summary |
shortlog |
log |
commit | commitdiff |
review |
tree
raw |
patch |
inline | side by side (from parent 1:
534a1fe)
There are side effects when using non root user in Dockerfile(s)
Need further investigation
Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech>
Change-Id: Idc8d45084d9bee28f52c5e236b652d3f4d497d7a
14 files changed:
ADD /config/keystore.jks /opt/app/policy-agent/etc/cert/keystore.jks
ADD /config/truststore.jks /opt/app/policy-agent/etc/cert/truststore.jks
ADD /config/keystore.jks /opt/app/policy-agent/etc/cert/keystore.jks
ADD /config/truststore.jks /opt/app/policy-agent/etc/cert/truststore.jks
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-RUN chown -R appuser:appuser /opt/app/policy-agent
-RUN chown -R appuser:appuser /var/log/policy-agent
-USER appuser
+RUN chmod -R 777 /opt/app/policy-agent/config/
+RUN chmod -R 777 /opt/app/policy-agent/data/
ADD target/${JAR} /opt/app/policy-agent/policy-agent.jar
CMD ["java", "-jar", "/opt/app/policy-agent/policy-agent.jar"]
ADD target/${JAR} /opt/app/policy-agent/policy-agent.jar
CMD ["java", "-jar", "/opt/app/policy-agent/policy-agent.jar"]
RUN mkdir -p /var/log/dmaap-adaptor-service
RUN mkdir -p /opt/app/dmaap-adaptor-service/etc/cert/
RUN mkdir -p /var/dmaap-adaptor-service
RUN mkdir -p /var/log/dmaap-adaptor-service
RUN mkdir -p /opt/app/dmaap-adaptor-service/etc/cert/
RUN mkdir -p /var/dmaap-adaptor-service
+RUN chmod -R 777 /var/dmaap-adaptor-service
ADD /config/application.yaml /opt/app/dmaap-adaptor-service/config/application.yaml
ADD /config/application_configuration.json /opt/app/dmaap-adaptor-service/data/application_configuration.json_example
ADD /config/keystore.jks /opt/app/dmaap-adaptor-service/etc/cert/keystore.jks
ADD /config/truststore.jks /opt/app/dmaap-adaptor-service/etc/cert/truststore.jks
ADD /config/application.yaml /opt/app/dmaap-adaptor-service/config/application.yaml
ADD /config/application_configuration.json /opt/app/dmaap-adaptor-service/data/application_configuration.json_example
ADD /config/keystore.jks /opt/app/dmaap-adaptor-service/etc/cert/keystore.jks
ADD /config/truststore.jks /opt/app/dmaap-adaptor-service/etc/cert/truststore.jks
-
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-RUN chown -R appuser:appuser /var/dmaap-adaptor-service/
-RUN chown -R appuser:appuser /opt/app/dmaap-adaptor-service/
-USER appuser
+RUN chmod -R 777 /opt/app/dmaap-adaptor-service/config/
ADD target/${JAR} /opt/app/dmaap-adaptor-service/dmaap-adaptor.jar
CMD ["java", "-jar", "/opt/app/dmaap-adaptor-service/dmaap-adaptor.jar"]
ADD target/${JAR} /opt/app/dmaap-adaptor-service/dmaap-adaptor.jar
CMD ["java", "-jar", "/opt/app/dmaap-adaptor-service/dmaap-adaptor.jar"]
RUN mkdir -p /var/log/information-coordinator-service
RUN mkdir -p /opt/app/information-coordinator-service/etc/cert/
RUN mkdir -p /var/information-coordinator-service
RUN mkdir -p /var/log/information-coordinator-service
RUN mkdir -p /opt/app/information-coordinator-service/etc/cert/
RUN mkdir -p /var/information-coordinator-service
+RUN chmod -R 777 /var/information-coordinator-service
ADD /config/keystore.jks /opt/app/information-coordinator-service/etc/cert/keystore.jks
ADD /config/truststore.jks /opt/app/information-coordinator-service/etc/cert/truststore.jks
ADD /config/keystore.jks /opt/app/information-coordinator-service/etc/cert/keystore.jks
ADD /config/truststore.jks /opt/app/information-coordinator-service/etc/cert/truststore.jks
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-RUN chown -R appuser:appuser /opt/app/information-coordinator-service
-RUN chown -R appuser:appuser /var/information-coordinator-service
