COPY --from=INSTALL /usr/lib/x86_64-linux-gnu/libedit.so.2 /usr/lib/x86_64-linux-gnu/
COPY --from=INSTALL /usr/lib/x86_64-linux-gnu/libbsd.so.0 /usr/lib/x86_64-linux-gnu/
COPY --from=INSTALL /usr/lib/x86_64-linux-gnu/libedit.so.2 /usr/lib/x86_64-linux-gnu/
COPY --from=INSTALL /usr/lib/x86_64-linux-gnu/libbsd.so.0 /usr/lib/x86_64-linux-gnu/
+COPY scripts/ /app/osm_pol/scripts/
+
+# Creating the user for the app
+RUN groupadd -g 1000 appuser && \
+ useradd -u 1000 -g 1000 -d /app appuser && \
+ mkdir -p /app/osm_pol && \
+ mkdir -p /app/storage/kafka && \
+ mkdir /app/log && \
+ chown -R appuser:appuser /app
+
+WORKDIR /app/osm_pol
+
+# Changing the security context
+USER appuser
+
+########################################################################
ENV OSMPOL_MESSAGE_DRIVER kafka
ENV OSMPOL_MESSAGE_HOST kafka
ENV OSMPOL_MESSAGE_DRIVER kafka
ENV OSMPOL_MESSAGE_HOST kafka
+ securityContext:
+ runAsUser: 1000
+ runAsGroup: 1000
+ fsGroup: 1000
initContainers:
- name: kafka-mongo-test
image: alpine:latest
initContainers:
- name: kafka-mongo-test
image: alpine:latest
envFrom:
- secretRef:
name: pol-secret
envFrom:
- secretRef:
name: pol-secret
- volumeMounts:
- - name: db
- mountPath: /app/database
- volumes:
- - name: db
- hostPath:
- path: /var/lib/osm/osm_pol_db/_data