Run as non root
Modify the CLAMP docker image so that it does not run as root but as
clamp user
Issue-ID: CLAMP-298
Change-Id: I0bf7bed9cb76a2fcde72f2e23b66e03f03e5fe0e
Signed-off-by: sebdet <sebastien.determe@intl.att.com>
diff --git a/src/main/docker/Dockerfile b/src/main/docker/Dockerfile
index 44e2809..983dea7 100644
--- a/src/main/docker/Dockerfile
+++ b/src/main/docker/Dockerfile
@@ -15,10 +15,19 @@
apt-get -y dist-upgrade && \
apt-get install -y openjdk-8-jre-headless
+RUN groupadd -r onap && useradd --no-log-init -r -g onap clamp
+VOLUME /opt/clamp/config
+RUN mkdir /var/log/onap
+RUN chmod a+rwx /var/log/onap
+
COPY onap-clamp/clamp.jar /opt/clamp/app.jar
-VOLUME /etc
+RUN chmod 700 /opt/clamp/app.jar
+
COPY onap-clamp/startService.sh /opt/clamp/startService.sh
RUN chmod 700 /opt/clamp/startService.sh
+RUN chown -R clamp:onap /opt/clamp
+
+USER clamp
WORKDIR /opt/clamp/
ENTRYPOINT ./startService.sh
diff --git a/src/main/resources/boot-message.txt b/src/main/resources/boot-message.txt
index eea540b..92e4ab0 100644
--- a/src/main/resources/boot-message.txt
+++ b/src/main/resources/boot-message.txt
@@ -1,10 +1,14 @@
-╔═╗╔╗╔╔═╗╔═╗ ╔═╗┌─┐┌─┐┌─┐┌┐ ┬ ┌─┐┌┐┌┌─┐┌─┐
-║ ║║║║╠═╣╠═╝ ║ ├─┤└─┐├─┤├┴┐│ ├─┤││││ ├─┤
-╚═╝╝╚╝╩ ╩╩ ╚═╝┴ ┴└─┘┴ ┴└─┘┴─┘┴ ┴┘└┘└─┘┴ ┴
- ╔═╗╦ ╔═╗╔╦╗╔═╗
- ║ ║ ╠═╣║║║╠═╝
- ╚═╝╩═╝╩ ╩╩ ╩╩
+ _____ _ _ __ ____ ____ __ __ ____ __ ____ _ _
+( _ )( \( ) /__\ ( _ \ ( _ \( )( )( _ \( ) (_ _)( \( )
+ )(_)( ) ( /(__)\ )___/ )(_) ))(__)( ) _ < )(__ _)(_ ) (
+(_____)(_)\_)(__)(__)(__) (____/(______)(____/(____)(____)(_)\_)
+ ___ __ __ __ __ ____
+ / __)( ) /__\ ( \/ )( _ \
+ ( (__ )(__ /(__)\ ) ( )___/
+ \___)(____)(__)(__)(_/\/\_)(__)
+
+
:: Starting ::
\ No newline at end of file