From 1ad1cd74117dc5b504e5aeb7cf5c85019b1d698e Mon Sep 17 00:00:00 2001 From: Demjan Kaluzki Date: Sat, 19 Dec 2020 20:39:32 +0100 Subject: [PATCH 1/3] [webdevops/Dockerfile#226] add teardown phase for supervisor task * restore gosu suid bit when container stops related to: * [webdevops/Dockerfile#226] * [webdevops/Dockerfile#366] --- docker/base/alpine/conf/bin/config.sh | 36 ++++++++----- .../base/alpine/conf/bin/entrypoint.d/cli.sh | 6 +-- docker/base/alpine/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/centos-7/conf/bin/config.sh | 36 ++++++++----- .../centos-7/conf/bin/entrypoint.d/cli.sh | 6 +-- docker/base/centos-7/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/debian-10/conf/bin/config.sh | 36 ++++++++----- .../debian-10/conf/bin/entrypoint.d/cli.sh | 6 +-- docker/base/debian-10/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/debian-7/conf/bin/config.sh | 36 ++++++++----- .../debian-7/conf/bin/entrypoint.d/cli.sh | 6 +-- docker/base/debian-7/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/debian-8/conf/bin/config.sh | 36 ++++++++----- .../debian-8/conf/bin/entrypoint.d/cli.sh | 6 +-- docker/base/debian-8/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/debian-9/conf/bin/config.sh | 36 ++++++++----- .../debian-9/conf/bin/entrypoint.d/cli.sh | 6 +-- docker/base/debian-9/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/ubuntu-12.04/conf/bin/config.sh | 36 ++++++++----- .../ubuntu-12.04/conf/bin/entrypoint.d/cli.sh | 6 +-- .../base/ubuntu-12.04/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/ubuntu-14.04/conf/bin/config.sh | 36 ++++++++----- .../ubuntu-14.04/conf/bin/entrypoint.d/cli.sh | 6 +-- .../base/ubuntu-14.04/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/ubuntu-15.04/conf/bin/config.sh | 36 ++++++++----- .../ubuntu-15.04/conf/bin/entrypoint.d/cli.sh | 6 +-- .../base/ubuntu-15.04/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/ubuntu-15.10/conf/bin/config.sh | 36 ++++++++----- .../ubuntu-15.10/conf/bin/entrypoint.d/cli.sh | 6 +-- .../base/ubuntu-15.10/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/ubuntu-16.04/conf/bin/config.sh | 36 ++++++++----- .../ubuntu-16.04/conf/bin/entrypoint.d/cli.sh | 6 +-- .../base/ubuntu-16.04/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/ubuntu-16.10/conf/bin/config.sh | 36 ++++++++----- .../ubuntu-16.10/conf/bin/entrypoint.d/cli.sh | 6 +-- .../base/ubuntu-16.10/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/ubuntu-17.04/conf/bin/config.sh | 36 ++++++++----- .../ubuntu-17.04/conf/bin/entrypoint.d/cli.sh | 6 +-- .../base/ubuntu-17.04/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/ubuntu-17.10/conf/bin/config.sh | 36 ++++++++----- .../ubuntu-17.10/conf/bin/entrypoint.d/cli.sh | 6 +-- .../base/ubuntu-17.10/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/base/ubuntu-18.04/conf/bin/config.sh | 36 ++++++++----- .../ubuntu-18.04/conf/bin/entrypoint.d/cli.sh | 6 +-- .../base/ubuntu-18.04/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 docker/php-official/5.6/conf/bin/config.sh | 36 ++++++++----- .../5.6/conf/bin/entrypoint.d/cli.sh | 6 +-- .../php-official/5.6/conf/bin/entrypoint.sh | 51 ++++++++----------- docker/php-official/7.0/conf/bin/config.sh | 36 ++++++++----- .../7.0/conf/bin/entrypoint.d/cli.sh | 6 +-- .../php-official/7.0/conf/bin/entrypoint.sh | 51 ++++++++----------- .../7.1-alpine/conf/bin/config.sh | 36 ++++++++----- .../7.1-alpine/conf/bin/entrypoint.d/cli.sh | 6 +-- .../7.1-alpine/conf/bin/entrypoint.sh | 51 ++++++++----------- docker/php-official/7.1/conf/bin/config.sh | 36 ++++++++----- .../7.1/conf/bin/entrypoint.d/cli.sh | 6 +-- .../php-official/7.1/conf/bin/entrypoint.sh | 51 ++++++++----------- .../7.2-alpine/conf/bin/config.sh | 36 ++++++++----- .../7.2-alpine/conf/bin/entrypoint.d/cli.sh | 6 +-- .../7.2-alpine/conf/bin/entrypoint.sh | 51 ++++++++----------- docker/php-official/7.2/conf/bin/config.sh | 36 ++++++++----- .../7.2/conf/bin/entrypoint.d/cli.sh | 6 +-- .../php-official/7.2/conf/bin/entrypoint.sh | 51 ++++++++----------- .../7.3-alpine/conf/bin/config.sh | 36 ++++++++----- .../7.3-alpine/conf/bin/entrypoint.d/cli.sh | 6 +-- .../7.3-alpine/conf/bin/entrypoint.sh | 51 ++++++++----------- docker/php-official/7.3/conf/bin/config.sh | 36 ++++++++----- .../7.3/conf/bin/entrypoint.d/cli.sh | 6 +-- .../php-official/7.3/conf/bin/entrypoint.sh | 51 ++++++++----------- .../7.4-alpine/conf/bin/config.sh | 36 ++++++++----- .../7.4-alpine/conf/bin/entrypoint.d/cli.sh | 6 +-- .../7.4-alpine/conf/bin/entrypoint.sh | 51 ++++++++----------- docker/php-official/7.4/conf/bin/config.sh | 36 ++++++++----- .../7.4/conf/bin/entrypoint.d/cli.sh | 6 +-- .../php-official/7.4/conf/bin/entrypoint.sh | 51 ++++++++----------- .../8.0-alpine/conf/bin/config.sh | 36 ++++++++----- .../8.0-alpine/conf/bin/entrypoint.d/cli.sh | 6 +-- .../8.0-alpine/conf/bin/entrypoint.sh | 51 ++++++++----------- docker/php-official/8.0/conf/bin/config.sh | 36 ++++++++----- .../8.0/conf/bin/entrypoint.d/cli.sh | 6 +-- .../php-official/8.0/conf/bin/entrypoint.sh | 51 ++++++++----------- .../latest/conf/bin/config.sh | 36 ++++++++----- .../latest/conf/bin/entrypoint.d/cli.sh | 6 +-- .../latest/conf/bin/entrypoint.sh | 51 ++++++++----------- .../conf/provision/entrypoint.d/.gitkeep | 0 provisioning/base/general/bin/config.sh | 35 ++++++++----- provisioning/base/general/bin/entrypoint.sh | 49 +++++++----------- .../general/provision/entrypoint.d/.gitkeep | 0 .../general/provision/entrypoint.d/05-gosu.sh | 4 ++ .../entrypoint.d/teardown/05-gosu.sh | 4 ++ 105 files changed, 1337 insertions(+), 1359 deletions(-) delete mode 100644 docker/base/alpine/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/centos-7/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/debian-10/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/debian-7/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/debian-8/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/debian-9/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/ubuntu-12.04/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/ubuntu-14.04/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/ubuntu-15.04/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/ubuntu-15.10/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/ubuntu-16.04/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/ubuntu-16.10/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/ubuntu-17.04/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/ubuntu-17.10/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/base/ubuntu-18.04/conf/provision/entrypoint.d/.gitkeep delete mode 100644 docker/samson-deployment/latest/conf/provision/entrypoint.d/.gitkeep delete mode 100644 provisioning/base/general/provision/entrypoint.d/.gitkeep create mode 100644 provisioning/base/general/provision/entrypoint.d/05-gosu.sh create mode 100644 provisioning/base/general/provision/entrypoint.d/teardown/05-gosu.sh diff --git a/docker/base/alpine/conf/bin/config.sh b/docker/base/alpine/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/alpine/conf/bin/config.sh +++ b/docker/base/alpine/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/alpine/conf/bin/entrypoint.d/cli.sh b/docker/base/alpine/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/alpine/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/alpine/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/alpine/conf/bin/entrypoint.sh b/docker/base/alpine/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/alpine/conf/bin/entrypoint.sh +++ b/docker/base/alpine/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/alpine/conf/provision/entrypoint.d/.gitkeep b/docker/base/alpine/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/centos-7/conf/bin/config.sh b/docker/base/centos-7/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/centos-7/conf/bin/config.sh +++ b/docker/base/centos-7/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/centos-7/conf/bin/entrypoint.d/cli.sh b/docker/base/centos-7/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/centos-7/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/centos-7/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/centos-7/conf/bin/entrypoint.sh b/docker/base/centos-7/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/centos-7/conf/bin/entrypoint.sh +++ b/docker/base/centos-7/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/centos-7/conf/provision/entrypoint.d/.gitkeep b/docker/base/centos-7/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/debian-10/conf/bin/config.sh b/docker/base/debian-10/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/debian-10/conf/bin/config.sh +++ b/docker/base/debian-10/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/debian-10/conf/bin/entrypoint.d/cli.sh b/docker/base/debian-10/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/debian-10/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/debian-10/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/debian-10/conf/bin/entrypoint.sh b/docker/base/debian-10/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/debian-10/conf/bin/entrypoint.sh +++ b/docker/base/debian-10/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/debian-10/conf/provision/entrypoint.d/.gitkeep b/docker/base/debian-10/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/debian-7/conf/bin/config.sh