Avoid running as root.

Issue-ID: DCAEGEN2-2171
Signed-off-by: Kate Hsuan <kate.hsuan@qct.io>
Change-Id: If4594ee7079532ae87ed4741db3cb6a53da23f34
diff --git a/components/datalake-handler/admin/Dockerfile b/components/datalake-handler/admin/Dockerfile
index 38c50a6..2e6442a 100644
--- a/components/datalake-handler/admin/Dockerfile
+++ b/components/datalake-handler/admin/Dockerfile
@@ -12,20 +12,29 @@
 
 
 FROM nginx:1.17.9
-RUN apt-get update && \
-    apt-get install -y dnsmasq 
 
-RUN echo "\n\n# Docker extra config \nuser=root\naddn-hosts=/etc/hosts\n" >> /etc/dnsmasq.conf
+RUN groupadd -r datalake && useradd -r -g datalake datalake
 
 COPY --from=builder /app/dist/* /usr/share/nginx/html/
 COPY --from=builder /app/dl-admin-nginx.conf /etc/nginx/conf.d/default.conf
+COPY --from=builder /app/nginx.conf /etc/nginx/nginx.conf
 
-CMD echo "domain-needed" >> /etc/dnsmasq.conf && \
-      echo "resolv-file=/etc/resolv.conf" >> /etc/dnsmasq.conf && \
-      echo "expand-hosts" >> /etc/dnsmasq.conf && \
-      echo "listen-address=127.0.0.1" >> /etc/dnsmasq.conf && \     
-      service dnsmasq restart && \
-      echo set \$upstreamName http://dl-feeder.`grep search /etc/resolv.conf | awk {'print $2'}`:1680/datalake/v1\$1\$is_args\$args\; > /etc/nginx/upstream.conf && \
-      nginx -g "daemon off;"
+RUN chown -R datalake:datalake /etc/nginx
+RUN chown -R datalake:datalake /var/cache/nginx
+
+
+USER datalake
+
+#CMD echo "domain-needed" >> /etc/dnsmasq.conf && \
+#      echo "resolv-file=/etc/resolv.conf" >> /etc/dnsmasq.conf && \
+#      echo "expand-hosts" >> /etc/dnsmasq.conf && \
+#      echo "listen-address=127.0.0.1" >> /etc/dnsmasq.conf && \     
+#      service dnsmasq restart && \
+#      echo set \$upstreamName http://dl-feeder.`grep search /etc/resolv.conf | awk {'print $2'}`:1680/datalake/v1\$1\$is_args\$args\; > /etc/nginx/upstream.conf && \
+#      nginx -g "daemon off;"
+
+CMD echo resolver `grep nameserver /etc/resolv.conf |awk {'print $2'}` valid=10s\; > /etc/nginx/resolver.conf && \
+    echo set \$upstreamName http://dl-feeder.`grep search /etc/resolv.conf | awk {'print $2'}`:1680/datalake/v1\$1\$is_args\$args\; > /etc/nginx/upstream.conf && \
+    nginx -g "daemon off;"
 
 #CMD ["sh", "-c", "tail -f /dev/null"]
diff --git a/components/datalake-handler/admin/nginx/dl-admin-nginx.conf b/components/datalake-handler/admin/nginx/dl-admin-nginx.conf
index b6caa60..4ffbdfd 100644
--- a/components/datalake-handler/admin/nginx/dl-admin-nginx.conf
+++ b/components/datalake-handler/admin/nginx/dl-admin-nginx.conf
@@ -1,8 +1,8 @@
 server {
-    listen 80;
+    listen 8088;
     root  /usr/share/nginx/html;
 
