diff --git a/.github/workflows/push-trigger.yml b/.github/workflows/push-trigger.yml index fd0f12aa220..57c0bae1ea6 100644 --- a/.github/workflows/push-trigger.yml +++ b/.github/workflows/push-trigger.yml @@ -103,7 +103,7 @@ jobs: fail-fast: false name: ${{ matrix.SERVICE_NAME }} - uses: mosip/kattu/.github/workflows/docker-build.yml@master + uses: abhishek8shankar/kattu/.github/workflows/docker-build.yml@develop with: SERVICE_LOCATION: ${{ matrix.SERVICE_LOCATION }} SERVICE_NAME: ${{ matrix.SERVICE_NAME }} @@ -128,4 +128,4 @@ jobs: OSSRH_SECRET: ${{ secrets.OSSRH_SECRET }} OSSRH_TOKEN: ${{ secrets.OSSRH_TOKEN }} GPG_SECRET: ${{ secrets.GPG_SECRET }} - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} \ No newline at end of file + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} diff --git a/registration-processor/core-processor/registration-processor-abis/Dockerfile b/registration-processor/core-processor/registration-processor-abis/Dockerfile index ee5b26edf18..d379756e0c0 100644 --- a/registration-processor/core-processor/registration-processor-abis/Dockerfile +++ b/registration-processor/core-processor/registration-processor-abis/Dockerfile @@ -3,54 +3,26 @@ FROM openjdk:11 #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime and artifactory url, at docker runtime . ENV active_profile_env=${active_profile} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass github branch to pickup configuration from, at docker runtime -ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo - # set working directory for the user WORKDIR /home/${container_user} @@ -58,8 +30,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. @@ -68,7 +38,13 @@ VOLUME ${work_dir}/logs ${work_dir}/Glowroot ADD ./target/registration-processor-abis-*.jar registration-processor-abis.jar # change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/init/registration-processor-dmz-packet-server/Dockerfile b/registration-processor/init/registration-processor-dmz-packet-server/Dockerfile index a0ded0a963d..921403b9979 100644 --- a/registration-processor/init/registration-processor-dmz-packet-server/Dockerfile +++ b/registration-processor/init/registration-processor-dmz-packet-server/Dockerfile @@ -1,5 +1,34 @@ FROM nginx +# Define arguments +ARG container_user=mosip +ARG container_user_group=mosip +ARG container_user_uid=1001 +ARG container_user_gid=1001 + +# Create a user and group inside the container +RUN addgroup --gid ${container_user_gid} ${container_user_group} && \ + adduser --disabled-password --gecos '' --uid ${container_user_uid} --gid ${container_user_gid} ${container_user} + +# Set the working directory +WORKDIR /home/${container_user} + +# Copy nginx.conf file +COPY nginx.conf /etc/nginx/nginx.conf + +# Copy healthcheck.txt file +COPY healthcheck.txt /home/${container_user}/landing/healthcheck.txt + +# Change ownership of /home/mosip directory +RUN chown -R ${container_user}:${container_user} /home/${container_user} + +# Change user and group to the created user and group +USER ${container_user_uid}:${container_user_gid} + +# Expose port 8082 +EXPOSE 8082 + +# Run nginx VOLUME /home/mosip COPY nginx.conf /etc/nginx/nginx.conf @@ -8,4 +37,5 @@ COPY healthcheck.txt /home/mosip/landing/healthcheck.txt EXPOSE 8082 + CMD ["nginx", "-g", "daemon off;"] diff --git a/registration-processor/init/registration-processor-packet-receiver-stage/Dockerfile b/registration-processor/init/registration-processor-packet-receiver-stage/Dockerfile index 2147d260e8b..b64c3137e11 100644 --- a/registration-processor/init/registration-processor-packet-receiver-stage/Dockerfile +++ b/registration-processor/init/registration-processor-packet-receiver-stage/Dockerfile @@ -22,8 +22,10 @@ ENV active_profile_env=${active_profile} # environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} -# environment variable to pass github branch to pickup configuration from, at docker runtime -ENV spring_config_label_env=${spring_config_label} +ARG container_user=mosip +ARG container_user_group=mosip +ARG container_user_uid=1001 +ARG container_user_gid=1001 # change volume to whichever storage directory you want to use for this container. VOLUME /home/ftp1/ARCHIVE_PACKET_LOCATION /home/ftp1/LANDING_ZONE /home/Glowroot @@ -33,6 +35,12 @@ COPY ./target/registration-processor-packet-receiver-stage-*.jar registration-pr EXPOSE 8081 EXPOSE 4001 +WORKDIR /home/${container_user} + +RUN chown -R ${container_user}:${container_user} /home/${container_user} + +USER ${container_user_uid}:${container_user_gid} + CMD if [ "$active_profile_env" = "preprod" ]; then \ wget 'http://13.71.87.138:8040/artifactory/libs-release-local/io/mosip/testing/glowroot.zip' ; \ apt-get update && apt-get install -y unzip ; \ diff --git a/registration-processor/init/registration-processor-registration-status-service/Dockerfile