CipherLabs
/
besu
mirror of https://github.com/hyperledger/besu
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

setting up the besu user:group for the docker container and following best security practices (#1093)

Browse Source 
Signed-off-by: Joshua Fernandes <joshua.fernandes@consensys.net>
pull/1097/head
Joshua Fernandes 4 years ago committed by GitHub
parent 5d9160a018
commit 8c9eb4348e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 13 additions and 8 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 9
      docker/Dockerfile
  2. 12
      docker/tests/01/goss.yaml

9
docker/Dockerfile
Unescape View File

@ -1,9 +1,14 @@
FROM openjdk:11.0.2-jre-slim-stretch FROM openjdk:11.0.7-jre-slim-buster
COPY besu /opt/besu/ RUN adduser --disabled-password --gecos "" --home /opt/besu besu && \
chown besu:besu /opt/besu
USER besu
WORKDIR /opt/besu WORKDIR /opt/besu
COPY --chown=besu:besu besu /opt/besu/
# Expose services ports # Expose services ports
# 8545 HTTP JSON-RPC # 8545 HTTP JSON-RPC
# 8546 WS JSON-RPC # 8546 WS JSON-RPC

12
docker/tests/01/goss.yaml
Unescape View File

@ -4,22 +4,22 @@ file:
/opt/besu/bin/besu: /opt/besu/bin/besu:
exists: true exists: true
mode: "0755" mode: "0755"
owner: root owner: besu
group: root group: besu
filetype: file filetype: file
contains: [] contains: []
/opt/besu/database: /opt/besu/database:
exists: true exists: true
mode: "0755" mode: "0755"
owner: root owner: besu
group: root group: besu
filetype: directory filetype: directory
contains: [] contains: []
/opt/besu/key: /opt/besu/key:
exists: true exists: true
mode: "0600" mode: "0600"
owner: root owner: besu
group: root group: besu
filetype: file filetype: file
contains: [] contains: []
process: process:

Write Preview
Loading…
Cancel
Save