Code Review / sdc.git / commit
? search:
summary | shortlog | log | commit | commitdiff | review | tree
(parent: 1dcbd56) | patch
Run pods as non-root user 37/103437/3
authorMichaelMorris <michael.morris@est.tech>
Tue, 10 Mar 2020 12:37:48 +0000 (12:37 +0000)
committerOfir Sonsino <ofir.sonsino@intl.att.com>
Mon, 16 Mar 2020 08:45:20 +0000 (08:45 +0000)
commita2abf6ea18d512d367277bacaf7476754dc0eff5
tree595dbda50b67c33936b754b0930416e892ff3ea2tree | snapshot
parent1dcbd56c897602f15f6659e113fd4c8011227fc2commit | diff
Run pods as non-root user

Summary of changes:
sdc-cassandra-init
Added user sdc (in base image base_sdc-cqlsh - https://gerrit.onap.org/r/103436)
Run entrypoint as user sdc
Moved relevant files from /root/ to /home/sdc/

sdc-backend-init
Added user sdc (in base image base_sdc-python - https://gerrit.onap.org/r/103436)
Run entrypoint as user sdc
Moved relevant files from /root/ to /home/sdc/

sdc-backend
Run entrypoint as user jetty
Moved relevant files from /root/ to /var/lib/jetty/
Moved cadi & cert files from /opt/app/jetty to /var/lib/jetty/
Moved ready_probe from /var/lib/read-probe.sh to /var/lib/jetty/read-probe.sh

sdc-frontend
Run entrypoint as user jetty
Moved relevant files from /root/ to /var/lib/jetty/
Moved ready_probe from /var/lib/read-probe.sh to /var/lib/jetty/read-probe.sh

sdc-onboard-backend-docker
Run entrypoint as user jetty
Moved relevant files from /root/ to /var/lib/jetty/
Moved ready_probe from /var/lib/read-probe.sh to /var/lib/jetty/read-probe.sh

sdc-onboard-db-init-docker
Run entrypoint as user sdc
Added user sdc (in base image base_sdc-cqlsh - https://gerrit.onap.org/r/103436)
Moved relevant files from /root/ to /home/sdc/

Signed-off-by: MichaelMorris <michael.morris@est.tech>
Issue-ID: SDC-2798
Change-Id: I85be320a4a5e1cc5aeebbb98c4484d5d6fd06dfc
25 files changed:
.gitignore diff | blob | history
asdctool/sdc-cassandra-init/Dockerfile diff | blob | history
asdctool/sdc-cassandra-init/startup.sh diff | blob | history
catalog-be/sdc-backend-init/Dockerfile diff | blob | history
catalog-be/sdc-backend-init/startup.sh diff | blob | history
catalog-be/sdc-backend/Dockerfile diff | blob | history
catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/files/default/cadi.properties diff | blob | history
catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/files/default/cadi_truststore.jks diff | blob | history
catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/files/default/keyfile diff | blob | history
catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_10_setup_cadi.rb diff | blob | history
catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/recipes/BE_9_prepareProbeFile.rb diff | blob | history
catalog-be/sdc-backend/chef-repo/cookbooks/sdc-catalog-be/templates/default/BE-distribution-engine-configuration.yaml.erb diff | blob | history
catalog-be/sdc-backend/startup.sh diff | blob | history
catalog-be/src/main/resources/cadi.properties diff | blob | history
catalog-be/src/main/resources/config/configuration.yaml diff | blob | history
catalog-be/src/main/resources/config/distribution-engine-configuration.yaml diff | blob | history
catalog-fe/sdc-frontend/Dockerfile diff | blob | history
catalog-fe/sdc-frontend/chef-repo/cookbooks/sdc-catalog-fe/recipes/FE_8_prepareProbeFile.rb diff | blob | history
catalog-fe/sdc-frontend/startup.sh diff | blob | history
openecomp-be/dist/sdc-onboard-backend-docker/artifacts/Dockerfile diff | blob | history
openecomp-be/dist/sdc-onboard-backend-docker/artifacts/chef-repo/cookbooks/sdc-onboard-backend/recipes/ON_6_prepareProbeFile.rb diff | blob | history
openecomp-be/dist/sdc-onboard-backend-docker/artifacts/startup.sh diff | blob | history
openecomp-be/dist/sdc-onboard-db-init-docker/artifacts/Dockerfile diff | blob | history
openecomp-be/dist/sdc-onboard-db-init-docker/artifacts/startup.sh diff | blob | history
sdc-os-chef/scripts/docker_run.sh diff | blob | history
SDC Parent Project Catalog FE and BE