b/registration-processor/init/registration-processor-registration-status-service/Dockerfile index 6f4b8b88b67..7269bdb6163 100644 --- a/registration-processor/init/registration-processor-registration-status-service/Dockerfile +++ b/registration-processor/init/registration-processor-registration-status-service/Dockerfile @@ -3,50 +3,24 @@ FROM openjdk:11 #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active -ARG active_profile - -# can be passed during Docker build as build time environment for config server URL +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active and config server URL, respectively. +ARG spring_config_label +ARG active_profile ARG spring_config_url - -# can be passed during Docker build as build time environment management rmi server hostname ARG management_rmi_server_hostname - -# can be passed during Docker build as build time environment management rmi server port ARG management_jmxremote_rmi_port -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | iam_adapter url, at docker runtime | management rmi server hostname and management rmi server port, respectively ENV active_profile_env=${active_profile} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass github branch to pickup configuration from, at docker runtime -ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass iam_adapter url, at docker runtime ENV iam_adapter_url_env=${iam_adapter_url} # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo - # set working directory for the user WORKDIR /home/${container_user} @@ -54,8 +28,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. @@ -67,7 +39,13 @@ EXPOSE 8083 EXPOSE 4000 # change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/post-processor/registration-processor-credential-requestor-stage/Dockerfile-not-used b/registration-processor/post-processor/registration-processor-credential-requestor-stage/Dockerfile-not-used index 2767feb48d7..8494728a75d 100644 --- a/registration-processor/post-processor/registration-processor-credential-requestor-stage/Dockerfile-not-used +++ b/registration-processor/post-processor/registration-processor-credential-requestor-stage/Dockerfile-not-used @@ -33,11 +33,27 @@ ENV is_glowroot_env=${is_glowroot} # environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} +# can be passed during Docker build as build time environment for github branch to pickup configuration from. +ARG container_user=mosip + +# can be passed during Docker build as build time environment for github branch to pickup configuration from. +ARG container_user_group=mosip + +# can be passed during Docker build as build time environment for github branch to pickup configuration from. +ARG container_user_uid=1001 + +# can be passed during Docker build as build time environment for github branch to pickup configuration from. +ARG container_user_gid=1001 + # change volume to whichever storage directory you want to use for this container. VOLUME /home/logs COPY ./target/registration-processor-credential-requestor-stage-*.jar registration-processor-credential-requestor-stage.jar +WORKDIR /home/${container_user} +RUN chown -R ${container_user}:${container_user} /home/${container_user} +USER ${container_user_uid}:${container_user_gid} + CMD if [ "$is_glowroot_env" = "present" ]; then \ wget "${artifactory_url_env}"/artifactory/libs-release-local/io/mosip/testing/glowroot.zip ; \ apt-get update && apt-get install -y unzip ; \ diff --git a/registration-processor/post-processor/registration-processor-message-sender-stage/Dockerfile-not-used b/registration-processor/post-processor/registration-processor-message-sender-stage/Dockerfile-not-used index e2e8dbb327b..1f62b7f73a4 100644 --- a/registration-processor/post-processor/registration-processor-message-sender-stage/Dockerfile-not-used +++ b/registration-processor/post-processor/registration-processor-message-sender-stage/Dockerfile-not-used @@ -33,6 +33,16 @@ ENV is_glowroot_env=${is_glowroot} # environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} +# can be passed during Docker build as build time environment for github branch to pickup configuration from. +ARG container_user=mosip +ARG container_user_group=mosip +ARG container_user_uid=1001 +ARG container_user_gid=1001 + +WORKDIR /home/${container_user} +RUN chown -R ${container_user}:${container_user} /home/${container_user} +USER ${container_user_uid}:${container_user_gid} + # change volume to whichever storage directory you want to use for this container. VOLUME /home/logs diff --git a/registration-processor/pre-processor/registration-processor-packet-uploader-stage/Dockerfile-not-used b/registration-processor/pre-processor/registration-processor-packet-uploader-stage/Dockerfile-not-used index 308e472fa01..22dd6ee90c0 100644 --- a/registration-processor/pre-processor/registration-processor-packet-uploader-stage/Dockerfile-not-used +++ b/registration-processor/pre-processor/registration-processor-packet-uploader-stage/Dockerfile-not-used @@ -33,6 +33,14 @@ ENV is_glowroot_env=${is_glowroot} # environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} +ARG container_user=mosip +ARG container_user_group=mosip +ARG container_user_uid=1001 +ARG container_user_gid=1001 +WORKDIR /home/${container_user} +RUN chown -R ${container_user}:${container_user} /home/${container_user} +USER ${container_user_uid}:${container_user_gid} + # change volume to whichever storage directory you want to use for this container. VOLUME /home/logs /home/ftp1/LANDING_ZONE /home/ftp1/ARCHIVE_PACKET_LOCATION diff --git a/registration-processor/pre-processor/registration-processor-packet-validator-stage/Dockerfile-not-used b/registration-processor/pre-processor/registration-processor-packet-validator-stage/Dockerfile-not-used index 44efae6c67e..4f8a9ca9ddd 100644 --- a/registration-processor/pre-processor/registration-processor-packet-validator-stage/Dockerfile-not-used +++ b/registration-processor/pre-processor/registration-processor-packet-validator-stage/Dockerfile-not-used @@ -33,6 +33,14 @@ ENV is_glowroot_env=${is_glowroot} # environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} +ARG container_user=mosip +ARG container_user_group=mosip +ARG container_user_uid=1001 +ARG container_user_gid=1001 +WORKDIR /home/${container_user} +RUN chown -R ${container_user}:${container_user} /home/${container_user} +USER ${container_user_uid}:${container_user_gid} + # change volume to whichever storage directory you want to use for this container. VOLUME /home/logs diff --git a/registration-processor/pre-processor/registration-processor-quality-classifier-stage/Dockerfile-not-used b/registration-processor/pre-processor/registration-processor-quality-classifier-stage/Dockerfile-not-used index b90fa8ad16b..8371a6617ab 100644 --- a/registration-processor/pre-processor/registration-processor-quality-classifier-stage/Dockerfile-not-used +++ b/registration-processor/pre-processor/registration-processor-quality-classifier-stage/Dockerfile-not-used @@ -33,6 +33,14 @@ ENV is_glowroot_env=${is_glowroot} # environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} +ARG container_user=mosip +ARG container_user_group=mosip +ARG container_user_uid=1001 +ARG container_user_gid=1001 +WORKDIR /home/${container_user} +RUN chown -R ${container_user}:${container_user} /home/${container_user} +USER ${container_user_uid}:${container_user_gid} + # change volume to whichever storage directory you want to use for this container. VOLUME /home/logs diff --git a/registration-processor/pre-processor/registration-processor-securezone-notification-stage/Dockerfile-not-used b/registration-processor/pre-processor/registration-processor-securezone-notification-stage/Dockerfile-not-used index 4cd935e3117..790eccbf036 100644 --- a/registration-processor/pre-processor/registration-processor-securezone-notification-stage/Dockerfile-not-used +++ b/registration-processor/pre-processor/registration-processor-securezone-notification-stage/Dockerfile-not-used @@ -33,6 +33,14 @@ ENV is_glowroot_env=${is_glowroot} # environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} +ARG container_user=mosip +ARG container_user_group=mosip +ARG container_user_uid=1001 +ARG container_user_gid=1001 +WORKDIR /home/${container_user} +RUN chown -R ${container_user}:${container_user} /home/${container_user} +USER ${container_user_uid}:${container_user_gid} + COPY ./target/registration-processor-securezone-notification-stage-*.jar registration-processor-securezone-notification-stage.jar diff --git a/registration-processor/registration-processor-common-camel-bridge/Dockerfile b/registration-processor/registration-processor-common-camel-bridge/Dockerfile index e66fa0142be..f94d3334e5a 100644 --- a/registration-processor/registration-processor-common-camel-bridge/Dockerfile +++ b/registration-processor/registration-processor-common-camel-bridge/Dockerfile @@ -17,63 +17,30 @@ LABEL network=host LABEL privileged=true LABEL zone_env=dmz -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot | artifactory URL and for zone respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for zone -ARG zone - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url - -# environment variable to pass active profile such as DEV, QA etc at docker runtime -ENV active_profile_env=${active_profile} +ARG zone # environment variable to pass zone i.e dmz or secure at docker runtime ENV zone_env=${zone} - -# environment variable to pass github branch to pickup configuration from, at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime | artifactory