b/docker/base/debian-7/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/debian-7/conf/bin/config.sh +++ b/docker/base/debian-7/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/debian-7/conf/bin/entrypoint.d/cli.sh b/docker/base/debian-7/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/debian-7/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/debian-7/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/debian-7/conf/bin/entrypoint.sh b/docker/base/debian-7/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/debian-7/conf/bin/entrypoint.sh +++ b/docker/base/debian-7/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/debian-7/conf/provision/entrypoint.d/.gitkeep b/docker/base/debian-7/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/debian-8/conf/bin/config.sh b/docker/base/debian-8/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/debian-8/conf/bin/config.sh +++ b/docker/base/debian-8/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/debian-8/conf/bin/entrypoint.d/cli.sh b/docker/base/debian-8/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/debian-8/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/debian-8/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/debian-8/conf/bin/entrypoint.sh b/docker/base/debian-8/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/debian-8/conf/bin/entrypoint.sh +++ b/docker/base/debian-8/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/debian-8/conf/provision/entrypoint.d/.gitkeep b/docker/base/debian-8/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/debian-9/conf/bin/config.sh b/docker/base/debian-9/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/debian-9/conf/bin/config.sh +++ b/docker/base/debian-9/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/debian-9/conf/bin/entrypoint.d/cli.sh b/docker/base/debian-9/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/debian-9/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/debian-9/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/debian-9/conf/bin/entrypoint.sh b/docker/base/debian-9/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/debian-9/conf/bin/entrypoint.sh +++ b/docker/base/debian-9/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/debian-9/conf/provision/entrypoint.d/.gitkeep b/docker/base/debian-9/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/ubuntu-12.04/conf/bin/config.sh b/docker/base/ubuntu-12.04/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/ubuntu-12.04/conf/bin/config.sh +++ b/docker/base/ubuntu-12.04/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-12.04/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/ubuntu-12.04/conf/bin/entrypoint.sh b/docker/base/ubuntu-12.04/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/ubuntu-12.04/conf/bin/entrypoint.sh +++ b/docker/base/ubuntu-12.04/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/ubuntu-12.04/conf/provision/entrypoint.d/.gitkeep b/docker/base/ubuntu-12.04/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/ubuntu-14.04/conf/bin/config.sh b/docker/base/ubuntu-14.04/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/ubuntu-14.04/conf/bin/config.sh +++ b/docker/base/ubuntu-14.04/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-14.04/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/ubuntu-14.04/conf/bin/entrypoint.sh b/docker/base/ubuntu-14.04/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/ubuntu-14.04/conf/bin/entrypoint.sh +++ b/docker/base/ubuntu-14.04/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/ubuntu-14.04/conf/provision/entrypoint.d/.gitkeep b/docker/base/ubuntu-14.04/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/ubuntu-15.04/conf/bin/config.sh b/docker/base/ubuntu-15.04/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/ubuntu-15.04/conf/bin/config.sh +++ b/docker/base/ubuntu-15.04/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-15.04/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/ubuntu-15.04/conf/bin/entrypoint.sh b/docker/base/ubuntu-15.04/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/ubuntu-15.04/conf/bin/entrypoint.sh +++ b/docker/base/ubuntu-15.04/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/ubuntu-15.04/conf/provision/entrypoint.d/.gitkeep b/docker/base/ubuntu-15.04/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/ubuntu-15.10/conf/bin/config.sh b/docker/base/ubuntu-15.10/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/ubuntu-15.10/conf/bin/config.sh +++ b/docker/base/ubuntu-15.10/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-15.10/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/ubuntu-15.10/conf/bin/entrypoint.sh