Allow container to run as unprivileged user 36/3836/1
authorAndrew Gauld <agauld@att.com>
Mon, 25 Feb 2019 15:17:54 +0000 (15:17 +0000)
committerAndrew Gauld <agauld@att.com>
Mon, 25 Feb 2019 15:19:39 +0000 (15:19 +0000)
Add docker run commands to create world-writable logs subdirectory

Change-Id: I613ce080a23d1c9e2caec4764afcc36ecf77cd44
IssueID: ACUMOS-2551
Signed-off-by: Andrew Gauld <agauld@att.com>
docs/release-notes.rst
gateway/pom.xml

index 46254a5..57f879d 100644 (file)
@@ -23,11 +23,12 @@ Federation Gateway Release Notes
 This server is available as a Docker image in a Docker registry at the Linux Foundation.
 The image name is "federation-gateway" and the tag is a version string as shown below. 
 
-Version 2.0.1, 2019-02-22
+Version 2.0.1, 2019-02-25
 -------------------------
 
 * Add catalogId field in solution search selector (`ACUMOS-2285 <https://jira.acumos.org/browse/ACUMOS-2285>`_)
 * Normalize configured Nexus URL to have exactly one trailing slash (`ACUMOS-2554 <https://jira.acumos.org/browse/ACUMOS-2554>`_)
+* Allow server to run as unprivileged user (`ACUMOS-2551 <https://jira.acumos.org/browse/ACUMOS-2551>`_)
 
 Version 2.0.0, 2019-02-20
 -------------------------
index 0d929f7..97635ab 100644 (file)
@@ -1,5 +1,5 @@
 <?xml version="1.0"?>
-       <!--
+       <!--<![CDATA[
        ===============LICENSE_START=======================================================
        Acumos
        ===================================================================================
@@ -17,7 +17,7 @@
        See the License for the specific language governing permissions and
        limitations under the License.
        ===============LICENSE_END=========================================================
-       -->
+       ]]>-->
 <project
        xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd"
        xmlns="http://maven.apache.org/POM/4.0.0"
                                                                                </files>
                                                                        </inline>
                                                                </assembly>
+                                                               <runCmds>
+                                                                       <!-- Ensure logs dir exists and is world writable -->
+                                                                       <runCmd>mkdir /maven/logs</runCmd>
+                                                                       <runCmd>chmod -R 777 /maven</runCmd>
+                                                               </runCmds>
                                                                <!-- This is the same CMD used in a Dockerfile -->
                                                                <cmd>
                                                                        <!-- CDATA prevents Eclipse formatter from breaking line -->
                                                                                </fileSets>
                                                                        </inline>
                                                                </assembly>
+                                                               <runCmds>
+                                                                       <!-- Ensure logs dir exists and is world writable -->
+                                                                       <runCmd>mkdir /maven/logs</runCmd>
+                                                                       <runCmd>chmod -R 777 /maven</runCmd>
+                                                               </runCmds>
                                                                <cmd>
                                                                        <!-- CDATA prevents Eclipse formatter from breaking line -->
                                                                        <shell><![CDATA[cd /maven; java -Xms256m -Xmx2g -cp ${project.artifactId}-${project.version}.${project.packaging}.original:${project.artifactId}-${project.version}-tests.${project.packaging}:/libs/* -Djava.security.egd=file:/dev/./urandom org.springframework.boot.loader.PropertiesLauncher]]></shell>