url, at docker runtime and iam_adapter url, at docker runtime. +ENV active_profile_env=${active_profile} ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass spring configuration url, at docker runtime ENV spring_config_url_env=${spring_config_url} - -# environment variable to pass glowroot, at docker runtime ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} - -# environment variable to pass iam_adapter url, at docker runtime ENV iam_adapter_url_env=${iam_adapter_url} # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo - # set working directory for the user WORKDIR /home/${container_user} @@ -81,21 +48,25 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # copying shaded jar into docker image ADD ./target/*.jar ./target/ + +# change permissions of file inside working dir RUN find target/ -regextype posix-extended -regex '.*registration-processor-common-camel-bridge-[0-9\.]+[-A-Za-z0-9]*\.jar' "-print0" | xargs "-0" cp -t ./ \ && rm -rf ./target \ && rm -rf original*.jar \ && rm -rf *-sources.jar \ && rm -rf *-javadoc.jar \ - && mv *.jar registration-processor-common-camel-bridge.jar - - # change permissions of file inside working dir - RUN chown -R ${container_user}:${container_user} /home/${container_user} + && mv *.jar registration-processor-common-camel-bridge.jar \ + && apt-get -y update \ + && apt-get install -y unzip sudo \ + && groupadd -g ${container_user_gid} ${container_user_group} \ + && useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ + && adduser ${container_user} sudo \ + && mkdir -p ${loader_path} \ + && chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/registration-processor-landing-zone/Dockerfile b/registration-processor/registration-processor-landing-zone/Dockerfile index b9e4a372aab..adb3609008f 100644 --- a/registration-processor/registration-processor-landing-zone/Dockerfile +++ b/registration-processor/registration-processor-landing-zone/Dockerfile @@ -3,50 +3,24 @@ FROM openjdk:11 #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL |management rmi server hostname and management rmi server port ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active ARG active_profile - -# can be passed during Docker build as build time environment for config server URL ARG spring_config_url - -# can be passed during Docker build as build time environment management rmi server hostname ARG management_rmi_server_hostname - -# can be passed during Docker build as build time environment management rmi server port ARG management_jmxremote_rmi_port -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime and iam_adapter url, at docker runtime ENV active_profile_env=${active_profile} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass github branch to pickup configuration from, at docker runtime -ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass iam_adapter url, at docker runtime ENV iam_adapter_url_env=${iam_adapter_url} # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo - # set working directory for the user WORKDIR /home/${container_user} @@ -54,8 +28,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. @@ -64,7 +36,13 @@ VOLUME /home/ftp1/ARCHIVE_PACKET_LOCATION /home/ftp1/LANDING_ZONE ${work_dir}/lo ADD ./target/registration-processor-landing-zone-*.jar registration-processor-landing-zone.jar # change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/registration-processor-notification-service/Dockerfile b/registration-processor/registration-processor-notification-service/Dockerfile index 9694f894d19..92733f369fd 100644 --- a/registration-processor/registration-processor-notification-service/Dockerfile +++ b/registration-processor/registration-processor-notification-service/Dockerfile @@ -12,57 +12,27 @@ LABEL build_time=${BUILD_TIME} #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime | artifactory url, at docker runtime and iam_adapter url, at docker runtime. ENV active_profile_env=${active_profile} - -# environment variable to pass github branch to pickup configuration from, at docker runtime -ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} - -# environment variable to pass iam_adapter url, at docker runtime ENV iam_adapter_url_env=${iam_adapter_url} # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo - # set working directory for the user WORKDIR /home/${container_user} @@ -70,8 +40,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. @@ -80,7 +48,13 @@ VOLUME ${work_dir}/logs ${work_dir}/Glowroot ADD ./target/registration-processor-notification-service-*.jar registration-processor-notification-service.jar # change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/stage-groups/registration-processor-stage-group-1/Dockerfile b/registration-processor/stage-groups/registration-processor-stage-group-1/Dockerfile index 2392ed16e5e..7a7690b5a58 