[MOSIP-31575] Updated docker file.

.github/workflows/push-trigger.yml

@@ -103,4 +103,4 @@ jobs:
       DEV_NAMESPACE_DOCKER_HUB: ${{ secrets.DEV_NAMESPACE_DOCKER_HUB }}
       ACTOR_DOCKER_HUB: ${{ secrets.ACTOR_DOCKER_HUB }}
       RELEASE_DOCKER_HUB: ${{ secrets.RELEASE_DOCKER_HUB }}
-      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

mock-identity-system/Dockerfile

@@ -1,14 +1,5 @@
 FROM openjdk:11
 
-ARG SOURCE
-ARG COMMIT_HASH
-ARG COMMIT_ID
-ARG BUILD_TIME
-LABEL source=${SOURCE}
-LABEL commit_hash=${COMMIT_HASH}
-LABEL commit_id=${COMMIT_ID}
-LABEL build_time=${BUILD_TIME}
-
 # can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG spring_config_label
 
@@ -27,6 +18,19 @@ ARG artifactory_url
 # can be passed during Docker build as build time environment for hsm client zip file path
 ARG hsm_client_zip_path
 
+# can be passed during Docker build as build time environment for github branch to pickup configuration from.
+ARG container_user=mosip
+ARG container_user_group=mosip
+ARG container_user_uid=1001
+ARG container_user_gid=1001
+ARG hsm_local_dir=hsm-client
+
+# can be passed during Docker build as build time environment for label related addition to docker.
+ARG SOURCE
+ARG COMMIT_HASH
+ARG COMMIT_ID
+ARG BUILD_TIME
+
 # environment variable to pass active profile such as DEV, QA etc at docker runtime
 ENV active_profile_env=${active_profile}
 
@@ -45,29 +49,11 @@ ENV artifactory_url_env=${artifactory_url}
 # environment variable to pass hsm client zip file path, at docker runtime
 ENV hsm_zip_file_path=${hsm_client_zip_path}
 
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
-ARG container_user=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
-ARG container_user_group=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
-ARG container_user_uid=1001
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
-ARG container_user_gid=1001
-
-ARG hsm_local_dir=hsm-client
-
-ENV hsm_local_dir_name=${hsm_local_dir}
-
-# install packages and create user
-RUN apt-get -y update \
-&& apt-get install -y unzip file sudo \
-&& groupadd -g ${container_user_gid} ${container_user_group} \
-&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \
-&& adduser ${container_user} sudo \
-&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${hsm_local_dir}/install.sh" >> /etc/sudoers
+# can be passed during Docker build as build time environment for label.
+LABEL source=${SOURCE}
+LABEL commit_hash=${COMMIT_HASH}
+LABEL commit_id=${COMMIT_ID}
+LABEL build_time=${BUILD_TIME}
 
 # set working directory for the user
 WORKDIR /home/${container_user}
@@ -76,18 +62,22 @@ ENV work_dir=/home/${container_user}
 
 ARG loader_path=${work_dir}/additional_jars/
 
-RUN mkdir -p ${loader_path}
-
 ENV loader_path_env=${loader_path}
 
 ADD configure_start.sh configure_start.sh
 
-RUN chmod +x configure_start.sh
-
 ADD target/mock-identity-system-*.jar  mock-identity-system.jar
 
-# change permissions of file inside working dir
-RUN chown -R ${container_user}:${container_user} /home/${container_user}
+## install packages, create user and change permissions of file inside working dir
+RUN apt-get -y update \
+&& apt-get install -y unzip file sudo \
+&& groupadd -g ${container_user_gid} ${container_user_group} \
+&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \
+&& adduser ${container_user} sudo \
+&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${hsm_local_dir}/install.sh" >> /etc/sudoers \
+&& mkdir -p ${loader_path} \
+&& chmod +x configure_start.sh \
+&& chown -R ${container_user}:${container_user} /home/${container_user}
 
 # select container user for all tasks
 USER ${container_user_uid}:${container_user_gid}

mock-relying-party-service/Dockerfile

@@ -1,55 +1,55 @@
 FROM node:16.13.2-alpine as build
 
+# can be passed during Docker build as build time environment
+ARG esignet_service_url
+ARG esignet_aud_url
+ARG client_private_key
+ARG userinfo_response_type
+ARG jwe_userinfo_private_key
+
+# can be passed during Docker build as build time environment for github branch to pickup configuration from.
+ARG container_user=mosip
+ARG container_user_group=mosip
+ARG container_user_uid=1001
+ARG container_user_gid=1001
+
+# can be passed during Docker build as build time environment for label related addition to docker.
 ARG SOURCE
 ARG COMMIT_HASH
 ARG COMMIT_ID
 ARG BUILD_TIME
+
+# can be passed during Docker build as build time environment for label.
 LABEL source=${SOURCE}
 LABEL commit_hash=${COMMIT_HASH}
 LABEL commit_id=${COMMIT_ID}
 LABEL build_time=${BUILD_TIME}
 
