diff --git a/make/photon/chartserver/Dockerfile b/make/photon/chartserver/Dockerfile index 59abb4a5a..cff20a753 100644 --- a/make/photon/chartserver/Dockerfile +++ b/make/photon/chartserver/Dockerfile @@ -9,7 +9,7 @@ COPY ./make/photon/chartserver/binary/chartm /home/chart/ COPY ./make/photon/chartserver/docker-entrypoint.sh /home/chart/ COPY ./make/photon/common/install_cert.sh /home/chart/ -RUN chmod -R 777 /etc/pki/tls/certs \ +RUN chown -R chart:chart /etc/pki/tls/certs \ && chown -R chart:chart /home/chart \ && chmod u+x /home/chart/chartm \ && chmod u+x /home/chart/docker-entrypoint.sh \ diff --git a/make/photon/clair/Dockerfile b/make/photon/clair/Dockerfile index 81b9026e2..de172c9e8 100644 --- a/make/photon/clair/Dockerfile +++ b/make/photon/clair/Dockerfile @@ -13,7 +13,7 @@ VOLUME /config EXPOSE 6060 6061 -RUN chmod -R 777 /etc/pki/tls/certs \ +RUN chown -R clair:clair /etc/pki/tls/certs \ && chown -R clair:clair /home/clair \ && chmod u+x /home/clair/clair \ && chmod u+x /home/clair/docker-entrypoint.sh \ diff --git a/make/photon/prepare/utils/configs.py b/make/photon/prepare/utils/configs.py index 26e4c3de7..2b8489afd 100644 --- a/make/photon/prepare/utils/configs.py +++ b/make/photon/prepare/utils/configs.py @@ -48,6 +48,8 @@ def validate(conf, **kwargs): raise Exception( "Error: redis_port in harbor.yml needs to point to the port of Redis server or cluster.") + # TODO: + # If user enable trust cert dir, need check if the files in this dir is readable. def parse_versions(): if not versions_file_path.is_file(): diff --git a/make/photon/registry/Dockerfile b/make/photon/registry/Dockerfile index dccf7db10..be95e1867 100644 --- a/make/photon/registry/Dockerfile +++ b/make/photon/registry/Dockerfile @@ -12,7 +12,7 @@ COPY ./make/photon/common/install_cert.sh /home/harbor COPY ./make/photon/registry/entrypoint.sh /home/harbor COPY ./make/photon/registry/binary/registry /usr/bin -RUN chmod -R 777 /etc/pki/tls/certs \ +RUN chown -R harbor:harbor /etc/pki/tls/certs \ && chown harbor:harbor /home/harbor/entrypoint.sh && chmod u+x /home/harbor/entrypoint.sh \ && chown harbor:harbor /home/harbor/install_cert.sh && chmod u+x /home/harbor/install_cert.sh \ && chown harbor:harbor /usr/bin/registry && chmod u+x /usr/bin/registry diff --git a/make/photon/registryctl/Dockerfile b/make/photon/registryctl/Dockerfile index ff6953dd2..90ad28b23 100644 --- a/make/photon/registryctl/Dockerfile +++ b/make/photon/registryctl/Dockerfile @@ -12,7 +12,7 @@ COPY ./make/photon/registry/binary/registry /usr/bin COPY ./make/photon/registryctl/start.sh /home/harbor COPY ./make/photon/registryctl/harbor_registryctl /home/harbor -RUN chmod -R 777 /etc/pki/tls/certs \ +RUN chown -R harbor:harbor /etc/pki/tls/certs \ && chown harbor:harbor /home/harbor/harbor_registryctl && chmod u+x /home/harbor/harbor_registryctl \ && chown harbor:harbor /usr/bin/registry && chmod u+x /usr/bin/registry \ && chown harbor:harbor /home/harbor/start.sh && chmod u+x /home/harbor/start.sh \