Added support for custom userid groupid file ownership (#39)

Author: ddsharpe

imagetool/src/main/java/com/oracle/weblogic/imagetool/cli/menu/CreateImage.java

@@ -21,7 +21,6 @@
 import java.util.logging.Logger;
 import java.util.stream.Collectors;
 
-import com.oracle.weblogic.imagetool.api.model.CachePolicy;
 import com.oracle.weblogic.imagetool.api.model.CommandResponse;
 import com.oracle.weblogic.imagetool.api.model.DomainType;
 import com.oracle.weblogic.imagetool.api.model.InstallerType;

imagetool/src/main/java/com/oracle/weblogic/imagetool/cli/menu/ImageOperation.java

@@ -13,6 +13,8 @@
 import java.util.List;
 import java.util.concurrent.Callable;
 import java.util.logging.Logger;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 import java.util.stream.Stream;
 
@@ -61,6 +63,9 @@ public CommandResponse call() throws Exception {
                 return new CommandResponse(-1, "user Oracle support credentials do not match");
             }
         }
+
+        handleChown();
+
         logger.finer("Exiting ImageOperation call ");
         return new CommandResponse(0, null);
     }
@@ -188,6 +193,28 @@ void addOPatch1394ToImage(Path tmpDir, String opatchBugNumber) throws Exception
         dockerfileOptions.setOPatchPatchingEnabled();
     }
 
+    private void handleChown() {
+        if (osUserAndGroup.length != 2) {
+            throw new IllegalArgumentException("--chown value must be a colon separated user and group.  user:group");
+        }
+
+        Pattern p = Pattern.compile("^[a-z_]([a-z0-9_-]{0,31}|[a-z0-9_-]{0,30}\\$)$");
+        Matcher usr = p.matcher(osUserAndGroup[0]);
+        if (!usr.matches()) {
+            throw new IllegalArgumentException("--chown must contain a valid Unix username.  No more than 32 characters"
+                    + " and starts with a lowercase character.  Invalid value = " + osUserAndGroup[0]);
+        }
+        Matcher grp = p.matcher(osUserAndGroup[1]);
+        if (!grp.matches()) {
+            throw new IllegalArgumentException("--chown must contain a valid Unix groupid.  No more than 32 characters"
+                    + " and starts with a lowercase character.  Invalid value = " + osUserAndGroup[1]);
+        }
+
+        dockerfileOptions.setUserId(osUserAndGroup[0]);
+        dockerfileOptions.setGroupId(osUserAndGroup[1]);
+    }
+
+
     WLSInstallerType installerType = WLSInstallerType.WLS;
 
     String installerVersion = Constants.DEFAULT_WLS_VERSION;
@@ -277,6 +304,14 @@ void addOPatch1394ToImage(Path tmpDir, String opatchBugNumber) throws Exception
     )
     Path dockerLog;
 
+    @Option(
+            names = {"--chown"},
+            split = ":",
+            description = "userid:groupid for JDK/Middleware installs and patches. Default: ${DEFAULT-VALUE}.",
+            defaultValue = "oracle:oracle"
+    )
+    private String[] osUserAndGroup;
+
     @Unmatched
     List<String> unmatchedOptions;
 }

imagetool/src/main/resources/docker-files/Create_Image.mustache

@@ -30,8 +30,8 @@ RUN zypper -nq update \
 {{/useZypper}}
 
 ## Create user and group
-RUN if [ -z "$(getent group {{groupid}})" ]; then hash groupadd &> /dev/null && groupadd -g 1000 {{groupid}} || exit -1 ; fi \
- && if [ -z "$(getent passwd {{userid}})" ]; then hash useradd &> /dev/null && useradd -u 1100 -g {{groupid}} {{userid}} || exit -1; fi \
+RUN if [ -z "$(getent group {{groupid}})" ]; then hash groupadd &> /dev/null && groupadd {{groupid}} || exit -1 ; fi \
+ && if [ -z "$(getent passwd {{userid}})" ]; then hash useradd &> /dev/null && useradd -g {{groupid}} {{userid}} || exit -1; fi \
  && mkdir /u01 \
  && chown {{userid}}:{{groupid}} /u01
 
@@ -198,8 +198,8 @@ ENV DOMAIN_HOME=${DOMAIN_HOME:-/u01/domains/base_domain} \
     PATH=$PATH:{{java_home}}/bin:${ORACLE_HOME}/oracle_common/common/bin:${ORACLE_HOME}/wlserver/common/bin:${DOMAIN_HOME}/bin:${ORACLE_HOME}
 
 ## Create user and group
-RUN if [ -z "$(getent group {{groupid}})" ]; then hash groupadd &> /dev/null && groupadd -g 1000 {{groupid}} || exit -1 ; fi \
- && if [ -z "$(getent passwd {{userid}})" ]; then hash useradd &> /dev/null && useradd -u 1100 -g {{groupid}} {{userid}} || exit -1; fi \
+RUN if [ -z "$(getent group {{groupid}})" ]; then hash groupadd &> /dev/null && groupadd {{groupid}} || exit -1 ; fi \
+ && if [ -z "$(getent passwd {{userid}})" ]; then hash useradd &> /dev/null && useradd -g {{groupid}} {{userid}} || exit -1; fi \
  && mkdir -p $(dirname {{java_home}}) $(dirname $ORACLE_HOME) $(dirname $DOMAIN_HOME) \
  && chown {{userid}}:{{groupid}} $(dirname {{java_home}}) $(dirname $ORACLE_HOME) $(dirname $DOMAIN_HOME)
 

imagetool/src/main/resources/docker-files/Update_Image.mustache

@@ -15,18 +15,18 @@ ENV PATCHDIR=${PATCHDIR:-patches} \
     OTMPDIR=${OTMPDIR:-/tmp/delme} \
     OPATCH_NO_FUSER=true
 
-USER oracle
+USER {{userid}}
 
 {{#isOpatchPatchingEnabled}}
-COPY --chown=oracle:oracle p28186730_139400_Generic.zip $OTMPDIR/opatch/
+COPY --chown={{userid}}:{{groupid}} p28186730_139400_Generic.zip $OTMPDIR/opatch/
 RUN cd $OTMPDIR/opatch \
  && $JAVA_HOME/bin/jar -xf $OTMPDIR/opatch/p28186730_139400_Generic.zip \
  && $JAVA_HOME/bin/java -jar $OTMPDIR/opatch/6880880/opatch_generic.jar -silent -ignoreSysPrereqs -force -novalidation oracle_home=$ORACLE_HOME \
  && rm -rf $OTMPDIR
 {{/isOpatchPatchingEnabled}}
 
 {{#isPatchingEnabled}}
-COPY --chown=oracle:oracle $PATCHDIR/* $OTMPDIR/patches/
+COPY --chown={{userid}}:{{groupid}} $PATCHDIR/* $OTMPDIR/patches/
 
 RUN $ORACLE_HOME/OPatch/opatch napply -silent -oh $ORACLE_HOME -phBaseDir $OTMPDIR/patches \
  && $ORACLE_HOME/OPatch/opatch util cleanup -silent -oh $ORACLE_HOME \