Code Review
/
nonrtric.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Update Dockerfile to use non root user
[nonrtric.git]
/
r-app-catalogue
/
Dockerfile
diff --git
a/r-app-catalogue/Dockerfile
b/r-app-catalogue/Dockerfile
index
a85f57d
..
474a3ce
100644
(file)
--- a/
r-app-catalogue/Dockerfile
+++ b/
r-app-catalogue/Dockerfile
@@
-23,15
+23,20
@@
ARG JAR
WORKDIR /opt/app/r-app-catalogue
RUN mkdir -p /var/log/r-app-catalogue
WORKDIR /opt/app/r-app-catalogue
RUN mkdir -p /var/log/r-app-catalogue
+RUN mkdir -p /opt/app/r-app-catalogue/etc/cert/
-EXPOSE 8081 8433
+EXPOSE 8680 8633
+
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+RUN chown -R appuser:appuser /opt/app/r-app-catalogue/
+RUN chown -R appuser:appuser /var/log/r-app-catalogue/
+USER appuser
ADD /config/application.yaml /opt/app/r-app-catalogue/config/application.yaml
ADD /config/application.yaml /opt/app/r-app-catalogue/config/application.yaml
+ADD /config/r-app-catalogue-keystore.jks /opt/app/r-app-catalogue/etc/cert/keystore.jks
ADD target/${JAR} /opt/app/r-app-catalogue/r-app-catalogue.jar
ADD target/${JAR} /opt/app/r-app-catalogue/r-app-catalogue.jar
-
-RUN chmod -R 777 /opt/app/r-app-catalogue/config/
-
CMD ["java", "-jar", "/opt/app/r-app-catalogue/r-app-catalogue.jar"]
CMD ["java", "-jar", "/opt/app/r-app-catalogue/r-app-catalogue.jar"]