ADD /config/keystore.jks /opt/app/policy-agent/etc/cert/keystore.jks
ADD /config/truststore.jks /opt/app/policy-agent/etc/cert/truststore.jks
-RUN chmod -R 777 /opt/app/policy-agent/config/
-RUN chmod -R 777 /opt/app/policy-agent/data/
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+RUN chown -R appuser:appuser /opt/app/policy-agent
+RUN chown -R appuser:appuser /var/log/policy-agent
+USER appuser
ADD target/${JAR} /opt/app/policy-agent/policy-agent.jar
CMD ["java", "-jar", "/opt/app/policy-agent/policy-agent.jar"]
RUN mkdir -p /var/log/dmaap-adaptor-service
RUN mkdir -p /opt/app/dmaap-adaptor-service/etc/cert/
RUN mkdir -p /var/dmaap-adaptor-service
-RUN chmod -R 777 /var/dmaap-adaptor-service
ADD /config/application.yaml /opt/app/dmaap-adaptor-service/config/application.yaml
ADD /config/application_configuration.json /opt/app/dmaap-adaptor-service/data/application_configuration.json_example
ADD /config/keystore.jks /opt/app/dmaap-adaptor-service/etc/cert/keystore.jks
ADD /config/truststore.jks /opt/app/dmaap-adaptor-service/etc/cert/truststore.jks
-RUN chmod -R 777 /opt/app/dmaap-adaptor-service/config/
+
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+RUN chown -R appuser:appuser /var/dmaap-adaptor-service/
+RUN chown -R appuser:appuser /opt/app/dmaap-adaptor-service/
+USER appuser
ADD target/${JAR} /opt/app/dmaap-adaptor-service/dmaap-adaptor.jar
CMD ["java", "-jar", "/opt/app/dmaap-adaptor-service/dmaap-adaptor.jar"]
WORKDIR /opt/app/helm-manager
COPY target/app.jar app.jar
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+USER appuser
+
CMD [ "java", "-jar", "app.jar" ]
RUN mkdir -p /var/log/information-coordinator-service
RUN mkdir -p /opt/app/information-coordinator-service/etc/cert/
RUN mkdir -p /var/information-coordinator-service
-RUN chmod -R 777 /var/information-coordinator-service
EXPOSE 8083 8434
ADD /config/keystore.jks /opt/app/information-coordinator-service/etc/cert/keystore.jks
ADD /config/truststore.jks /opt/app/information-coordinator-service/etc/cert/truststore.jks
-
-RUN chmod -R 777 /opt/app/information-coordinator-service/config/
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+RUN chown -R appuser:appuser /opt/app/information-coordinator-service
+RUN chown -R appuser:appuser /var/information-coordinator-service
+RUN chown -R appuser:appuser /var/log/information-coordinator-service
+USER appuser
CMD ["java", "-jar", "/opt/app/information-coordinator-service/information-coordinator-service.jar"]
ADD target/${JAR} /opt/app/r-app-catalogue/r-app-catalogue.jar
-RUN chmod -R 777 /opt/app/r-app-catalogue/config/
+RUN chmod -R 644 /opt/app/r-app-catalogue/config/
+
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+RUN chown -R appuser:appuser /opt/app/r-app-catalogue/
+RUN chown -R appuser:appuser /var/log/r-app-catalogue/
+USER appuser
CMD ["java", "-jar", "/opt/app/r-app-catalogue/r-app-catalogue.jar"]
RUN chmod +x start.sh
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+USER appuser
+
CMD [ "./start.sh" ]
WORKDIR /usr/src/app
COPY http_proxy.js .
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+USER appuser
+
CMD [ "node", "http_proxy.js" ]
\ No newline at end of file
RUN chmod +x start.sh
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+USER appuser
+
CMD [ "./start.sh" ]
\ No newline at end of file
RUN apt-get update
RUN apt-get install -y nginx=1.14.*
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+USER appuser
+
CMD [ "./start.sh" ]
RUN pip install -r requirements.txt
+RUN groupadd -g 999 appuser && \
+ useradd -r -u 999 -g appuser appuser
+USER appuser
+
CMD [ "python3", "-u", "main.py" ]
Code Review / nonrtric.git / commitdiff