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
-ARG container_user=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
-ARG container_user_group=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
-ARG container_user_uid=1001
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
-ARG container_user_gid=1001
-
-ARG esignet_service_url
-ARG esignet_aud_url
-ARG client_private_key
-ARG userinfo_response_type
-ARG jwe_userinfo_private_key
-
 ENV work_dir=/app
 
-WORKDIR ${work_dir}
+WORKDIR /home/${container_user}
 
-RUN addgroup -g ${container_user_gid} ${container_user} && \
-    adduser ${container_user} -G ${container_user} -u ${container_user_uid} --disabled-password
+# Copy the app
+COPY . ${work_dir}/
+WORKDIR ${work_dir}
 
-#Copy the app
-COPY . ./
 ENV PORT=8888
 ENV ESIGNET_SERVICE_URL=${esignet_service_url}
 ENV ESIGNET_AUD_URL=${esignet_aud_url}
 ENV CLIENT_PRIVATE_KEY=${client_private_key}
 ENV USERINFO_RESPONSE_TYPE=${userinfo_response_type}
 ENV JWE_USERINFO_PRIVATE_KEY=${jwe_userinfo_private_key}
 
-# change permissions of file inside working dir
-RUN chown -R ${container_user}:${container_user} ${work_dir}
+## Create the work directory and Change permissions of files inside working directory
+
+RUN addgroup -g ${container_user_gid} ${container_user} \
+&& adduser ${container_user} -G ${container_user} -u ${container_user_uid} --disabled-password \
+&& mkdir -p ${work_dir} \
+&& chown -R ${container_user}:${container_user} /home/${container_user} ${work_dir}
 
-# select container user for all tasks
-USER ${container_user}
+USER ${container_user_uid}:${container_user_gid}
 
 EXPOSE ${PORT}
 
 RUN npm install
-CMD ["node", "./app.js"]
+CMD ["node", "./app.js"]

mock-relying-party-ui/Dockerfile

@@ -53,29 +53,20 @@ EXPOSE 443
 
 FROM nginx
 
-ARG SOURCE
-ARG COMMIT_HASH
-ARG COMMIT_ID
-ARG BUILD_TIME
-LABEL source=${SOURCE}
-LABEL commit_hash=${COMMIT_HASH}
-LABEL commit_id=${COMMIT_ID}
-LABEL build_time=${BUILD_TIME}
+# can be passed during Docker build as build time environment for artifactory URL
+ARG artifactory_url
 
 # can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_group=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_uid=1001
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_gid=1001
 
-# can be passed during Docker build as build time environment for artifactory URL
-ARG artifactory_url
+# can be passed during Docker build as build time environment for label related addition to docker.
+ARG SOURCE
+ARG COMMIT_HASH
+ARG COMMIT_ID
+ARG BUILD_TIME
 
 # environment variable to pass artifactory url, at docker runtime
 ENV artifactory_url_env=${artifactory_url}
@@ -86,6 +77,12 @@ ENV work_dir=${nginx_dir}/html
 
 ENV i18n_path=${work_dir}/locales
 
+# can be passed during Docker build as build time environment for label.
+LABEL source=${SOURCE}
+LABEL commit_hash=${COMMIT_HASH}
+LABEL commit_id=${COMMIT_ID}
+LABEL build_time=${BUILD_TIME}
+
 # set working directory for the user
 WORKDIR /home/${container_user}
 
@@ -99,10 +96,6 @@ RUN apt-get -y update \
 
 ADD configure_start.sh configure_start.sh
 
-RUN chmod +x configure_start.sh
-
-RUN chown ${container_user}:${container_user} configure_start.sh
-
 COPY ./nginx/nginx.conf /etc/nginx/nginx.conf
 
 COPY --from=build /app/build ${work_dir}
@@ -123,11 +116,10 @@ RUN echo "ESIGNET_UI_BASE_URL=$ESIGNET_UI_BASE_URL" >> ${work_dir}/env.env \
     && echo "CLAIMS_USER_PROFILE=$CLAIMS_USER_PROFILE" >> ${work_dir}/env.env \
     && echo "CLAIMS_REGISTRATION=$CLAIMS_REGISTRATION" >> ${work_dir}/env.env \
     && echo "DEFAULT_LANG=$DEFAULT_LANG" >> ${work_dir}/env.env \
-    && echo "FALLBACK_LANG=$FALLBACK_LANG" >> ${work_dir}/env.env
-
-
-# change permissions of file inside working dir
-RUN chown -R ${container_user}:${container_user} ${work_dir}
+    && echo "FALLBACK_LANG=$FALLBACK_LANG" >> ${work_dir}/env.env \
+    && chmod +x configure_start.sh \
+    && chown ${container_user}:${container_user} configure_start.sh \
+    && chown -R ${container_user}:${container_user} /home/${container_user} ${work_dir}
 
 # select container user for all tasks
 USER ${container_user_uid}:${container_user_gid}
@@ -139,4 +131,4 @@ ENTRYPOINT [ "./configure_start.sh" ]
 # Start Nginx server
 CMD echo "starting nginx" ; \
     nginx ; \
-    sleep infinity
+    sleep infinity