100644 --- a/registration-processor/stage-groups/registration-processor-stage-group-1/Dockerfile +++ b/registration-processor/stage-groups/registration-processor-stage-group-1/Dockerfile @@ -12,54 +12,26 @@ LABEL build_time=${BUILD_TIME} #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime and artifactory url, at docker runtime respectively ENV active_profile_env=${active_profile} - -# environment variable to configuration server url to pickup configuration from, at docker runtime -ENV spring_config_url_env=${spring_config_url} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} -# install packages and create user -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} - # set working directory for the user WORKDIR /home/${container_user} @@ -67,8 +39,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} ARG regproc_jars @@ -83,7 +53,14 @@ ENV group_name=registration-processor-stage-group-1 ADD ./target/${group_name}-*.jar ${group_name}.jar # change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} + +# install packages and create user +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/stage-groups/registration-processor-stage-group-2/Dockerfile b/registration-processor/stage-groups/registration-processor-stage-group-2/Dockerfile index 0091f8f59c6..ffbdc759e8c 100644 --- a/registration-processor/stage-groups/registration-processor-stage-group-2/Dockerfile +++ b/registration-processor/stage-groups/registration-processor-stage-group-2/Dockerfile @@ -12,46 +12,24 @@ LABEL build_time=${BUILD_TIME} #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime and artifactory url, at docker runtime, respectively. ENV active_profile_env=${active_profile} - -# environment variable to configuration server url to pickup configuration from, at docker runtime -ENV spring_config_url_env=${spring_config_url} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 #ARG bio_sdk_folder=mock/0.9 @@ -64,14 +42,6 @@ ENV biosdk_local_dir_name=${biosdk_local_dir} #ENV bio_sdk_folder_env=${bio_sdk_folder} ENV biosdk_zip_file_path=${biosdk_zip_path} -# install packages and create user -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo \ -&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${biosdk_local_dir}/install.sh" >> /etc/sudoers - # set working directory for the user WORKDIR /home/${container_user} @@ -79,8 +49,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. @@ -94,10 +62,16 @@ ADD ./target/${group_name}-*.jar ${group_name}.jar ADD configure_start.sh configure_start.sh -RUN chmod +x configure_start.sh - -# change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +## install packages, create and user change permissions of file inside working dir +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${biosdk_local_dir}/install.sh" >> /etc/sudoers \ +&& mkdir -p ${loader_path} \ +&& chmod +x configure_start.sh \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/stage-groups/registration-processor-stage-group-3/Dockerfile b/registration-processor/stage-groups/registration-processor-stage-group-3/Dockerfile index 63ce6ebcb02..d09acf48724 100644 --- a/registration-processor/stage-groups/registration-processor-stage-group-3/Dockerfile +++ b/registration-processor/stage-groups/registration-processor-stage-group-3/Dockerfile @@ -12,56 +12,28 @@ LABEL build_time=${BUILD_TIME} #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime and artifactory url, at docker runtime, respectively. ENV active_profile_env=${active_profile} - -# environment variable to configuration server url to pickup configuration from, at docker runtime -ENV spring_config_url_env=${spring_config_url} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} ENV group_name=registration-processor-stage-group-3 # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo - # set working directory for the user WORKDIR /home/${container_user} @@ -69,8 +41,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. @@ -79,7 +49,13 @@ VOLUME ${work_dir}/logs ADD ./target/${group_name}-*.jar ${group_name}.jar # change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/stage-groups/registration-processor-stage-group-4/Dockerfile b/registration-processor/stage-groups/registration-processor-stage-group-4/Dockerfile index c5c4874af79..273cda2bc3a 100644 --- a/registration-processor/stage-groups/registration-processor-stage-group-4/Dockerfile +++ b/registration-processor/stage-groups/registration-processor-stage-group-4/Dockerfile @@ -12,66 +12,34 @@ LABEL build_time=${BUILD_TIME} #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime and artifactory url, at docker runtime, respectively. ENV active_profile_env=${active_profile} - -# environment variable to configuration server url to pickup configuration from, at docker runtime -ENV