[MOSIP-31575] Updated docker file.

.github/workflows/push-trigger.yml

@@ -103,4 +103,4 @@ jobs:
       DEV_NAMESPACE_DOCKER_HUB: ${{ secrets.DEV_NAMESPACE_DOCKER_HUB }}
       ACTOR_DOCKER_HUB: ${{ secrets.ACTOR_DOCKER_HUB }}
       RELEASE_DOCKER_HUB: ${{ secrets.RELEASE_DOCKER_HUB }}
-      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}

mock-identity-system/Dockerfile

@@ -9,85 +9,53 @@ LABEL commit_hash=${COMMIT_HASH}
 LABEL commit_id=${COMMIT_ID}
 LABEL build_time=${BUILD_TIME}
 
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
+# can be passed during Docker build as build time environment for github branch to pickup configuration from | spring profiles active | config server URL | glowroot | artifactory URL and hsm client zip file
 ARG spring_config_label
-
-# can be passed during Docker build as build time environment for spring profiles active
 ARG active_profile
-
-# can be passed during Docker build as build time environment for config server URL
 ARG spring_config_url
-
-# can be passed during Docker build as build time environment for glowroot
 ARG is_glowroot
-
-# can be passed during Docker build as build time environment for artifactory URL
 ARG artifactory_url
-
-# can be passed during Docker build as build time environment for hsm client zip file path
 ARG hsm_client_zip_path
 
-# environment variable to pass active profile such as DEV, QA etc at docker runtime
+# environment variable to pass active profile such as DEV, QA etc at docker runtime | github branch to pickup configuration from, at docker runtime | spring configuration url, at docker runtime | artifactory url, at docker runtime | esignet_wrapper url(may be zip or jar), at docker runtime and hsm client zip file path, at docker runtime respectively .
 ENV active_profile_env=${active_profile}
-
-# environment variable to pass github branch to pickup configuration from, at docker runtime
 ENV spring_config_label_env=${spring_config_label}
-
-# environment variable to pass spring configuration url, at docker runtime
 ENV spring_config_url_env=${spring_config_url}
-
-# environment variable to pass glowroot, at docker runtime
 ENV is_glowroot_env=${is_glowroot}
-
-# environment variable to pass artifactory url, at docker runtime
 ENV artifactory_url_env=${artifactory_url}
-
-# environment variable to pass hsm client zip file path, at docker runtime
 ENV hsm_zip_file_path=${hsm_client_zip_path}
+ENV hsm_local_dir_name=${hsm_local_dir}
 
 # can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_group=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_uid=1001
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_gid=1001
-
 ARG hsm_local_dir=hsm-client
 
-ENV hsm_local_dir_name=${hsm_local_dir}
-
-# install packages and create user
-RUN apt-get -y update \
-&& apt-get install -y unzip file sudo \
-&& groupadd -g ${container_user_gid} ${container_user_group} \
-&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \
-&& adduser ${container_user} sudo \
-&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${hsm_local_dir}/install.sh" >> /etc/sudoers
-
 # set working directory for the user
 WORKDIR /home/${container_user}
 
 ENV work_dir=/home/${container_user}
 
 ARG loader_path=${work_dir}/additional_jars/
 
-RUN mkdir -p ${loader_path}
-
 ENV loader_path_env=${loader_path}
 
 ADD configure_start.sh configure_start.sh
 
-RUN chmod +x configure_start.sh
-
 ADD target/mock-identity-system-*.jar  mock-identity-system.jar
 
-# change permissions of file inside working dir
-RUN chown -R ${container_user}:${container_user} /home/${container_user}
+## install packages, create user and change permissions of file inside working dir
+RUN apt-get -y update \
+&& apt-get install -y unzip file sudo \
+&& groupadd -g ${container_user_gid} ${container_user_group} \
+&& useradd -u ${container_user_uid} -g ${container_user_group} -s /bin/sh -m ${container_user} \
+&& adduser ${container_user} sudo \
+&& echo "%sudo ALL=(ALL) NOPASSWD:/home/${container_user}/${hsm_local_dir}/install.sh" >> /etc/sudoers \
+&& mkdir -p ${loader_path} \
+&& chmod +x configure_start.sh \
+&& chown -R ${container_user}:${container_user} /home/${container_user}
 