b/docker/base/ubuntu-15.10/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/ubuntu-15.10/conf/bin/entrypoint.sh +++ b/docker/base/ubuntu-15.10/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/ubuntu-15.10/conf/provision/entrypoint.d/.gitkeep b/docker/base/ubuntu-15.10/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/ubuntu-16.04/conf/bin/config.sh b/docker/base/ubuntu-16.04/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/ubuntu-16.04/conf/bin/config.sh +++ b/docker/base/ubuntu-16.04/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-16.04/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/ubuntu-16.04/conf/bin/entrypoint.sh b/docker/base/ubuntu-16.04/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/ubuntu-16.04/conf/bin/entrypoint.sh +++ b/docker/base/ubuntu-16.04/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/ubuntu-16.04/conf/provision/entrypoint.d/.gitkeep b/docker/base/ubuntu-16.04/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/ubuntu-16.10/conf/bin/config.sh b/docker/base/ubuntu-16.10/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/ubuntu-16.10/conf/bin/config.sh +++ b/docker/base/ubuntu-16.10/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/ubuntu-16.10/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-16.10/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/ubuntu-16.10/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-16.10/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/ubuntu-16.10/conf/bin/entrypoint.sh b/docker/base/ubuntu-16.10/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/ubuntu-16.10/conf/bin/entrypoint.sh +++ b/docker/base/ubuntu-16.10/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/ubuntu-16.10/conf/provision/entrypoint.d/.gitkeep b/docker/base/ubuntu-16.10/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/ubuntu-17.04/conf/bin/config.sh b/docker/base/ubuntu-17.04/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/ubuntu-17.04/conf/bin/config.sh +++ b/docker/base/ubuntu-17.04/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/ubuntu-17.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-17.04/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/ubuntu-17.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-17.04/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/ubuntu-17.04/conf/bin/entrypoint.sh b/docker/base/ubuntu-17.04/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/ubuntu-17.04/conf/bin/entrypoint.sh +++ b/docker/base/ubuntu-17.04/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/ubuntu-17.04/conf/provision/entrypoint.d/.gitkeep b/docker/base/ubuntu-17.04/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/ubuntu-17.10/conf/bin/config.sh b/docker/base/ubuntu-17.10/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/ubuntu-17.10/conf/bin/config.sh +++ b/docker/base/ubuntu-17.10/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/ubuntu-17.10/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-17.10/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/ubuntu-17.10/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-17.10/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/ubuntu-17.10/conf/bin/entrypoint.sh b/docker/base/ubuntu-17.10/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/ubuntu-17.10/conf/bin/entrypoint.sh +++ b/docker/base/ubuntu-17.10/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/ubuntu-17.10/conf/provision/entrypoint.d/.gitkeep b/docker/base/ubuntu-17.10/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/base/ubuntu-18.04/conf/bin/config.sh b/docker/base/ubuntu-18.04/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/base/ubuntu-18.04/conf/bin/config.sh +++ b/docker/base/ubuntu-18.04/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/base/ubuntu-18.04/conf/bin/entrypoint.d/cli.sh b/docker/base/ubuntu-18.04/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/base/ubuntu-18.04/conf/bin/entrypoint.d/cli.sh +++ b/docker/base/ubuntu-18.04/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/base/ubuntu-18.04/conf/bin/entrypoint.sh b/docker/base/ubuntu-18.04/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/base/ubuntu-18.04/conf/bin/entrypoint.sh +++ b/docker/base/ubuntu-18.04/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/base/ubuntu-18.04/conf/provision/entrypoint.d/.gitkeep b/docker/base/ubuntu-18.04/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/docker/php-official/5.6/conf/bin/config.sh b/docker/php-official/5.6/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/5.6/conf/bin/config.sh +++ b/docker/php-official/5.6/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/5.6/conf/bin/entrypoint.d/cli.sh