Run multicloud-azure docker as non-root user

Change-Id: I4e5f13a1794bf1910ed485a86fa156cb226be7c1
Issue-ID: MULTICLOUD-498
Signed-off-by: Sudhakar Reddy <Sudhakar.Reddy@amdocs.com>

diff --git a/azure/docker/Dockerfile b/azure/docker/Dockerfile
index cc2647e..9fd35da 100644 (file)
--- a/azure/docker/Dockerfile
+++ b/azure/docker/Dockerfile
@@ -18,6 +18,7 @@ RUN apt-get update && \
     apt-get install -y wget
 RUN apt-get install -y python-dev gcc libffi-dev libssl-dev make
 
+RUN groupadd -r onap && useradd -r -g onap onap
 # ARIA orchestrator addition
 RUN pip install -U pip setuptools
 COPY /aria/ /tmp/
@@ -48,8 +49,12 @@ RUN  cd /opt/ && \
     wget -q -O multicloud-azure.zip 'https://nexus.onap.org/service/local/artifact/maven/redirect?r=snapshots&g=org.onap.multicloud.azure&a=multicloud-azure&v=LATEST&e=zip' && \
     unzip multicloud-azure.zip && \
     rm -rf multicloud-azure.zip && \
-    pip install -r multicloud_azure/requirements.txt
+    pip install -r multicloud_azure/requirements.txt && \
+    chown onap:onap /opt/multicloud_azure -R
+
+RUN mkdir /home/onap && chown onap:onap /home/onap -R
 
 WORKDIR /opt
 RUN chmod +x multicloud_azure/docker/*.sh && chmod +x multicloud_azure/*.sh
+USER onap
 ENTRYPOINT multicloud_azure/docker/docker-entrypoint.sh

diff --git a/azure/docker/build_image.sh b/azure/docker/build_image.sh
old mode 100644 (file)
new mode 100755 (executable)

diff --git a/azure/docker/docker-entrypoint.sh b/azure/docker/docker-entrypoint.sh
old mode 100644 (file)
new mode 100755 (executable)

diff --git a/azure/docker/instance-config.sh b/azure/docker/instance-config.sh
old mode 100644 (file)
new mode 100755 (executable)

diff --git a/azure/docker/instance-init.sh b/azure/docker/instance-init.sh
old mode 100644 (file)
new mode 100755 (executable)

diff --git a/azure/docker/instance-run.sh b/azure/docker/instance-run.sh
old mode 100644 (file)
new mode 100755 (executable)