 # select container user for all tasks
 USER ${container_user_uid}:${container_user_gid}

mock-relying-party-service/Dockerfile

@@ -11,14 +11,8 @@ LABEL build_time=${BUILD_TIME}
 
 # can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_group=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_uid=1001
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_gid=1001
 
 ARG esignet_service_url
@@ -29,27 +23,34 @@ ARG jwe_userinfo_private_key
 
 ENV work_dir=/app
 
-WORKDIR ${work_dir}
+WORKDIR /home/${container_user}
 
 RUN addgroup -g ${container_user_gid} ${container_user} && \
     adduser ${container_user} -G ${container_user} -u ${container_user_uid} --disabled-password
 
-#Copy the app
-COPY . ./
+# Create the work directory
+RUN mkdir -p ${work_dir}
+
+# Copy the app
+COPY . ${work_dir}/
+WORKDIR ${work_dir}
+
 ENV PORT=8888
 ENV ESIGNET_SERVICE_URL=${esignet_service_url}
 ENV ESIGNET_AUD_URL=${esignet_aud_url}
 ENV CLIENT_PRIVATE_KEY=${client_private_key}
 ENV USERINFO_RESPONSE_TYPE=${userinfo_response_type}
 ENV JWE_USERINFO_PRIVATE_KEY=${jwe_userinfo_private_key}
 
-# change permissions of file inside working dir
-RUN chown -R ${container_user}:${container_user} ${work_dir}
+# Change permissions of files inside working directory
+RUN chown -R ${container_user}:${container_user} /home/${container_user} ${work_dir}
 
-# select container user for all tasks
+# Select container user for all tasks
 USER ${container_user}
 
+USER ${container_user_uid}:${container_user_gid}
+
 EXPOSE ${PORT}
 
 RUN npm install
-CMD ["node", "./app.js"]
+CMD ["node", "./app.js"]

mock-relying-party-ui/Dockerfile

@@ -64,14 +64,8 @@ LABEL build_time=${BUILD_TIME}
 
 # can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_group=mosip
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_uid=1001
-
-# can be passed during Docker build as build time environment for github branch to pickup configuration from.
 ARG container_user_gid=1001
 
 # can be passed during Docker build as build time environment for artifactory URL
@@ -99,10 +93,6 @@ RUN apt-get -y update \
 
 ADD configure_start.sh configure_start.sh
 
-RUN chmod +x configure_start.sh
-
-RUN chown ${container_user}:${container_user} configure_start.sh
-
 COPY ./nginx/nginx.conf /etc/nginx/nginx.conf
 
 COPY --from=build /app/build ${work_dir}
@@ -123,11 +113,10 @@ RUN echo "ESIGNET_UI_BASE_URL=$ESIGNET_UI_BASE_URL" >> ${work_dir}/env.env \
     && echo "CLAIMS_USER_PROFILE=$CLAIMS_USER_PROFILE" >> ${work_dir}/env.env \
     && echo "CLAIMS_REGISTRATION=$CLAIMS_REGISTRATION" >> ${work_dir}/env.env \
     && echo "DEFAULT_LANG=$DEFAULT_LANG" >> ${work_dir}/env.env \
-    && echo "FALLBACK_LANG=$FALLBACK_LANG" >> ${work_dir}/env.env
-
-
-# change permissions of file inside working dir
-RUN chown -R ${container_user}:${container_user} ${work_dir}
+    && echo "FALLBACK_LANG=$FALLBACK_LANG" >> ${work_dir}/env.env \
+    && chmod +x configure_start.sh \
+    && chown ${container_user}:${container_user} configure_start.sh \
+    && chown -R ${container_user}:${container_user} /home/${container_user} ${work_dir}
 
 # select container user for all tasks
 USER ${container_user_uid}:${container_user_gid}
@@ -139,4 +128,4 @@ ENTRYPOINT [ "./configure_start.sh" ]
 # Start Nginx server
 CMD echo "starting nginx" ; \
     nginx ; \
-    sleep infinity
+    sleep infinity