b/docker/php-official/5.6/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/5.6/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/5.6/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/5.6/conf/bin/entrypoint.sh b/docker/php-official/5.6/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/5.6/conf/bin/entrypoint.sh +++ b/docker/php-official/5.6/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/7.0/conf/bin/config.sh b/docker/php-official/7.0/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/7.0/conf/bin/config.sh +++ b/docker/php-official/7.0/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/7.0/conf/bin/entrypoint.d/cli.sh b/docker/php-official/7.0/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/7.0/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/7.0/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/7.0/conf/bin/entrypoint.sh b/docker/php-official/7.0/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/7.0/conf/bin/entrypoint.sh +++ b/docker/php-official/7.0/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/7.1-alpine/conf/bin/config.sh b/docker/php-official/7.1-alpine/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/7.1-alpine/conf/bin/config.sh +++ b/docker/php-official/7.1-alpine/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/7.1-alpine/conf/bin/entrypoint.d/cli.sh b/docker/php-official/7.1-alpine/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/7.1-alpine/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/7.1-alpine/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/7.1-alpine/conf/bin/entrypoint.sh b/docker/php-official/7.1-alpine/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/7.1-alpine/conf/bin/entrypoint.sh +++ b/docker/php-official/7.1-alpine/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/7.1/conf/bin/config.sh b/docker/php-official/7.1/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/7.1/conf/bin/config.sh +++ b/docker/php-official/7.1/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/7.1/conf/bin/entrypoint.d/cli.sh b/docker/php-official/7.1/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/7.1/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/7.1/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/7.1/conf/bin/entrypoint.sh b/docker/php-official/7.1/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/7.1/conf/bin/entrypoint.sh +++ b/docker/php-official/7.1/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/7.2-alpine/conf/bin/config.sh b/docker/php-official/7.2-alpine/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/7.2-alpine/conf/bin/config.sh +++ b/docker/php-official/7.2-alpine/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/7.2-alpine/conf/bin/entrypoint.d/cli.sh b/docker/php-official/7.2-alpine/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/7.2-alpine/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/7.2-alpine/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/7.2-alpine/conf/bin/entrypoint.sh b/docker/php-official/7.2-alpine/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/7.2-alpine/conf/bin/entrypoint.sh +++ b/docker/php-official/7.2-alpine/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/7.2/conf/bin/config.sh b/docker/php-official/7.2/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/7.2/conf/bin/config.sh +++ b/docker/php-official/7.2/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/7.2/conf/bin/entrypoint.d/cli.sh b/docker/php-official/7.2/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/7.2/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/7.2/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/7.2/conf/bin/entrypoint.sh b/docker/php-official/7.2/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/7.2/conf/bin/entrypoint.sh +++ b/docker/php-official/7.2/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/7.3-alpine/conf/bin/config.sh b/docker/php-official/7.3-alpine/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/7.3-alpine/conf/bin/config.sh +++ b/docker/php-official/7.3-alpine/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/7.3-alpine/conf/bin/entrypoint.d/cli.sh b/docker/php-official/7.3-alpine/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/7.3-alpine/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/7.3-alpine/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/7.3-alpine/conf/bin/entrypoint.sh b/docker/php-official/7.3-alpine/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/7.3-alpine/conf/bin/entrypoint.sh +++ b/docker/php-official/7.3-alpine/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/7.3/conf/bin/config.sh