X-Git-Url: https://osm.etsi.org/gitweb/?a=blobdiff_plain;ds=inline;f=docker%2FRO%2FDockerfile;h=7d1bf52c8de93fa7d54173063e6825022f7b9a99;hb=refs%2Fchanges%2F48%2F11448%2F2;hp=4e7d548889cc74e07dd079ff43921eb9baa9cef5;hpb=f854a6172cfdd3d5cea50c4038604de1a5cc304c;p=osm%2Fdevops.git

diff --git a/docker/RO/Dockerfile b/docker/RO/Dockerfile
index 4e7d5488..7d1bf52c 100644
--- a/docker/RO/Dockerfile
+++ b/docker/RO/Dockerfile
@@ -45,7 +45,7 @@ ARG PYTHON3_OSM_ROVIM_AWS_URL
 ARG PYTHON3_OSM_ROVIM_AZURE_URL
 ARG PYTHON3_OSM_ROVIM_GCP_URL
 ARG PYTHON3_OSM_ROVIM_FOS_URL
-ARG PYTHON3_OSM_ROVIM_OPENNEBULA_URL
+# ARG PYTHON3_OSM_ROVIM_OPENNEBULA_URL
 ARG PYTHON3_OSM_ROVIM_OPENSTACK_URL
 ARG PYTHON3_OSM_ROVIM_OPENVIM_URL
 ARG PYTHON3_OSM_ROVIM_VMWARE_URL
@@ -67,7 +67,7 @@ RUN for URL in \
     $PYTHON3_OSM_ROVIM_AZURE_URL \
     $PYTHON3_OSM_ROVIM_GCP_URL \
     $PYTHON3_OSM_ROVIM_FOS_URL \
-    $PYTHON3_OSM_ROVIM_OPENNEBULA_URL \
+    # $PYTHON3_OSM_ROVIM_OPENNEBULA_URL \
     $PYTHON3_OSM_ROVIM_OPENSTACK_URL \
     $PYTHON3_OSM_ROVIM_OPENVIM_URL \
     $PYTHON3_OSM_ROVIM_VMWARE_URL ; do \
@@ -91,10 +91,21 @@ COPY --from=INSTALL /usr/local/lib/python3.6/dist-packages  /usr/local/lib/pytho
 COPY --from=INSTALL /usr/bin/genisoimage /usr/bin/genisoimage
 COPY --from=INSTALL /etc/protocols /etc/protocols
 
-VOLUME /var/log/osm
-
 EXPOSE 9090
 
+# Creating the user for the app
+RUN groupadd -g 1000 appuser && \
+    useradd -u 1000 -g 1000 -d /app appuser && \
+    mkdir -p /app/osm_ro && \
+    mkdir -p /app/storage/kafka && \
+    mkdir /app/log && \
+    chown -R appuser:appuser /app
+
+WORKDIR /app/osm_ro
+
+# Changing the security context
+USER appuser
+
 # Two mysql databases are needed (DB and DB_OVIM). Can be hosted on same or separated containers
 # These ENV must be provided
 ENV RO_DB_HOST=""
@@ -136,4 +147,3 @@ HEALTHCHECK --start-period=130s --interval=10s --timeout=5s --retries=12 \
   CMD curl --silent --fail http://localhost:9090/ro || exit 1
 
 CMD ["python3", "-u", "-m", "osm_ng_ro.ro_main"]
-