WORKDIR /opt/app/helm-manager
COPY target/app.jar app.jar
+ARG user=nonrtric
+ARG group=nonrtric
+
+RUN groupadd $group && \
+ useradd -r -g $group $user
+RUN chown -R $user:$group /opt/app/helm-manager
+RUN chown -R $user:$group /etc/app/helm-manager
+
+RUN mkdir /var/helm-manager-service
+RUN chown -R $user:$group /var/helm-manager-service
+
+RUN mkdir /home/$user
+RUN chown -R $user:$group /home/$user
+
+USER $user
+
CMD [ "java", "-jar", "app.jar", "--spring.config.location=optional:file:/etc/app/helm-manager/"]
--name helmmanagerservice \
--network nonrtric-docker-net \
-v $(pwd)/mnt/database:/var/helm-manager/database \
- -v ~/.kube:/root/.kube \
- -v ~/.helm:/root/.helm \
- -v ~/.config/helm:/root/.config/helm \
- -v ~/.cache/helm:/root/.cache/helm \
+ -v ~/.kube:/home/nonrtric/.kube \
+ -v ~/.helm:/home/nonrtric/.helm \
+ -v ~/.config/helm:/home/nonrtric/.config/helm \
+ -v ~/.cache/helm:/home/nonrtric/.cache/helm \
-v $(pwd)/config/KubernetesParticipantConfig.json:/opt/app/helm-manager/src/main/resources/config/KubernetesParticipantConfig.json \
-v $(pwd)/config/application.yaml:/opt/app/helm-manager/src/main/resources/config/application.yaml \
nexus3.o-ran-sc.org:10004/o-ran-sc/nonrtric-helm-manager:1.1.0-SNAPSHOT
- name: helm-manager-service-pv
persistentVolumeClaim:
claimName: helm-manager-service-pvc
-
+ initContainers:
+ - name: change-ownership-container
+ image: busybox:latest
+ command: ["sh","-c","chown -R 999:1000 /var/helm-manager-service"]
+ resources: {}
+ volumeMounts:
+ - mountPath: /var/helm-manager-service
+ name: helm-manager-service-pv
---
apiVersion: v1
Code Review / nonrtric.git / commitdiff