Use non-root user in Dockerfile for nonrtric-gateway Signed-off-by: ecaiyanlinux <martin.c.yan@est.tech> Issue-ID: NONRTRIC-647 Change-Id: Ie4524fb4091d7b4ac676cd0f0bdadab7e8197b91

commit: 38738c5a4169935967de0ccc5ff1e10055ff10ed [log] [tgz]
author: ecaiyanlinux <martin.c.yan@est.tech> Wed Jan 12 08:59:59 2022 +0100
committer: ecaiyanlinux <martin.c.yan@est.tech> Wed Jan 12 08:59:59 2022 +0100
tree: 59fba632785cf91e083a566fa655168a95992200
parent: fe36bf418dea18bf50638a872500f3173196b5da [diff]
diff --git a/nonrtric-gateway/Dockerfile b/nonrtric-gateway/Dockerfile
index f803a9c..5472edf 100644
--- a/nonrtric-gateway/Dockerfile
+++ b/nonrtric-gateway/Dockerfile

@@ -29,7 +29,14 @@
 ADD /config/application.yaml /opt/app/nonrtric-gateway/config/application.yaml
 ADD target/${JAR} /opt/app/nonrtric-gateway/nonrtric-gateway.jar
 
+ARG user=nonrtric
+ARG group=nonrtric
 
-RUN chmod -R 777 /opt/app/nonrtric-gateway/config/
+RUN groupadd $user && \
+    useradd -r -g $group $user
+RUN chown -R $user:$group /opt/app/nonrtric-gateway
+RUN chown -R $user:$group /var/log/nonrtric-gateway
+
+USER ${user}
 
 CMD ["java", "-jar", "/opt/app/nonrtric-gateway/nonrtric-gateway.jar"]
commit	38738c5a4169935967de0ccc5ff1e10055ff10ed	[log] [tgz]
author	ecaiyanlinux <martin.c.yan@est.tech>	Wed Jan 12 08:59:59 2022 +0100
committer	ecaiyanlinux <martin.c.yan@est.tech>	Wed Jan 12 08:59:59 2022 +0100
tree	59fba632785cf91e083a566fa655168a95992200
parent	fe36bf418dea18bf50638a872500f3173196b5da [diff]