diff options
author | Cédric Ollivier <cedric.ollivier@orange.com> | 2022-04-12 11:11:03 +0200 |
---|---|---|
committer | Cédric Ollivier <cedric.ollivier@orange.com> | 2022-04-14 17:13:44 +0200 |
commit | d941d9be879512cbb6be3e0d98642f876bab1269 (patch) | |
tree | 45e2b3436a7c86e99083c88c752fd2c4e1854bbb /docker/core | |
parent | 2ee3d64d2d92e6f9a04c8043aa1ac3210941857f (diff) |
Define xtesting user to harden security
It applies security guidelines even if everybody was already
free to harden his own containers via the python package.
Change-Id: Ia9936d158c02b4e5c86386cb046ff7e35af07f03
Signed-off-by: Cédric Ollivier <cedric.ollivier@orange.com>
Diffstat (limited to 'docker/core')
-rw-r--r-- | docker/core/Dockerfile | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/docker/core/Dockerfile b/docker/core/Dockerfile index c91c636e..668561f1 100644 --- a/docker/core/Dockerfile +++ b/docker/core/Dockerfile @@ -24,6 +24,9 @@ RUN apk -U upgrade && \ -chttps://git.opnfv.org/functest-xtesting/plain/upper-constraints.txt?h=$BRANCH \ /src/functest-xtesting && \ rm -r /src/functest-xtesting upper-constraints.txt && \ + addgroup -g 1000 xtesting && adduser -u 1000 -G xtesting -D xtesting && \ + mkdir -p /var/lib/xtesting/results && chown -R xtesting: /var/lib/xtesting && \ apk del .build-deps COPY testcases.yaml /usr/lib/python3.9/site-packages/xtesting/ci/testcases.yaml +USER xtesting CMD ["run_tests", "-t", "all"] |