b/docker/php-official/7.3/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/7.3/conf/bin/config.sh +++ b/docker/php-official/7.3/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/7.3/conf/bin/entrypoint.d/cli.sh b/docker/php-official/7.3/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/7.3/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/7.3/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/7.3/conf/bin/entrypoint.sh b/docker/php-official/7.3/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/7.3/conf/bin/entrypoint.sh +++ b/docker/php-official/7.3/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/7.4-alpine/conf/bin/config.sh b/docker/php-official/7.4-alpine/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/7.4-alpine/conf/bin/config.sh +++ b/docker/php-official/7.4-alpine/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/7.4-alpine/conf/bin/entrypoint.d/cli.sh b/docker/php-official/7.4-alpine/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/7.4-alpine/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/7.4-alpine/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/7.4-alpine/conf/bin/entrypoint.sh b/docker/php-official/7.4-alpine/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/7.4-alpine/conf/bin/entrypoint.sh +++ b/docker/php-official/7.4-alpine/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/7.4/conf/bin/config.sh b/docker/php-official/7.4/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/7.4/conf/bin/config.sh +++ b/docker/php-official/7.4/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/7.4/conf/bin/entrypoint.d/cli.sh b/docker/php-official/7.4/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/7.4/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/7.4/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/7.4/conf/bin/entrypoint.sh b/docker/php-official/7.4/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/7.4/conf/bin/entrypoint.sh +++ b/docker/php-official/7.4/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/8.0-alpine/conf/bin/config.sh b/docker/php-official/8.0-alpine/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/8.0-alpine/conf/bin/config.sh +++ b/docker/php-official/8.0-alpine/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/8.0-alpine/conf/bin/entrypoint.d/cli.sh b/docker/php-official/8.0-alpine/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/8.0-alpine/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/8.0-alpine/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/8.0-alpine/conf/bin/entrypoint.sh b/docker/php-official/8.0-alpine/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/8.0-alpine/conf/bin/entrypoint.sh +++ b/docker/php-official/8.0-alpine/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/php-official/8.0/conf/bin/config.sh b/docker/php-official/8.0/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/php-official/8.0/conf/bin/config.sh +++ b/docker/php-official/8.0/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/php-official/8.0/conf/bin/entrypoint.d/cli.sh b/docker/php-official/8.0/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/php-official/8.0/conf/bin/entrypoint.d/cli.sh +++ b/docker/php-official/8.0/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/php-official/8.0/conf/bin/entrypoint.sh b/docker/php-official/8.0/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/php-official/8.0/conf/bin/entrypoint.sh +++ b/docker/php-official/8.0/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/samson-deployment/latest/conf/bin/config.sh b/docker/samson-deployment/latest/conf/bin/config.sh index 46265a3c0..3eef76c3b 100644 --- a/docker/samson-deployment/latest/conf/bin/config.sh +++ b/docker/samson-deployment/latest/conf/bin/config.sh @@ -68,37 +68,47 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + echo "not found $ENTRYPOINT_SCRIPT" + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/docker/samson-deployment/latest/conf/bin/entrypoint.d/cli.sh b/docker/samson-deployment/latest/conf/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/docker/samson-deployment/latest/conf/bin/entrypoint.d/cli.sh +++ b/docker/samson-deployment/latest/conf/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/docker/samson-deployment/latest/conf/bin/entrypoint.sh b/docker/samson-deployment/latest/conf/bin/entrypoint.sh index 0489b796c..4795ba60a 100644 --- a/docker/samson-deployment/latest/conf/bin/entrypoint.sh +++ b/docker/samson-deployment/latest/conf/bin/entrypoint.sh @@ -1,46 +1,35 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/docker/samson-deployment/latest/conf/provision/entrypoint.d/.gitkeep b/docker/samson-deployment/latest/conf/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/provisioning/base/general/bin/config.sh