Permalink
Browse files

[IT-2464] docker: Allow user independent usage

Systems like OpenShift do not gurantee that a image is actually run with the user specified in it.
This caused problems as the image relied on using the $HOME variable and being user 'osm' with specific rights.

Now the user only needs to be in the user group and the rest works with arbitrary users.
  • Loading branch information...
sburnicki committed Sep 18, 2018
1 parent 6ab80e9 commit 83f57931868ab5ccdfb4a711567274f904af14b7
Showing with 7 additions and 7 deletions.
  1. +6 −6 Dockerfile
  2. +1 −1 docker/entrypoint.sh
@@ -1,9 +1,7 @@
FROM java:openjdk-8
MAINTAINER nils.kuhn@iteratec.de, birger.kamp@iteratec.de
#ENV OSM_VERSION 3.4.8-build293
ENV OSM_HOME /osm
ENV OSM_CONFIG_HOME /home/osm/.grails
ENV OSM_CONFIG_HOME /osm/config
ENV JAVA_OPTS "-server -Dgrails.env=prod -Dfile.encoding=UTF-8"
ENV DOCKERIZE_VERSION v0.3.0
@@ -16,7 +14,10 @@ RUN wget https://github.com/jwilder/dockerize/releases/download/$DOCKERIZE_VERSI
rm dockerize-linux-amd64-$DOCKERIZE_VERSION.tar.gz
# get osm-sources and build war-file
RUN mkdir -p $OSM_HOME $OSM_HOME/logs $OSM_CONFIG_HOME
RUN mkdir -p $OSM_HOME $OSM_HOME/logs $OSM_CONFIG_HOME && \
chmod -R 775 $OSM_HOME $OSM_CONFIG_HOME && \
chown -R osm:100 $OSM_HOME $OSM_CONFIG_HOME
WORKDIR $OSM_HOME
ADD ./build/libs/OpenSpeedMonitor*.war $OSM_HOME/
@@ -25,8 +26,7 @@ ADD docker/templates/osm-config.yml.j2 $OSM_CONFIG_HOME/OpenSpeedMonitor-config.
# add entrypoint script
ADD docker/entrypoint.sh /entrypoint.sh
RUN chmod +x /entrypoint.sh && \
chown osm:osm -R $OSM_HOME $OSM_CONFIG_HOME
RUN chmod 775 /entrypoint.sh
USER osm
EXPOSE 8080
@@ -7,4 +7,4 @@ echo "complete osm config file gets prepared"
dockerize -template $OSM_CONFIG_TARGET_LOCATION.j2:$OSM_CONFIG_TARGET_LOCATION
# start tomcat
java -Dgrails.env=prod -jar $OSM_HOME/OpenSpeedMonitor*.war
java -Dgrails.env=prod -Dosm_config_location=${OSM_CONFIG_TARGET_LOCATION} -jar $OSM_HOME/OpenSpeedMonitor*.war

0 comments on commit 83f5793

Please sign in to comment.