-# Copyright 2020 Arctos Labs Scandinavia AB
+#######################################################################################
+# Copyright ETSI Contributors and Others.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
+#######################################################################################
-FROM ubuntu:18.04 as INSTALL
+FROM ubuntu:20.04 as INSTALL
+
+ARG APT_PROXY
+RUN if [ ! -z $APT_PROXY ] ; then \
+ echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
+ echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
+ fi
RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
DEBIAN_FRONTEND=noninteractive apt-get --yes install \
- gcc=4:7.4.0-1ubuntu2.3 \
- python3=3.6.7-1~18.04 \
- python3-dev=3.6.7-1~18.04 \
- python3-setuptools=39.0.1-2 \
- curl=7.58.0-2ubuntu3.14 && \
- python3 -m easy_install pip==21.0.1
+ gcc=4:9.3.* \
+ python3=3.8.* \
+ python3-dev=3.8.* \
+ python3-pip=20.0.2* \
+ python3-setuptools=45.2.* \
+ curl=7.68.*
ARG PYTHON3_OSM_COMMON_URL
ARG PYTHON3_OSM_PLA_URL
RUN tar -zxf /minizinc.tgz && \
mv /MiniZincIDE-2.4.2-bundle-linux /minizinc
-FROM ubuntu:18.04
-LABEL authors="Lars-Göran Magnusson"
+#######################################################################################
+FROM ubuntu:20.04 as FINAL
+
+ARG APT_PROXY
+RUN if [ ! -z $APT_PROXY ] ; then \
+ echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ;\
+ echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ;\
+ fi
RUN DEBIAN_FRONTEND=noninteractive apt-get --yes update && \
- DEBIAN_FRONTEND=noninteractive apt-get --yes install python3-minimal=3.6.7-1~18.04
+ DEBIAN_FRONTEND=noninteractive apt-get --yes install \
+ python3-minimal=3.8.* \
+ && rm -rf /var/lib/apt/lists/*
+
+RUN rm -f /etc/apt/apt.conf.d/proxy.conf
+
+LABEL authors="Lars-Göran Magnusson"
COPY --from=INSTALL /usr/lib/python3/dist-packages /usr/lib/python3/dist-packages
-COPY --from=INSTALL /usr/local/lib/python3.6/dist-packages /usr/local/lib/python3.6/dist-packages
+COPY --from=INSTALL /usr/local/lib/python3.8/dist-packages /usr/local/lib/python3.8/dist-packages
COPY --from=INSTALL /usr/bin/osm* /usr/bin/
COPY --from=INSTALL /minizinc /minizinc
-RUN mkdir /entry_data \
- && mkdir /entry_data/mzn-lib \
- && ln -s /entry_data/mzn-lib /minizinc/share/minizinc/exec
+RUN mkdir /entry_data && \
+ mkdir /placement && \
+ mkdir /entry_data/mzn-lib && \
+ ln -s /entry_data/mzn-lib /minizinc/share/minizinc/exec
+
+COPY scripts/ /app/osm_pla/scripts/
+
+# Creating the user for the app
+RUN groupadd -g 1000 appuser && \
+ useradd -u 1000 -g 1000 -d /app appuser && \
+ mkdir -p /app/osm_pla && \
+ chown -R appuser:appuser /app && \
+ chown -R appuser:appuser /entry_data && \
+ chown -R appuser:appuser /minizinc && \
+ chown -R appuser:appuser /placement
+
+WORKDIR /app/osm_pla
-COPY scripts/ scripts/
-RUN mkdir /placement
+# Changing the security context
+USER appuser
ENV OSMPLA_MESSAGE_DRIVER kafka
ENV OSMPLA_MESSAGE_HOST kafka
#HEALTHCHECK --start-period=120s --interval=10s --timeout=5s --retries=5 \
# CMD osm-pla-healthcheck || exit 1
-CMD /bin/bash scripts/start.sh
+CMD [ "/bin/bash", "scripts/start.sh" ]