Code Review
/
portal
/
nonrtric-controlpanel.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Use non-root user in Dockerfile for nonrtric-gateway
[portal/nonrtric-controlpanel.git]
/
nonrtric-gateway
/
Dockerfile
diff --git
a/nonrtric-gateway/Dockerfile
b/nonrtric-gateway/Dockerfile
index
f803a9c
..
5472edf
100644
(file)
--- a/
nonrtric-gateway/Dockerfile
+++ b/
nonrtric-gateway/Dockerfile
@@
-29,7
+29,14
@@
EXPOSE 9090
ADD /config/application.yaml /opt/app/nonrtric-gateway/config/application.yaml
ADD target/${JAR} /opt/app/nonrtric-gateway/nonrtric-gateway.jar
ADD /config/application.yaml /opt/app/nonrtric-gateway/config/application.yaml
ADD target/${JAR} /opt/app/nonrtric-gateway/nonrtric-gateway.jar
+ARG user=nonrtric
+ARG group=nonrtric
-RUN chmod -R 777 /opt/app/nonrtric-gateway/config/
+RUN groupadd $user && \
+ useradd -r -g $group $user
+RUN chown -R $user:$group /opt/app/nonrtric-gateway
+RUN chown -R $user:$group /var/log/nonrtric-gateway
+
+USER ${user}
CMD ["java", "-jar", "/opt/app/nonrtric-gateway/nonrtric-gateway.jar"]
CMD ["java", "-jar", "/opt/app/nonrtric-gateway/nonrtric-gateway.jar"]