# Base ubuntu with added packages needed for open ecomp
-FROM alpine:3.8
+FROM onap/ccsdk-alpine-j17-image:${ccsdk.docker.version} AS stage0
+USER root
+ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
+
+# copy deliverables to opt
+COPY opt /opt
+
+# Remediate log4shell vuln
+RUN apk add zip
+RUN zip -q -d /opt/onap/sdnc/dmaap-listener/lib/log4j-core-*.jar org/apache/logging/log4j/core/lookup/JndiLookup.class
+
+# End of stage 0
+
+FROM onap/ccsdk-alpine-j17-image:${ccsdk.docker.version}
MAINTAINER SDNC Team (onap-sdnc@lists.onap.org)
-ENV JAVA_HOME /usr/lib/jvm/java-1.8-openjdk
ENV SDNC_CONFIG_DIR /opt/onap/sdnc/data/properties
-
-RUN apk update && apk add \
- bash \
- git \
- openjdk8 \
- maven \
- mysql-client \
- nodejs \
- py-pip \
- graphviz \
- unzip \
- rsync
-# copy deliverables to opt
-COPY opt /opt
+USER root
+
+# Create sdnc user
+RUN addgroup -S sdnc && adduser -S sdnc -G sdnc
+
+# Copy /opt and change owner/group to sdnc
+COPY --from=stage0 --chown=sdnc:sdnc /opt /opt
+USER sdnc
Code Review / sdnc / oam.git / blobdiff