diff --git a/CHANGELOG.md b/CHANGELOG.md index 73e1f30..3cc9563 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -7,6 +7,15 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ## [Unreleased] NA +## [2.0.6] - 2023-05-08 + +### Changed +- Specified USER in Dockerfile using IDs instead of name +- Specify runAsUser for deployment + +### Removed +- Remove ingress controller sepecific annnotations from default config + ## [2.0.5] - 2023-05-02 ### Changed diff --git a/Dockerfile b/Dockerfile index 71644b6..091421f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,11 +17,25 @@ COPY --from=build ${DEPENDENCY}/BOOT-INF/lib /app/lib COPY --from=build ${DEPENDENCY}/META-INF /app/META-INF COPY --from=build ${DEPENDENCY}/BOOT-INF/classes /app -RUN adduser -DH drs && addgroup drs drs -USER drs +ENV USER=drsuser +ENV UID=1000 +ENV GID=1000 + +RUN addgroup --gid $GID $USER + +RUN adduser \ + --disabled-password \ + --gecos "" \ + --home "$(pwd)" \ + --ingroup "$USER" \ + --no-create-home \ + --uid "$UID" \ + "$USER" + +USER drsuser ENTRYPOINT ["java", "-cp", "app:app/lib/*", "org.eclipse.tractusx.dapsreg.DapsregApplication"] EXPOSE 8080 -HEALTHCHECK CMD curl --fail http://localhost:8080 || exit 1 +HEALTHCHECK CMD curl --fail http://localhost:8080 || exit 1 diff --git a/README.md b/README.md index f479b1f..16c07a5 100644 --- a/README.md +++ b/README.md @@ -10,8 +10,8 @@ of the DAPS are not disclosed to the requester. ### Software Version ```shell -Helm version is v2.0.5 -Application version is v2.0.5 +Helm version is v2.0.6 +Application version is v2.0.6 ``` # Solution Strategy diff --git a/charts/daps-reg-service/Chart.yaml b/charts/daps-reg-service/Chart.yaml index a257633..06edf6e 100644 --- a/charts/daps-reg-service/Chart.yaml +++ b/charts/daps-reg-service/Chart.yaml @@ -38,11 +38,11 @@ sources: # This is the chart version. This version number should be incremented each time you make changes # to the chart and its templates, including the app version. # Versions are expected to follow Semantic Versioning (https://semver.org/) -version: 2.0.5 +version: 2.0.6 # This is the version number of the application being deployed. This version number should be # incremented each time you make changes to the application. Versions are not expected to # follow Semantic Versioning. They should reflect the version the application is using. # It is recommended to use it with quotes. -appVersion: 2.0.5 +appVersion: 2.0.6 diff --git a/charts/daps-reg-service/README.md b/charts/daps-reg-service/README.md index b23a510..ab75b25 100644 --- a/charts/daps-reg-service/README.md +++ b/charts/daps-reg-service/README.md @@ -1,6 +1,6 @@ # daps-reg-service -![Version: 2.0.5](https://img.shields.io/badge/Version-2.0.5-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.5](https://img.shields.io/badge/AppVersion-2.0.5-informational?style=flat-square) +![Version: 2.0.6](https://img.shields.io/badge/Version-2.0.6-informational?style=flat-square) ![Type: application](https://img.shields.io/badge/Type-application-informational?style=flat-square) ![AppVersion: 2.0.6](https://img.shields.io/badge/AppVersion-2.0.6-informational?style=flat-square) Daps regisgter service is used to register the EDC connector into DAPS @@ -28,8 +28,7 @@ Daps regisgter service is used to register the EDC connector into DAPS | image.repository | string | `"ghcr.io/catenax-ng/tx-daps-registration-service/dapsreg"` | Image to use for deploying an application | | image.tag | string | `""` | Image tage is defined in chart appVersion. | | imagePullSecrets | list | `[]` | | -| ingress.annotations."cert-manager.io/cluster-issuer" | string | `"letsencrypt-prod"` | | -| ingress.annotations."nginx.ingress.kubernetes.io/use-regex" | string | `"true"` | | +| ingress.annotations | string | `nil` | | | ingress.className | string | `""` | a reference to an Ingress Class resource that contains additional configuration including the name of the controller that should implement the class. | | ingress.enabled | bool | `false` | If you want to enable or disable the ingress | | ingress.hosts[0] | object | `{"host":"","paths":[{"path":"/","pathType":"ImplementationSpecific"}]}` | Host of the application on which application runs | @@ -48,6 +47,7 @@ Daps regisgter service is used to register the EDC connector into DAPS | resources.requests.memory | string | `"300Mi"` | | | securityContext.allowPrivilegeEscalation | bool | `false` | Controls whether a process can gain more privileges | | securityContext.capabilities.drop[0] | string | `"ALL"` | | +| securityContext.runAsUser | int | `1000` | | | service.port | int | `80` | Port details for sevice | | service.targetPort | int | `8080` | Container Port details for sevice | | service.type | string | `"ClusterIP"` | Type of service | diff --git a/charts/daps-reg-service/values.yaml b/charts/daps-reg-service/values.yaml index a50adee..a61bde2 100644 --- a/charts/daps-reg-service/values.yaml +++ b/charts/daps-reg-service/values.yaml @@ -60,7 +60,7 @@ securityContext: - ALL # readOnlyRootFilesystem: true # runAsNonRoot: true - # runAsUser: 1000 + runAsUser: 1000 service: # -- Type of service @@ -77,8 +77,8 @@ ingress: className: "" annotations: #kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/use-regex: "true" - cert-manager.io/cluster-issuer: "letsencrypt-prod" + #nginx.ingress.kubernetes.io/use-regex: "true" + #cert-manager.io/cluster-issuer: "letsencrypt-prod" hosts: # -- Host of the application on which application runs - host: "" diff --git a/pom.xml b/pom.xml index 23f681e..cb7ab75 100644 --- a/pom.xml +++ b/pom.xml @@ -10,7 +10,7 @@ org.eclipse.tractusx dapsreg - 2.0.5 + 2.0.6 dapsreg client registration to the DAPS