Use non-root user in Dockerfile Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech> Issue-ID: NONRTRIC-656 Change-Id: Ib85abd9de806b30b73af34a863b06c7663026c3d

commit: e41d28ca88de6e25a3a69b4af980aee937087f37 [log] [tgz]
author: ecaiyanlinux <martin.c.yan@est.tech> Wed Dec 01 16:18:36 2021 +0100
committer: Chengkai YAN <martin.c.yan@est.tech> Thu Dec 02 07:59:06 2021 +0000
tree: 6b2cf078b39a75c30950735fea4a0b85f20903a2
parent: 0268b146cb35f0b5cdc4f8deb2668055bc4ce940 [diff] [blame]
diff --git a/dmaap-adaptor-java/Dockerfile b/dmaap-adaptor-java/Dockerfile
index b2c0c30..9843699 100644
--- a/dmaap-adaptor-java/Dockerfile
+++ b/dmaap-adaptor-java/Dockerfile

@@ -30,14 +30,18 @@
 RUN mkdir -p /var/log/dmaap-adaptor-service
 RUN mkdir -p /opt/app/dmaap-adaptor-service/etc/cert/
 RUN mkdir -p /var/dmaap-adaptor-service
-RUN chmod -R 777 /var/dmaap-adaptor-service
 
 ADD /config/application.yaml /opt/app/dmaap-adaptor-service/config/application.yaml
 ADD /config/application_configuration.json /opt/app/dmaap-adaptor-service/data/application_configuration.json_example
 ADD /config/keystore.jks /opt/app/dmaap-adaptor-service/etc/cert/keystore.jks
 ADD /config/truststore.jks /opt/app/dmaap-adaptor-service/etc/cert/truststore.jks
 
-RUN chmod -R 777 /opt/app/dmaap-adaptor-service/config/
+
+RUN groupadd -g 999 appuser && \
+    useradd -r -u 999 -g appuser appuser
+RUN chown -R appuser:appuser /var/dmaap-adaptor-service/
+RUN chown -R appuser:appuser /opt/app/dmaap-adaptor-service/
+USER appuser
 
 ADD target/${JAR} /opt/app/dmaap-adaptor-service/dmaap-adaptor.jar
 CMD ["java", "-jar", "/opt/app/dmaap-adaptor-service/dmaap-adaptor.jar"]
commit	e41d28ca88de6e25a3a69b4af980aee937087f37	[log] [tgz]
author	ecaiyanlinux <martin.c.yan@est.tech>	Wed Dec 01 16:18:36 2021 +0100
committer	Chengkai YAN <martin.c.yan@est.tech>	Thu Dec 02 07:59:06 2021 +0000
tree	6b2cf078b39a75c30950735fea4a0b85f20903a2
parent	0268b146cb35f0b5cdc4f8deb2668055bc4ce940 [diff] [blame]