This is an automated email from the ASF dual-hosted git repository. zehnder pushed a commit to branch SP-454 in repository https://gitbox.apache.org/repos/asf/streampipes.git
commit 1b24972c30a313984552f2d2605fb3121f7ab68c Author: Philipp Zehnder <[email protected]> AuthorDate: Thu Feb 2 23:03:31 2023 +0100 [#454] Add non-root user to backend and extension dockerfile --- streampipes-extensions/streampipes-extensions-all-jvm/Dockerfile | 9 +++++++++ streampipes-service-core/Dockerfile | 9 +++++++++ 2 files changed, 18 insertions(+) diff --git a/streampipes-extensions/streampipes-extensions-all-jvm/Dockerfile b/streampipes-extensions/streampipes-extensions-all-jvm/Dockerfile index d84e5bcea..3c9287b67 100644 --- a/streampipes-extensions/streampipes-extensions-all-jvm/Dockerfile +++ b/streampipes-extensions/streampipes-extensions-all-jvm/Dockerfile @@ -15,9 +15,18 @@ FROM eclipse-temurin:17-jre-focal +ARG USERNAME=javauser +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + # needed pkgs processors-image-processing-jvm RUN apt-get update && apt-get install ttf-dejavu-core && apt-get install fontconfig COPY target/streampipes-extensions-all-jvm.jar /streampipes-extensions-all-jvm.jar +RUN groupadd --gid $USER_GID $USERNAME \ + && useradd --uid $USER_UID --gid $USER_GID -m $USERNAME + +USER $USERNAME + ENTRYPOINT ["java", "-jar", "/streampipes-extensions-all-jvm.jar"] diff --git a/streampipes-service-core/Dockerfile b/streampipes-service-core/Dockerfile index 48e2dad56..f6358a884 100644 --- a/streampipes-service-core/Dockerfile +++ b/streampipes-service-core/Dockerfile @@ -15,6 +15,15 @@ FROM eclipse-temurin:17-jre-focal +ARG USERNAME=javauser +ARG USER_UID=1000 +ARG USER_GID=$USER_UID + COPY target/streampipes-backend.jar /streampipes-backend.jar +RUN groupadd --gid $USER_GID $USERNAME \ + && useradd --uid $USER_UID --gid $USER_GID -m $USERNAME + +USER $USERNAME + ENTRYPOINT ["java", "-jar", "/streampipes-backend.jar"]