-RUN chown -R appuser:appuser /var/log/information-coordinator-service
-USER appuser
+
+RUN chmod -R 777 /opt/app/information-coordinator-service/config/
CMD ["java", "-jar", "/opt/app/information-coordinator-service/information-coordinator-service.jar"]
CMD ["java", "-jar", "/opt/app/information-coordinator-service/information-coordinator-service.jar"]
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-RUN chown -R appuser:appuser /opt/app/r-app-catalogue/
-RUN chown -R appuser:appuser /var/log/r-app-catalogue/
-USER appuser
-
ADD /config/application.yaml /opt/app/r-app-catalogue/config/application.yaml
ADD /config/r-app-catalogue-keystore.jks /opt/app/r-app-catalogue/etc/cert/keystore.jks
ADD target/${JAR} /opt/app/r-app-catalogue/r-app-catalogue.jar
ADD /config/application.yaml /opt/app/r-app-catalogue/config/application.yaml
ADD /config/r-app-catalogue-keystore.jks /opt/app/r-app-catalogue/etc/cert/keystore.jks
ADD target/${JAR} /opt/app/r-app-catalogue/r-app-catalogue.jar
+
+RUN chmod -R 777 /opt/app/r-app-catalogue/config/
+
CMD ["java", "-jar", "/opt/app/r-app-catalogue/r-app-catalogue.jar"]
CMD ["java", "-jar", "/opt/app/r-app-catalogue/r-app-catalogue.jar"]
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-
-## add permissions for appuser user
-RUN chown -R appuser:appuser /usr/src/app/ && chmod -R 755 /usr/src/app/ && \
- chown -R appuser:appuser /var/log/nginx && \
- chown -R appuser:appuser /var/lib/nginx && \
- chown -R appuser:appuser /etc/nginx/conf.d
-RUN touch /var/run/nginx.pid && \
- chown -R appuser:appuser /var/run/nginx.pid
-
-USER appuser
-
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
WORKDIR /usr/src/app
COPY http_proxy.js .
WORKDIR /usr/src/app
COPY http_proxy.js .
CMD [ "node", "http_proxy.js" ]
\ No newline at end of file
CMD [ "node", "http_proxy.js" ]
\ No newline at end of file
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-## add permissions for appuser user
-RUN chown -R appuser:appuser /usr/src/app/ && chmod -R 755 /usr/src/app/ && \
- chown -R appuser:appuser /var/log/nginx && \
- chown -R appuser:appuser /var/lib/nginx && \
- chown -R appuser:appuser /etc/nginx/conf.d
-RUN touch /var/run/nginx.pid && \
- chown -R appuser:appuser /var/run/nginx.pid
-
-USER appuser
-
CMD [ "./start.sh" ]
\ No newline at end of file
CMD [ "./start.sh" ]
\ No newline at end of file
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
RUN apt-get update
RUN apt-get install -y nginx=1.14.*
RUN apt-get update
RUN apt-get install -y nginx=1.14.*
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-
-## add permissions for appuser user
-RUN chown -R appuser:appuser /usr/src/app/ && chmod -R 755 /usr/src/app/ && \
- chown -R appuser:appuser /var/log/nginx && \
- chown -R appuser:appuser /var/lib/nginx && \
- chown -R appuser:appuser /etc/nginx/conf.d
-RUN touch /var/run/nginx.pid && \
- chown -R appuser:appuser /var/run/nginx.pid
-
-USER appuser
-
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
RUN pip install -r requirements.txt
RUN pip install -r requirements.txt
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-USER appuser
-
CMD [ "python3", "-u", "main.py" ]
CMD [ "python3", "-u", "main.py" ]
RUN pip install -r requirements.txt
RUN pip install -r requirements.txt
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-
-USER appuser
-
CMD [ "python3", "-u", "message_generator.py" ]
CMD [ "python3", "-u", "message_generator.py" ]
RUN pip install -r requirements.txt
RUN pip install -r requirements.txt
-RUN groupadd -g 999 appuser && \
- useradd -r -u 999 -g appuser appuser
-
-USER appuser
-
CMD [ "python3", "-u", "sdnr_simulator.py" ]
CMD [ "python3", "-u", "sdnr_simulator.py" ]