Skip to content

Commit 45cc754

Browse files
zebby76zebby76
committed
feat: allow running cli in readonly container
1 parent 651e37d commit 45cc754

4 files changed

Lines changed: 68 additions & 12 deletions

File tree

Dockerfiles/cli-prd.m4

Lines changed: 12 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -23,11 +23,13 @@ LABEL be.fgov.elasticms.base.build-date=$BUILD_DATE_ARG \
2323

2424
USER root
2525

26-
ENV AWS_CLI_VERSION=${AWS_CLI_VERSION_ARG:-2.22.10} \
26+
ENV PHP_INI_SCAN_DIR="/usr/local/etc/php/conf.d:/app/etc/php/conf.d" \
27+
AWS_CLI_VERSION=${AWS_CLI_VERSION_ARG:-2.22.10} \
2728
PHP_EXT_REDIS_VERSION=${PHP_EXT_REDIS_VERSION_ARG:-6.1.0} \
2829
PHP_EXT_APCU_VERSION=${PHP_EXT_APCU_VERSION_ARG:-5.1.24} \
2930
HOME=/home/default \
30-
PATH=/opt/bin:/usr/local/bin:/usr/bin:$PATH
31+
TMPDIR=/app/tmp \
32+
PATH=/app/bin:/app/sbin:/usr/local/bin:/usr/bin:$PATH
3133

3234
COPY --from=hairyhenderson/gomplate:stable /gomplate /usr/bin/gomplate
3335

@@ -37,10 +39,16 @@ COPY --from=node /usr/local/lib /usr/local/lib
3739
COPY --from=node /usr/local/include /usr/local/include
3840
COPY --from=node /usr/local/bin /usr/local/bin
3941

40-
COPY --chmod=775 --chown=1001:0 etc/php/ /usr/local/etc/
4142
COPY --chmod=775 --chown=1001:0 bin/ /usr/local/bin/
4243

43-
RUN mkdir -p /home/default /app \
44+
COPY --chmod=664 --chown=1001:0 config/php/conf.d/ /app/config/php/conf.d/
45+
46+
RUN mkdir -p /home/default \
47+
/app/src \
48+
/app/etc \
49+
/app/tmp \
50+
/app/bin \
51+
/app/sbin \
4452
&& chmod +x /usr/local/bin/apk-list \
4553
/usr/local/bin/container-entrypoint-cli \
4654
/usr/local/bin/wait-for-it \

bin/container-entrypoint-cli

Lines changed: 13 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,17 @@
1-
#!/bin/bash
1+
#!/usr/bin/env bash
2+
set -eo pipefail
23

3-
set -e
4+
export DEBUG=${DEBUG:-false}
5+
[[ "${DEBUG}" == "true" ]] && set -x
6+
7+
source /usr/local/bin/container-entrypoint.d/entrypoint.d/00-functions.sh
8+
source /usr/local/bin/container-entrypoint.d/entrypoint.d/01-php.sh
9+
10+
log "INFO" "+---- Configure PHP Container -----"
11+
12+
source /usr/local/bin/container-entrypoint.d/base.d/01-php.sh
13+
14+
log "INFO" "+---- PHP Container configured succesfully -----"
415

516
# first arg is `-f` or `--some-option`
617
if [ "${1#-}" != "$1" ]; then

etc/php/conf.d/base-php.ini

Lines changed: 0 additions & 3 deletions
This file was deleted.

test/tests.cli.bats

Lines changed: 43 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,17 +26,57 @@ export BATS_CONTAINER_COMPOSE_ENGINE="${BATS_CONTAINER_ENGINE} compose"
2626

2727
}
2828

29+
@test "[$TEST_FILE] Check Docker external Volumes (local)" {
30+
31+
BATS_CONTAINER_VOLUME_NAMES=("$BATS_APP_TMP_VOLUME_NAME")
32+
BATS_CONTAINER_VOLUME_NAMES+=("$BATS_APP_ETC_VOLUME_NAME")
33+
34+
for BATS_CONTAINER_VOLUME_NAME in "${BATS_CONTAINER_VOLUME_NAMES[@]}"; do
35+
36+
run ${BATS_CONTAINER_ENGINE} volume inspect ${BATS_CONTAINER_VOLUME_NAME}
37+
38+
if [ "$status" -ne 0 ]; then
39+
40+
run ${BATS_CONTAINER_ENGINE} volume create ${BATS_CONTAINER_VOLUME_NAME}
41+
[ "$status" -eq 0 ]
42+
43+
fi
44+
45+
done
46+
47+
}
48+
2949
@test "[$TEST_FILE] Test PHP version" {
30-
run ${BATS_CONTAINER_ENGINE} run --rm ${BATS_PHP_DOCKER_IMAGE_NAME} -v
50+
run ${BATS_CONTAINER_ENGINE} run --read-only --rm \
51+
-v $BATS_APP_TMP_VOLUME_NAME:/app/tmp \
52+
-v $BATS_APP_ETC_VOLUME_NAME:/app/etc \
53+
${BATS_PHP_DOCKER_IMAGE_NAME} -v
3154
assert_output -l -r "^PHP ${BATS_PHP_VERSION} \(cli\) \(.*\) \(NTS\)"
3255
}
3356

3457
@test "[$TEST_FILE] Testing NPM Version (with unrecognized uid)" {
35-
run ${BATS_CONTAINER_ENGINE} run -u 1000 --rm ${BATS_PHP_DOCKER_IMAGE_NAME} npm -v
58+
run ${BATS_CONTAINER_ENGINE} run -u 1000 --read-only --rm \
59+
-v $BATS_APP_TMP_VOLUME_NAME:/app/tmp \
60+
-v $BATS_APP_ETC_VOLUME_NAME:/app/etc \
61+
${BATS_PHP_DOCKER_IMAGE_NAME} npm -v
3662
assert_output -l -r "^[0-9]+.[0-9]+.[0-9]+*$"
3763
}
3864

3965
@test "[$TEST_FILE] Test aws cli version" {
40-
run ${BATS_CONTAINER_ENGINE} run --rm ${BATS_PHP_DOCKER_IMAGE_NAME} aws --version
66+
run ${BATS_CONTAINER_ENGINE} run --read-only --rm \
67+
-v $BATS_APP_TMP_VOLUME_NAME:/app/tmp \
68+
-v $BATS_APP_ETC_VOLUME_NAME:/app/etc \
69+
${BATS_PHP_DOCKER_IMAGE_NAME} aws --version
4170
assert_output -l -r "^aws-cli/${BATS_AWS_CLI_VERSION} Python/.* .*$"
71+
}
72+
73+
@test "[$TEST_FILE] Cleanup Docker external Volumes (local)" {
74+
75+
BATS_CONTAINER_VOLUME_NAMES=("$BATS_APP_TMP_VOLUME_NAME")
76+
BATS_CONTAINER_VOLUME_NAMES+=("$BATS_APP_ETC_VOLUME_NAME")
77+
78+
for BATS_CONTAINER_VOLUME_NAME in "${BATS_CONTAINER_VOLUME_NAMES[@]}"; do
79+
run ${BATS_CONTAINER_ENGINE} volume rm ${BATS_CONTAINER_VOLUME_NAME}
80+
done
81+
4282
}

0 commit comments

Comments
 (0)