${NIFI_DCAE_DISTRIBUTOR_API_URL:-http://distributor-api}"
-else
- prop_append 'nifi.ui.dcae.distibutor.api.url' "${NIFI_DCAE_DISTRIBUTOR_API_URL:-http://distributor-api}"
+ prop_append 'nifi.dcae.jars.index.url' "${NIFI_DCAE_JARS_INDEX_URL:-http://genprocessor-http:8080/nifi-jars/}"
fi
. "${scripts_dir}/update_cluster_state_management.sh"
--- /dev/null
+# Change Log
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](http://keepachangelog.com/)
+and this project adheres to [Semantic Versioning](http://semver.org/).
+
+## [1.0.1] - 3/26/2020
+ * Run as non-root
+## [1.0.0] - 11/11/2019
+ * Distributor API - initial version
# ============LICENSE_END=========================================================
FROM python:3.7-alpine
+ARG UID=1000
+ARG GID=1000
COPY . /code
WORKDIR /code
-RUN pip install .
-EXPOSE 80
+RUN pip install . && \
+ addgroup -g $GID dcaemod && \
+ adduser -s /bin/bash -u $UID -G dcaemod -D dcaemod
+USER dcaemod
+EXPOSE 8080
ENV DISTRIBUTOR_DEBUG=0
CMD start-distributor-api
global onboarding_api_url
onboarding_api_url = _grab_env("ONBOARDING_API_URL"
- , default="http://onboarding-api/onboarding")
+ , default="http://onboarding-api:8080/onboarding")
if is_debug():
_app.run(debug=True)
else:
- _app.run(host="0.0.0.0", port=80, debug=False)
+ _app.run(host="0.0.0.0", port=8080, debug=False)
# See the License for the specific language governing permissions and
# limitations under the License.
# ============LICENSE_END=========================================================
-__version__ = "1.0.0"
+__version__ = "1.0.1"
<groupId>org.onap.dcaegen2.platform.mod</groupId>
<artifactId>dcaegen2-platform-mod-distributorapi</artifactId>
<!-- NOTE: Must keep this version synchronized with the version in distributor/version.py file -->
- <version>1.0.0</version>
+ <version>1.0.1-SNAPSHOT</version>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<sonar.sources>.</sonar.sources>
server {
- listen 80;
+ listen 8080;
server_name localhost;
location / {
</parent>
<groupId>org.onap.dcaegen2.platform.mod</groupId>
<artifactId>genprocessor</artifactId>
- <version>1.0.0</version>
+ <version>1.0.1-SNAPSHOT</version>
<name>dcaegen2-platform-mod-genprocessor</name>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</files>
</inline>
</assembly>
+ <runCmds>
+ <runCmd>groupadd -g 1000 dcaemod && useradd --shell /bin/bash -u 1000 -g 1000 -m dcaemod</runCmd>
+ </runCmds>
+ <user>dcaemod</user>
<entryPoint>
<exec>
<arg>nginx</arg>
<assembly>
<descriptorRef>artifact-with-dependencies</descriptorRef>
</assembly>
+ <runCmds>
+ <runCmd>groupadd -g 1000 dcaemod && useradd --shell /bin/bash -u 1000 -g 1000 -m dcaemod && mkdir -p /work && chown dcaemod:dcaemod /work</runCmd>
+ </runCmds>
<workdir>/maven</workdir>
<env>
<GENPROC_WORKING_DIR>/work</GENPROC_WORKING_DIR>
- <GENPROC_ONBOARDING_API_HOST>http://onboarding-api/onboarding</GENPROC_ONBOARDING_API_HOST>
+ <GENPROC_ONBOARDING_API_HOST>http://onboarding-api:8080/onboarding</GENPROC_ONBOARDING_API_HOST>
<GENPROC_SLEEP_SEC>10</GENPROC_SLEEP_SEC>
</env>
+ <user>dcaemod</user>
<entryPoint>
<exec>
<arg>java</arg>
and this project adheres to [Semantic Versioning](http://semver.org/).
+## [2.12.1]
+
+* Run as non-root
+
## [2.12.0]
* Add HTTP support using Flask/flask-restplus
FROM python:3.7-alpine
-RUN apk update && \
- apk add --virtual build-deps gcc python-dev musl-dev && \
- apk add postgresql-dev bash
+ARG UID=1000
+ARG GID=1000
+
COPY . /code
WORKDIR /code
-RUN pip install . \
- && mkdir -p ~/.config/dcae-cli
-EXPOSE 80
+RUN apk update && \
+ apk add --virtual build-deps gcc python-dev musl-dev && \
+ apk add postgresql-dev bash && \
+ addgroup -g $GID dcaemod && \
+ adduser -s /bin/bash -u $UID -G dcaemod -D dcaemod && \
+ pip install .
+
+EXPOSE 8080
+USER dcaemod
CMD /code/start.sh
# ECOMP is a trademark and service mark of AT&T Intellectual Property.
# -*- coding: utf-8 -*-
-__version__ = "2.12.0"
+__version__ = "2.12.1"
if debug:
_app.run(debug=True)
else:
- _app.run(host="0.0.0.0", port=80, debug=False)
+ _app.run(host="0.0.0.0", port=8080, debug=False)
<groupId>org.onap.dcaegen2.platform.mod</groupId>
<artifactId>dcaegen2-platform-mod-onboardingapi</artifactId>
<name>dcaegen2-platform-mod-onboardingapi</name>
- <version>2.12.0</version>
+ <version>2.12.1-SNAPSHOT</version>
<url>http://maven.apache.org</url>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
exit 1
fi
+mkdir -p ~/.config/dcae-cli
if [ ! -f ~/.config/dcae-cli/config.json ]; then
echo "Creating dcae-cli config"
# TODO: Make this into a variable that gets fed in via docker run
<version>1.0.1</version>
</parent>
<artifactId>runtime-web</artifactId>
- <version>1.0.1</version>
+ <version>1.0.2-SNAPSHOT</version>
<packaging>jar</packaging>
<name>runtime-web</name>
<description>MOD Runtime Web Module</description>
<assembly>
<descriptorRef>artifact</descriptorRef>
</assembly>
+ <runCmds>
+ <runCmd>addgroup -g 1000 dcaemod && adduser -s /bin/bash -u 1000 -G dcaemod -D dcaemod</runCmd>
+ </runCmds>
<workdir>/maven</workdir>
<volumes>
<volume>/tmp</volume>
<ports>
<port>9090</port>
</ports>
+ <user>dcaemod</user>
<entryPoint>
<exec>
<arg>java</arg>
Code Review / dcaegen2 / platform.git / commitdiff