[#182563382] - Change e2e container to not run as root

ci/build-docker-e2e-image

@@ -25,7 +25,6 @@ mkdir -p ${docker_context_dir}
 cp -rp \
   e2e-tests/pom.xml \
   e2e-tests/src \
-  ci/e2e-tests/e2e-exec-pom.xml \
   .mvn \
   mvnw \
   ${docker_context_dir}

ci/e2e-tests/Dockerfile

@@ -35,7 +35,7 @@ ADD target/src ./src
 #     org.apache.maven.artifact.resolver.MultipleArtifactsNotFoundException: Missing:
 # then update the version number of surefire-junit4 in pom.xml under the
 # dynamicDependencies section of go-offline-maven-plugin configuration.
-RUN ./mvnw -P -dnastack -B -o package
+RUN ./mvnw -P -dnastack -B -o process-test-classes
 
 
 ##
@@ -45,14 +45,26 @@ RUN ./mvnw -P -dnastack -B -o package
 # This stage uses a JRE rather than JDK because it doesn't have to build anything; it just runs the fat jar
 # produced by the previous stage.
 FROM amazoncorretto:17-alpine
+
 ARG APP_NAME
 ARG APP_VERSION
 
-ADD target/e2e-exec-pom.xml /pom.xml
-ADD target/.mvn /.mvn
-ADD target/mvnw /
-COPY --from=0 /build/target/wes-service-e2e-tests-*.jar /e2e-tests.jar
-RUN ./mvnw -B de.qaware.maven:go-offline-maven-plugin:resolve-dependencies
+# Create a non-root user
+RUN adduser -D -h /home/testuser testuser
+
+USER root
+RUN mkdir /target && chown testuser /target
+
+# Copy required files from build stage into image
+COPY --from=build --chown=testuser /build/target/ /target
+COPY --from=build --chown=testuser /root/.m2 /home/testuser/.m2/
+COPY --chown=testuser target/pom.xml /pom.xml
+COPY --chown=testuser target/.mvn /.mvn
+COPY --chown=testuser target/mvnw /
+
+USER testuser
+
+ENV E2E_SCREENSHOT_DIR /target
 
 # If the container has a memory limit, that limit (in bytes) is present in a file under /sys/fs/cgroup
 # In Linux 5.10.76, the value comes from memory.max.

e2e-tests/pom.xml

@@ -172,75 +172,18 @@
                     </compilerArgs>
                 </configuration>
             </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-shade-plugin</artifactId>
-                <version>3.2.4</version>
-                <executions>
-                    <execution>
-                        <phase>package</phase>
-                        <goals>
-                            <goal>shade</goal>
-                        </goals>
-                        <configuration>
-                            <filters>
-                                <filter>
-                                    <!-- filter out signature files from signed dependencies, else repackaging fails with security ex -->
-                                    <artifact>*:*</artifact>
-                                    <excludes>
-                                        <exclude>META-INF/*.SF</exclude>
-                                        <exclude>META-INF/*.DSA</exclude>
-                                        <exclude>META-INF/*.RSA</exclude>
-                                    </excludes>
-                                </filter>
-                            </filters>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
-            <plugin>
-                <groupId>org.codehaus.mojo</groupId>
-                <artifactId>build-helper-maven-plugin</artifactId>
-                <version>1.9.1</version>
-                <executions>
-                    <!-- This ensures our compiled tests land in the fat jar -->
-                    <execution>
-                        <id>add-source</id>
-                        <phase>generate-sources</phase>
-                        <goals>
-                            <goal>add-source</goal>
-                        </goals>
-                        <configuration>
-                            <sources>
-                                <source>${project.basedir}/src/test/java/</source>
-                            </sources>
-                        </configuration>
-                    </execution>
-                    <!-- This ensures that the resources files also land in the fat jar (for example, simplelogger.properties)  -->
-                    <execution>
-                        <id>add-resource</id>
-                        <phase>generate-resources</phase>
-                        <goals>
-                            <goal>add-resource</goal>
-                        </goals>
-                        <configuration>
-                            <resources>
-                                <resource>
-                                    <directory>${project.basedir}/src/test/resources</directory>
-                                </resource>
-                            </resources>
-                        </configuration>
-                    </execution>
-                </executions>
-            </plugin>
+
             <plugin>
                 <groupId>org.apache.maven.plugins</groupId>
                 <artifactId>maven-surefire-plugin</artifactId>
                 <version>${maven-surefire-plugin.version}</version>
                 <configuration>
-                    <skipTests>true</skipTests>
+                    <dependenciesToScan>
+                        <dependency>com.dnastack:actuator-e2e-test</dependency>
+                    </dependenciesToScan>
                 </configuration>
             </plugin>
+
             <plugin>
                 <groupId>de.qaware.maven</groupId>
                 <artifactId>go-offline-maven-plugin</artifactId>