Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DATAGO-59496: Make docker run for user without root access #108

Merged
merged 5 commits into from
Aug 2, 2023
Merged

DATAGO-59496: Make docker run for user without root access #108

merged 5 commits into from
Aug 2, 2023

Conversation

gregmeldrum
Copy link
Collaborator

@gregmeldrum gregmeldrum commented Aug 2, 2023
edited
Loading

What is the purpose of this change?

Two changes:

  1. Change docker base image to eclipse-terumin to be the same as the rest of the microservices (this addresses https://sol-jira.atlassian.net/browse/DATAGO-59217)
  2. Make the docker container run for users without root access in docker

How was this change implemented?

  1. The base image was updated in the buildEventManagementAgentDocker.sh script to manually set the base image to eclipse-terumin.
  2. The base image directory was removed since it's no longer used.
  3. The Docker uses /opt/ema as it's new working directory since it can be used by docker containers running without root access.

How was this change tested?

Docker container was manually built and testing in the following scenarios:

  1. Run a scan, connected to EP with docker running with root user
  2. Run a scan, connected to EP with docker running as non root user
  3. Run a scan and download, not connected to EP with docker running with root user
  4. Run a scan and download, not connected to EP with docker running as non root user

Is there anything the reviewers should focus on/be aware of?

No

@gregmeldrum gregmeldrum temporarily deployed to build_pr August 2, 2023 14:40 — with GitHub Actions Inactive
slunelsolace
slunelsolace reviewed Aug 2, 2023
View reviewed changes
service/application/src/main/resources/logback-spring.xml Outdated
@@ -35,7 +35,7 @@
</appender>
<appender name="StreamingAppender" class="com.solace.maas.ep.event.management.agent.logging.StreamingAppender"/>

<springProfile name="default,mysql,mysql-dev,DEV,TEST">
<springProfile name="default,mysql,mysql-dev,DEV,TEST,greg1,gameday">vi d
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@gregmeldrum Should these profiles be pushed to the main branch?

@gregmeldrum gregmeldrum temporarily deployed to build_pr August 2, 2023 15:45 — with GitHub Actions Inactive
@gregmeldrum gregmeldrum requested a review from AHabes August 2, 2023 15:46
@gregmeldrum gregmeldrum temporarily deployed to build_pr August 2, 2023 15:56 — with GitHub Actions Inactive
@sonarqube-solacecloud
Copy link

SonarQube Quality Gate

Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@gregmeldrum gregmeldrum merged commit d5253e2 into main Aug 2, 2023
6 checks passed
@gregmeldrum gregmeldrum deleted the DATAGO-59496-rootless-docker branch August 9, 2023 15:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@slunelsolace slunelsolace slunelsolace approved these changes

@AHabes AHabes Awaiting requested review from AHabes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@gregmeldrum @slunelsolace