spring_config_url_env=${spring_config_url} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 #ARG bio_sdk_folder=mock/0.9 ARG biosdk_zip_path - ARG biosdk_local_dir=biosdk-client ENV biosdk_local_dir_name=${biosdk_local_dir} - #ENV bio_sdk_folder_env=${bio_sdk_folder} ENV biosdk_zip_file_path=${biosdk_zip_path} -# install packages and create user -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo \ -&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${biosdk_local_dir}/install.sh" >> /etc/sudoers - # set working directory for the user WORKDIR /home/${container_user} @@ -79,8 +47,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. @@ -94,10 +60,16 @@ ADD ./target/${group_name}-*.jar ${group_name}.jar ADD configure_start.sh configure_start.sh -RUN chmod +x configure_start.sh - -# change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +## install packages, create user and change permissions of file inside working dir +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& mkdir -p ${loader_path} \ +&& chmod +x configure_start.sh \ +&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${biosdk_local_dir}/install.sh" >> /etc/sudoers \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/stage-groups/registration-processor-stage-group-5/Dockerfile b/registration-processor/stage-groups/registration-processor-stage-group-5/Dockerfile index eb3f172c3b5..198ba9a7702 100644 --- a/registration-processor/stage-groups/registration-processor-stage-group-5/Dockerfile +++ b/registration-processor/stage-groups/registration-processor-stage-group-5/Dockerfile @@ -12,46 +12,23 @@ LABEL build_time=${BUILD_TIME} #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url - -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime and artifactory url, at docker runtime, respectively. ENV active_profile_env=${active_profile} - -# environment variable to configuration server url to pickup configuration from, at docker runtime -ENV spring_config_url_env=${spring_config_url} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 #ARG bio_sdk_folder=mock/0.9 @@ -64,14 +41,6 @@ ENV biosdk_local_dir_name=${biosdk_local_dir} #ENV bio_sdk_folder_env=${bio_sdk_folder} ENV biosdk_zip_file_path=${biosdk_zip_path} -# install packages and create user -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo \ -&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${biosdk_local_dir}/install.sh" >> /etc/sudoers - # set working directory for the user WORKDIR /home/${container_user} @@ -79,13 +48,10 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. # /home/logs - ARG stage_group_name=registration-processor-stage-group-5 ENV group_name=${stage_group_name} @@ -94,10 +60,16 @@ ADD ./target/${group_name}-*.jar ${group_name}.jar ADD configure_start.sh configure_start.sh -RUN chmod +x configure_start.sh - -# change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +## install packages, create user and change permissions of file inside working dir +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${biosdk_local_dir}/install.sh" >> /etc/sudoers \ +&& mkdir -p ${loader_path} \ +&& chmod +x configure_start.sh \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/stage-groups/registration-processor-stage-group-6/Dockerfile b/registration-processor/stage-groups/registration-processor-stage-group-6/Dockerfile index 0e01e51babf..f7e86d78b21 100644 --- a/registration-processor/stage-groups/registration-processor-stage-group-6/Dockerfile +++ b/registration-processor/stage-groups/registration-processor-stage-group-6/Dockerfile @@ -11,56 +11,26 @@ LABEL build_time=${BUILD_TIME} #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime and artifactory url, at docker runtime respectively. ENV active_profile_env=${active_profile} - -# environment variable to configuration server url to pickup configuration from, at docker runtime -ENV spring_config_url_env=${spring_config_url} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} -# install packages and create user -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo - # set working directory for the user WORKDIR /home/${container_user} @@ -68,8 +38,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} ARG regproc_jars @@ -83,8 +51,15 @@ ENV group_name=registration-processor-stage-group-6 ADD ./target/${group_name}-*.jar ${group_name}.jar -# change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +## install packages, create user and change permissions of file inside working dir + +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/stage-groups/registration-processor-stage-group-7/Dockerfile b/registration-processor/stage-groups/registration-processor-stage-group-7/Dockerfile index 643b37764f5..23c0f804938 100644 --- a/registration-processor/stage-groups/registration-processor-stage-group-7/Dockerfile +++ b/registration-processor/stage-groups/registration-processor-stage-group-7/Dockerfile @@ -12,34 +12,18 @@ LABEL build_time=${BUILD_TIME} #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime | artifactory url, at docker runtime and iam_adapter url, at docker runtime, respectively. ENV active_profile_env=${active_profile} - -# environment variable to configuration server url to pickup configuration from, at docker runtime -ENV spring_config_url_env=${spring_config_url} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} # change volume to whichever storage directory you want to use for this container. @@ -49,22 +33,10 @@ ENV group_name=registration-processor-stage-group-7 # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo - # set working directory for the user WORKDIR /home/${container_user} @@ -72,14 +44,18 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} ADD ./target/${group_name}-*.jar ${group_name}.jar # change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid} diff --git a/registration-processor/workflow-engine/registration-processor-reprocessor/Dockerfile b/registration-processor/workflow-engine/registration-processor-reprocessor/Dockerfile index 2585338e371..33d5b8185dd 100644 --- a/registration-processor/workflow-engine/registration-processor-reprocessor/Dockerfile +++ b/registration-processor/workflow-engine/registration-processor-reprocessor/Dockerfile @@ -3,57 +3,27 @@ FROM openjdk:11 #Uncomment below and Comment above line(i.e. FROM openjdk:8) for OS specific (e.g. Alpine OS ) docker base image #FROM openjdk:8-jdk-alpine -# can be passed during Docker build as build time environment for github branch to pickup configuration from. -ARG spring_config_label - -# can be passed during Docker build as build time environment for spring profiles active +# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot and artifactory URL respectively . +ARG spring_config_label ARG active_profile - -# can be passed during Docker build as build time environment for config server URL -ARG spring_config_url - -# can be passed during Docker build as build time environment for glowroot +ARG spring_config_url ARG is_glowroot - -# can be passed during Docker build as build time environment for artifactory URL ARG artifactory_url -# environment variable to pass active profile such as DEV, QA etc at docker runtime +# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | glowroot, at docker runtime | artifactory url, at docker runtime and iam_adapter url, at docker runtime, respectively. ENV active_profile_env=${active_profile} - -# environment variable to pass github branch to pickup configuration from, at docker runtime -ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass github branch to pickup configuration from, at docker runtime ENV spring_config_label_env=${spring_config_label} - -# environment variable to pass glowroot, at docker runtime +ENV spring_config_url_env=${spring_config_url} ENV is_glowroot_env=${is_glowroot} - -# environment variable to pass artifactory url, at docker runtime ENV artifactory_url_env=${artifactory_url} - -# environment variable to pass iam_adapter url, at docker runtime ENV iam_adapter_url_env=${iam_adapter_url} # can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_group=mosip - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_uid=1001 - -# can be passed during Docker build as build time environment for github branch to pickup configuration from. ARG container_user_gid=1001 -RUN apt-get -y update \ -&& apt-get install -y unzip sudo \ -&& groupadd -g ${container_user_gid} ${container_user_group} \ -&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ -&& adduser ${container_user} sudo - # set working directory for the user WORKDIR /home/${container_user} @@ -61,8 +31,6 @@ ENV work_dir=/home/${container_user} ARG loader_path=${work_dir}/additional_jars/ -RUN mkdir -p ${loader_path} - ENV loader_path_env=${loader_path} # change volume to whichever storage directory you want to use for this container. @@ -73,7 +41,14 @@ ADD ./target/registration-processor-reprocessor-*.jar registration-processor-rep #Below 4 lines is added only as a temporary fix to downloaded the ceylon dependencies for chime scheduler #later this chime to be replaced with something else # change permissions of file inside working dir -RUN chown -R ${container_user}:${container_user} /home/${container_user} + +RUN apt-get -y update \ +&& apt-get install -y unzip sudo \ +&& groupadd -g ${container_user_gid} ${container_user_group} \ +&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \ +&& adduser ${container_user} sudo \ +&& mkdir -p ${loader_path} \ +&& chown -R ${container_user}:${container_user} /home/${container_user} # select container user for all tasks USER ${container_user_uid}:${container_user_gid}