Change pmsh baseOS img to integration-
Benefits from switching over:
* minimal {java11,python} images maintained by integration team
* using currently "blessed by seccom" versions (:latest tag used)
* should limit spread of legal issues across layers
* integration images will be the first to have automated compliance
documentation
* should limit spread of base layers (contributing to deployment
footprint - more base layers = more to download, more to store etc...)
Issue-ID: INT-1864
Issue-ID: DCAEGEN2-2420
Signed-off-by: Alexander Mazuruk <a.mazuruk@samsung.com>
Change-Id: I876dd5d2294e7944d2785b98885dc990cc492635
diff --git a/components/pm-subscription-handler/Dockerfile b/components/pm-subscription-handler/Dockerfile
index f154544..9e3ebfe 100644
--- a/components/pm-subscription-handler/Dockerfile
+++ b/components/pm-subscription-handler/Dockerfile
@@ -17,9 +17,10 @@
# SPDX-License-Identifier: Apache-2.0
# ============LICENSE_END=====================================================
-FROM python:3.8.2-alpine3.11 as build
-MAINTAINER lego@est.tech
+FROM nexus3.onap.org:10001/onap/integration-python:8.0.0 as build
+LABEL maintainer="lego@est.tech"
+USER root
RUN set -eux; \
apk add \
build-base \
@@ -31,17 +32,18 @@
RUN pip install --prefix /opt -r requirements.txt --no-cache-dir
# Second stage
-FROM python:3.8.2-alpine3.11
+FROM nexus3.onap.org:10001/onap/integration-python:8.0.0
COPY --from=build /opt /opt
+USER root
ARG user=onap
ARG group=onap
# set PATH & PYTHONPATH vars
ENV APPDIR="/opt/app/pmsh" \
- LD_LIBRARY_PATH=/opt/lib:/opt/lib64 \
- PYTHONPATH=${APPDIR}/mod:/opt/lib/python3.8/site-packages \
+ LD_LIBRARY_PATH=/opt/lib \
+ PYTHONPATH=${APPDIR}/mod:/opt/lib/python3.9/site-packages \
PATH=$PATH:${APPDIR}/bin \
LOGS_PATH="/var/log/ONAP/dcaegen2/services/pmsh" \
LOGGER_CONFIG="/opt/app/pmsh/log_config.yaml"
@@ -50,13 +52,14 @@
RUN mkdir -p $APPDIR
RUN set -eux; \
- apk add --no-cache postgresql-libs nano
+ apk add --no-cache postgresql-libs
COPY ./pmsh_service ./bin
COPY log_config.yaml ./
-# Create a group and user
-RUN addgroup -S $group && adduser -S -D -h /home/$user $user $group && \
+# onap user & group already avaliable, create home dir
+RUN mkdir -p /home/$user && \
+ chown -R $user:$group /home/$user && \
mkdir -p ${LOGS_PATH} && \
chown -R $user:$group ${LOGS_PATH} && \
chown -R $user:$group ${APPDIR}
@@ -64,4 +67,4 @@
# Tell docker that all future commands should be run as the onap user
USER $user
-ENTRYPOINT ["python", "/opt/app/pmsh/bin/pmsh_service_main.py"]
\ No newline at end of file
+ENTRYPOINT ["python", "/opt/app/pmsh/bin/pmsh_service_main.py"]