python3-dev=3.6.* \
python3-setuptools=39.0.* \
curl=7.58.* && \
- python3 -m easy_install pip==21.0.1
+ python3 -m easy_install pip==21.0.1 setuptools==51.0.0
ARG PYTHON3_OSM_COMMON_URL
ARG PYTHON3_OSM_PLA_URL
LABEL authors="Lars-Göran Magnusson"
RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
- DEBIAN_FRONTEND=noninteractive apt-get --yes install python3-minimal=3.6.*
+ DEBIAN_FRONTEND=noninteractive apt-get --yes install python3-minimal=3.6.* \
+ && rm -rf /var/lib/apt/lists/*
COPY --from=INSTALL /usr/lib/python3/dist-packages /usr/lib/python3/dist-packages
-COPY --from=INSTALL /usr/local/lib/python3.6/dist-packages /usr/local/lib/python3.6/dist-packages
+COPY --from=INSTALL /usr/local/lib/python3.6/dist-packages /usr/local/lib/python3.6/dist-packages
COPY --from=INSTALL /usr/bin/osm* /usr/bin/
COPY --from=INSTALL /minizinc /minizinc
-RUN mkdir /entry_data \
- && mkdir /entry_data/mzn-lib \
- && ln -s /entry_data/mzn-lib /minizinc/share/minizinc/exec
+RUN mkdir /entry_data && \
+ mkdir /placement && \
+ mkdir /entry_data/mzn-lib && \
+ ln -s /entry_data/mzn-lib /minizinc/share/minizinc/exec
-COPY scripts/ scripts/
-RUN mkdir /placement
+COPY scripts/ /app/osm_pla/scripts/
+
+# Creating the user for the app
+RUN groupadd -g 1000 appuser && \
+ useradd -u 1000 -g 1000 -d /app appuser && \
+ mkdir -p /app/osm_pla && \
+ chown -R appuser:appuser /app && \
+ chown -R appuser:appuser /entry_data && \
+ chown -R appuser:appuser /minizinc && \
+ chown -R appuser:appuser /placement
+
+WORKDIR /app/osm_pla
+
+# Changing the security context
+USER appuser
ENV OSMPLA_MESSAGE_DRIVER kafka
ENV OSMPLA_MESSAGE_HOST kafka
#HEALTHCHECK --start-period=120s --interval=10s --timeout=5s --retries=5 \
# CMD osm-pla-healthcheck || exit 1
-CMD /bin/bash scripts/start.sh
+CMD [ "/bin/bash", "scripts/start.sh" ]
projects / osm / devops.git / blobdiff