Code Review
/
nonrtric.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
review
|
tree
raw
|
inline
| side by side
Update Dockerfile to use non root user
[nonrtric.git]
/
r-app-catalogue
/
Dockerfile
diff --git
a/r-app-catalogue/Dockerfile
b/r-app-catalogue/Dockerfile
index
cd2efc9
..
474a3ce
100644
(file)
--- a/
r-app-catalogue/Dockerfile
+++ b/
r-app-catalogue/Dockerfile
@@
-27,13
+27,16
@@
RUN mkdir -p /opt/app/r-app-catalogue/etc/cert/
EXPOSE 8680 8633
EXPOSE 8680 8633
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+RUN chown -R appuser:appuser /opt/app/r-app-catalogue/
+RUN chown -R appuser:appuser /var/log/r-app-catalogue/
+USER appuser
+
ADD /config/application.yaml /opt/app/r-app-catalogue/config/application.yaml
ADD /config/r-app-catalogue-keystore.jks /opt/app/r-app-catalogue/etc/cert/keystore.jks
ADD target/${JAR} /opt/app/r-app-catalogue/r-app-catalogue.jar
ADD /config/application.yaml /opt/app/r-app-catalogue/config/application.yaml
ADD /config/r-app-catalogue-keystore.jks /opt/app/r-app-catalogue/etc/cert/keystore.jks
ADD target/${JAR} /opt/app/r-app-catalogue/r-app-catalogue.jar
-
-RUN chmod -R 777 /opt/app/r-app-catalogue/config/
-
CMD ["java", "-jar", "/opt/app/r-app-catalogue/r-app-catalogue.jar"]
CMD ["java", "-jar", "/opt/app/r-app-catalogue/r-app-catalogue.jar"]