[jena] branch main updated: [GH-1889] Use arguments for uid and gid, add group and user, re-work order of commands to make dirs and change ownership

[kinow]

This is an automated email from the ASF dual-hosted git repository.

kinow pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/jena.git


The following commit(s) were added to refs/heads/main by this push:
     new 26153afe9a [GH-1889] Use arguments for uid and gid, add group and 
user, re-work order of commands to make dirs and change ownership
26153afe9a is described below

commit 26153afe9a229bb7a609d5406d899eb240ab385e
Author: Bruno P. Kinoshita <ki...@users.noreply.github.com>
AuthorDate: Tue May 30 20:39:28 2023 +0200

    [GH-1889] Use arguments for uid and gid, add group and user, re-work order 
of commands to make dirs and change ownership
---
 jena-fuseki2/jena-fuseki-docker/Dockerfile | 30 ++++++++++++++++++------------
 1 file changed, 18 insertions(+), 12 deletions(-)

diff --git a/jena-fuseki2/jena-fuseki-docker/Dockerfile 
b/jena-fuseki2/jena-fuseki-docker/Dockerfile
index 9f9828c382..f947fc459c 100644
--- a/jena-fuseki2/jena-fuseki-docker/Dockerfile
+++ b/jena-fuseki2/jena-fuseki-docker/Dockerfile
@@ -6,7 +6,7 @@
 ## the License.  You may obtain a copy of the License at
 ##
 ##     http://www.apache.org/licenses/LICENSE-2.0
-## 
+##
 ## Unless required by applicable law or agreed to in writing, software
 ## distributed under the License is distributed on an "AS IS" BASIS,
 ## WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
@@ -72,12 +72,6 @@ RUN \
 ADD entrypoint.sh .
 ADD log4j2.properties .
 
-# Run as this user
-# -H : no home directorry
-# -D : no password
-
-RUN adduser -H -D fuseki fuseki
-
 ## ---- Stage: Build runtime
 FROM alpine:${ALPINE_VERSION}
 
@@ -89,18 +83,32 @@ ARG FUSEKI_JAR
 
 COPY --from=base /opt/java-minimal /opt/java-minimal
 COPY --from=base /fuseki /fuseki
-COPY --from=base /etc/passwd /etc/passwd
 
 WORKDIR $FUSEKI_DIR
 
 ARG LOGS=${FUSEKI_DIR}/logs
 ARG DATA=${FUSEKI_DIR}/databases
 
+ARG JENA_USER=fuseki
+ARG JENA_GROUP=$JENA_USER
+ARG JENA_GID=1000
+ARG JENA_UID=1000
+
+# Run as this user
+# -H : no home directory
+# -D : no password
+RUN addgroup -g "${JENA_GID}" "${JENA_GROUP}" && \
+    adduser "${JENA_USER}" -G "${JENA_GROUP}" -s /bin/ash -u "${JENA_UID}" -H 
-D
+
+RUN mkdir --parents "${FUSEKI_DIR}" && \
+    chown -R $JENA_USER ${FUSEKI_DIR}
+
+USER $JENA_USER
+
 RUN \
     mkdir -p $LOGS && \
     mkdir -p $DATA && \
-    chown -R fuseki ${FUSEKI_DIR} && \
-    chmod a+x entrypoint.sh 
+    chmod a+x entrypoint.sh
 
 ## Default environment variables.
 ENV \
@@ -110,8 +118,6 @@ ENV \
     FUSEKI_JAR="${FUSEKI_JAR}"          \
     FUSEKI_DIR="${FUSEKI_DIR}"
 
-USER fuseki
-
 EXPOSE 3030
 
 ENTRYPOINT ["./entrypoint.sh" ]