Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

non-root image for resource server + change docker-compose file for temp storage + make apiserver port configurable #204

Merged
merged 6 commits into from
Mar 21, 2022
Merged

non-root image for resource server + change docker-compose file for temp storage + make apiserver port configurable #204

merged 6 commits into from
Mar 21, 2022

Conversation

hackcoderr
Copy link

@hackcoderr hackcoderr commented Mar 9, 2022
edited
Loading

@abhi270595

  • Reduced the size of the image in comparison to the previous image.
  • Created non-root image, having username rs-user with uid 1001.

test:

  1. checked docker top <container-name> and the uid of process is 1001
hackcoderr@master-node:~/iudx$ docker top iudx-resource-server_prod_1
UID                 PID                 PPID                C                   STIME               TTY                 TIME                CMD
1001                5424                5392                67                  17:17               ?                   00:00:27            java -Xmx4096m -Dvertx.logger-delegate-factory-class-name=io.vertx.core.logging.Log4j2LogDelegateFactory -jar ./fatjar.jar --host 506f7a5912e7 -c configs/config.json
  1. After exec into
    i> checked the user, using id command - it has uid 1001.
hackcoderr@master-node:~/iudx/iudx-resource-server$ docker exec  -it iudx-resource-server_prod_1 bash
rs-user@12e566682cf5:/usr/share/app$ id
uid=1001(rs-user) gid=0(root) groups=0(root)

ii) tried to remove fatjar - it's not be able to remove the jar.

rs-user@12e566682cf5:/usr/share/app$ ls
configs  docs  fatjar.jar
rs-user@12e566682cf5:/usr/share/app$ rm -f fatjar.jar 
rm: cannot remove 'fatjar.jar': Permission denied

Any changes are required, plz let me know.

@jenkins-datakaveri
Copy link
Collaborator

Can one of the admins verify this patch?

@abhi4578
Merge branch 'master' of github.com:datakaveri/iudx-resource-server i…
36eae31 
…nto non-root-img
@abhi4578
changing docker files to include temp storage
a6061e6
@abhi4578
"httpPort" configurable option, defaults 8080,8443
1baed0e 
- added configurable httpport. This is optional, if not defined defaults are used.
- keystore option is optional in apiserver. Needed only when ssl is enabled on vertx server.
- remove "production" option in apiserver config
  - option limits flexibility and instead having configurable port with
defaults make sense. Default http port is 8080 and when ssl is enabled its 8443.
  - also ambiguous of what it means unless one sees the code
@abhi4578
Copy link
Contributor

ok to test

@abhi4578
Copy link
Contributor

restest this please

@datakaveri datakaveri deleted a comment from jenkins-datakaveri Mar 18, 2022
@abhi4578
Copy link
Contributor

retest this please.

@abhi4578 abhi4578 changed the title non-root image for resource server. non-root image for resource server + change docker-compose file for temp storage + make apiserver port configurable Mar 18, 2022
karun-singh
karun-singh approved these changes Mar 18, 2022
View reviewed changes
Copy link
Collaborator

@karun-singh karun-singh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@abhi4578 abhi4578 requested a review from kailash March 21, 2022 09:07
@abhi4578 abhi4578 merged commit c340010 into datakaveri:master Mar 21, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@karun-singh karun-singh karun-singh approved these changes

@kailash kailash Awaiting requested review from kailash

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@hackcoderr @jenkins-datakaveri @abhi4578 @karun-singh