-    resolver 127.0.0.1 valid=10s;
+    include /etc/nginx/resolver.conf;
     location ~/datalake/v1(.*)$ {
         #set $upstreamName http://dl_feeder:1680/datalake/v1$1;
         include /etc/nginx/upstream.conf;
diff --git a/components/datalake-handler/admin/nginx/nginx.conf b/components/datalake-handler/admin/nginx/nginx.conf
new file mode 100644
index 0000000..8613dff
--- /dev/null
+++ b/components/datalake-handler/admin/nginx/nginx.conf
@@ -0,0 +1,36 @@
+user  nginx;
+worker_processes  1;
+
+error_log  /tmp/error.log warn;
+pid        /tmp/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       /etc/nginx/mime.types;
+    default_type  application/octet-stream;
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log  /tmp/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+
+    #gzip  on;
+    client_body_temp_path /tmp/client_temp;
+    proxy_temp_path       /tmp/proxy_temp_path;
+    fastcgi_temp_path     /tmp/fastcgi_temp;
+    uwsgi_temp_path       /tmp/uwsgi_temp;
+    scgi_temp_path        /tmp/scgi_temp;
+
+    include /etc/nginx/conf.d/*.conf;
+}
diff --git a/components/datalake-handler/admin/pom.xml b/components/datalake-handler/admin/pom.xml
index 5325ba9..ff2044d 100644
--- a/components/datalake-handler/admin/pom.xml
+++ b/components/datalake-handler/admin/pom.xml
@@ -7,7 +7,7 @@
 	<parent>
 		<groupId>org.onap.dcaegen2.services.components</groupId>
 		<artifactId>datalake-handler</artifactId>
-		<version>1.0.1-SNAPSHOT</version>
+		<version>1.0.2-SNAPSHOT</version>
 	</parent>
 
 	<groupId>org.onap.dcaegen2.services.components.datalake-handler</groupId>
diff --git a/components/datalake-handler/collector/pom.xml b/components/datalake-handler/collector/pom.xml
index a90b9df..a9dad99 100644
--- a/components/datalake-handler/collector/pom.xml
+++ b/components/datalake-handler/collector/pom.xml
@@ -7,7 +7,7 @@
 	<parent>
 		<groupId>org.onap.dcaegen2.services.components</groupId>
 		<artifactId>datalake-handler</artifactId>
-		<version>1.0.1-SNAPSHOT</version>
+		<version>1.0.2-SNAPSHOT</version>
 	</parent>
 
 	<groupId>org.onap.dcaegen2.services.components.datalake-handler</groupId>
diff --git a/components/datalake-handler/feeder/Dockerfile b/components/datalake-handler/feeder/Dockerfile
index e260635..b34834b 100644
--- a/components/datalake-handler/feeder/Dockerfile
+++ b/components/datalake-handler/feeder/Dockerfile
@@ -27,5 +27,7 @@
     apt install -y mariadb-client && \
     apt install -y curl
 
+USER datalake
+
 CMD ["sh", "run.sh"]
 
diff --git a/components/datalake-handler/feeder/pom.xml b/components/datalake-handler/feeder/pom.xml
index 3297c7e..5954b37 100644
--- a/components/datalake-handler/feeder/pom.xml
+++ b/components/datalake-handler/feeder/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>org.onap.dcaegen2.services.components</groupId>
 		<artifactId>datalake-handler</artifactId>
-		<version>1.0.1-SNAPSHOT</version>
+		<version>1.0.2-SNAPSHOT</version>
 	</parent>
 
 	<groupId>org.onap.dcaegen2.services.components.datalake-handler</groupId>
@@ -218,7 +218,8 @@
 					<password>docker</password>  -->
 					<!-- repository>repo.treescale.com/moguobiao/datalake-feeder-maven</repository -->
 					<!-- repository>moguobiao/datalake-feeder-maven-spotify</repository -->
-					<repository>${onap.nexus.dockerregistry.daily}/${docker.image.path}</repository>
+			                <repository>${onap.nexus.dockerregistry.daily}/${docker.image.path}</repository>
+					<!-- <repository>mizunoami123/dl-feeder</repository> -->
 					<tag>${project.version}</tag>
 					<dockerfile>Dockerfile</dockerfile>
 					<!-- useMavenSettingsForAuth>true</useMavenSettingsForAuth -->
diff --git a/components/datalake-handler/pom.xml b/components/datalake-handler/pom.xml
index 9b00a41..fc4922c 100644
--- a/components/datalake-handler/pom.xml
+++ b/components/datalake-handler/pom.xml
@@ -12,7 +12,7 @@
 
 	<groupId>org.onap.dcaegen2.services.components</groupId>
 	<artifactId>datalake-handler</artifactId>
-	<version>1.0.1-SNAPSHOT</version>
+	<version>1.0.2-SNAPSHOT</version>
 	<packaging>pom</packaging>
 
 	<name>dcaegen2-service-datalake-handler</name>
diff --git a/components/datalake-handler/version.properties b/components/datalake-handler/version.properties
index 0f1f46a..c13587b 100644
--- a/components/datalake-handler/version.properties
+++ b/components/datalake-handler/version.properties
@@ -1,6 +1,6 @@
 major=1
 minor=0
-patch=1
+patch=2
 base_version=${major}.${minor}.${patch}
 release_version=${base_version}
 snapshot_version=${base_version}-SNAPSHOT