Fixed the c3p0 issue found by NexusIQ

[holmes/rule-management.git] / rulemgt-standalone / src / main / assembly / Dockerfile

diff --git a/rulemgt-standalone/src/main/assembly/Dockerfile b/rulemgt-standalone/src/main/assembly/Dockerfile
index fb45a5b..f5d8959 100644 (file)
--- a/rulemgt-standalone/src/main/assembly/Dockerfile
+++ b/rulemgt-standalone/src/main/assembly/Dockerfile
@@ -2,7 +2,7 @@ FROM openresty/openresty:alpine
 
 MAINTAINER "Guangrong Fu" <fu.guangrong@zte.com.cn>
 
-EXPOSE 9101 9104 9201
+EXPOSE 9101 9104 9105 9201
 
 ENV HOSTNAME holmes-rule-mgmt
 
@@ -22,7 +22,7 @@ RUN { \
 ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
 ENV PATH $PATH:/usr/lib/jvm/java-1.8-openjdk/jre/bin:/usr/lib/jvm/java-1.8-openjdk/bin
 
-ENV JAVA_ALPINE_VERSION 8.181.13-r0
+ENV JAVA_ALPINE_VERSION 8.191.12-r0
 
 RUN set -x \
        && apk add --no-cache \
@@ -35,16 +35,28 @@ RUN apk upgrade \
     && apk add --no-cache curl \
     && apk add --no-cache postgresql-client=10.5-r0
 
+
+
 #add the frontend pacakge to the docker images
 RUN rm /etc/nginx/conf.d/default.conf
-ADD holmes-rulemgt-frontend-*.tar.gz /usr/local/openresty/nginx/html
+RUN mkdir -p /etc/ssl/certs/
+RUN mkdir /etc/ssl/private
+ADD holmes-rulemgt-frontend-*.tar.gz /usr/local/openresty/nginx/html/
 ADD nginx.conf /usr/local/openresty/nginx/conf
+ADD holmes-frontend.key /etc/ssl/private
+ADD holmes-frontend-selfsigned.crt /etc/ssl/certs
+ADD dhparam.pem /etc/ssl/certs
+
+#switch the user to holmes
+RUN addgroup -S holmes && adduser -S -G holmes holmes
 
 #add the backend package to the docker image
-RUN mkdir /home/holmes
 WORKDIR /home/holmes
 ADD holmes-rulemgt-standalone-*-linux64.tar.gz /home/holmes/
+RUN chmod -R a+rw /home/holmes/
+RUN chmod -R a+rw /var/log/
 RUN chmod 755 /home/holmes/bin/*.sh
 
+USER holmes
 CMD ["sh", "/home/holmes/bin/run.sh"]