Gitiles
Code Review Sign In
gerrit.nordix.org / onap / vid / b461e34d743867b0d9cc6d890475a81617e3578a^! / .
commitb461e34d743867b0d9cc6d890475a81617e3578a[log] [tgz]
authorWojciech Sliwka <wojciech.sliwka@nokia.com>Mon Apr 08 15:12:40 2019 +0200
committerWojciech Sliwka <wojciech.sliwka@nokia.com>Tue Apr 09 06:28:07 2019 +0000
tree8f04b34149b532358c3c88bb2e9103e1c242ac6f
parentb39f4b49ff9ad4d98bac22c331c3becb3352585a [diff]
Run tomcat as onap user

Issue-ID: VID-423
Change-Id: I5ec25252e325216e0835c55ae9b8ddb47ce11161
Signed-off-by: Wojciech Sliwka <wojciech.sliwka@nokia.com>

diff --git a/deliveries/src/main/docker/docker-files/Dockerfile b/deliveries/src/main/docker/docker-files/Dockerfile
index 3f9c1ad..9b46853 100755
--- a/deliveries/src/main/docker/docker-files/Dockerfile
+++ b/deliveries/src/main/docker/docker-files/Dockerfile

@@ -3,6 +3,8 @@
 # add vim and uncomment alias to speedup troubleshooting purpose
 RUN apk update && apk add openjdk8 vim net-tools
 
+RUN adduser --disabled-password onap onap
+RUN mkdir -p /opt/app
 COPY conf.d/ /etc/onap/vid/conf.d/
 
 # MariaDB variables
@@ -90,6 +92,7 @@
 ADD maven/scripts/*.sh /tmp/vid/
 ADD maven/artifacts/vid.war /tmp/vid/stage/
 
+RUN chown onap:onap /tmp/vid /usr/local/tomcat /etc/onap/vid /opt/app -R
 RUN chmod +x /tmp/vid/localize.sh
-
-CMD ["/tmp/vid/localize.sh"]
\ No newline at end of file
+USER onap
+CMD ["/tmp/vid/localize.sh"]