b/provisioning/base/general/bin/config.sh index 46265a3c0..3b9bec689 100644 --- a/provisioning/base/general/bin/config.sh +++ b/provisioning/base/general/bin/config.sh @@ -68,37 +68,46 @@ function deprecationNotice() { ### # Run "entrypoint" scripts + # ## function runEntrypoints() { - ############### - # Try to find entrypoint - ############### - + # try to find entrypoint task script ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/${TASK}.sh" - - if [ -f "$ENTRYPOINT_SCRIPT" ]; then - . "$ENTRYPOINT_SCRIPT" + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + # use default + ENTRYPOINT_SCRIPT="/opt/docker/bin/entrypoint.d/default.sh" fi - ############### - # Run default - ############### - if [ -f "/opt/docker/bin/entrypoint.d/default.sh" ]; then - . /opt/docker/bin/entrypoint.d/default.sh + if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then + exit 1 fi - exit 1 + . "$ENTRYPOINT_SCRIPT" } +### # Run "entrypoint" provisioning + # ## function runProvisionEntrypoint() { includeScriptDir "/opt/docker/provision/entrypoint.d" includeScriptDir "/entrypoint.d" } +### + # https://stackoverflow.com/questions/41451159/how-to-execute-a-script-when-i-terminate-a-docker-container + # https://hynek.me/articles/docker-signals/ + # + ## +function runTeardownEntrypoint() { + echo "Container stopped, performing teardown..." + includeScriptDir "/opt/docker/provision/entrypoint.d/teardown" + includeScriptDir "/entrypoint.d/teardown" +} + ### # List environment variables (based on prefix) + # ## function envListVars() { if [[ $# -eq 1 ]]; then diff --git a/provisioning/base/general/bin/entrypoint.sh b/provisioning/base/general/bin/entrypoint.sh index 0489b796c..254cef075 100644 --- a/provisioning/base/general/bin/entrypoint.sh +++ b/provisioning/base/general/bin/entrypoint.sh @@ -4,43 +4,32 @@ if [[ -z "$CONTAINER_UID" ]]; then export CONTAINER_UID="application" fi -set -o pipefail # trace ERR through pipes -set -o errtrace # trace ERR through 'time command' and other functions -set -o nounset ## set -u : exit the script if you try to use an uninitialised variable -set -o errexit ## set -e : exit the script if any statement returns a non-true return value +set -o pipefail # trace ERR through pipes +set -o errtrace # trace ERR through 'time command' and other functions +set -o nounset ## set -u : exit the script if you try to use an uninitialised variable +set -o errexit ## set -e : exit the script if any statement returns a non-true return value # auto elevate privileges (if container is not started as root) if [[ "$UID" -ne 0 ]]; then export CONTAINER_UID="$UID" exec gosu root "$0" "$@" fi -# remove suid bit on gosu -chmod -s /sbin/gosu - -trap 'echo sigterm ; exit' SIGTERM -trap 'echo sigkill ; exit' SIGKILL - -# sanitize input and set task -TASK="$(echo $1| sed 's/[^-_a-zA-Z0-9]*//g')" - -source /opt/docker/bin/config.sh +. /opt/docker/bin/config.sh createDockerStdoutStderr -if [[ "$UID" -eq 0 ]]; then - # Only run provision if user is root - - if [ "$TASK" == "supervisord" -o "$TASK" == "noop" ]; then - # Visible provisioning - runProvisionEntrypoint - else - # Hidden provisioning - runProvisionEntrypoint > /dev/null - fi +# sanitize input and set task +TASK="$(echo $1 | sed 's/[^-_a-zA-Z0-9]*//g')" + +if [ "$TASK" == "supervisord" ] || [ "$TASK" == "noop" ]; then + # visible provisioning + runProvisionEntrypoint + trap 'runTeardownEntrypoint' SIGTERM + runEntrypoints "$@" & + wait $! + runTeardownEntrypoint +else + # hidden provisioning + runProvisionEntrypoint > /dev/null + runEntrypoints "$@" fi - -############################# -## COMMAND -############################# - -runEntrypoints "$@" diff --git a/provisioning/base/general/provision/entrypoint.d/.gitkeep b/provisioning/base/general/provision/entrypoint.d/.gitkeep deleted file mode 100644 index e69de29bb..000000000 diff --git a/provisioning/base/general/provision/entrypoint.d/05-gosu.sh b/provisioning/base/general/provision/entrypoint.d/05-gosu.sh new file mode 100644 index 000000000..5456e7a40 --- /dev/null +++ b/provisioning/base/general/provision/entrypoint.d/05-gosu.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash + +# remove suid bit +chmod -s /sbin/gosu diff --git a/provisioning/base/general/provision/entrypoint.d/teardown/05-gosu.sh b/provisioning/base/general/provision/entrypoint.d/teardown/05-gosu.sh new file mode 100644 index 000000000..28fbaaabe --- /dev/null +++ b/provisioning/base/general/provision/entrypoint.d/teardown/05-gosu.sh @@ -0,0 +1,4 @@ +#!/usr/bin/env bash + +# add suid bit +chmod +s /sbin/gosu From bc98bbb4f019ac1bfa92ca310ec43269f7ee1cb6 Mon Sep 17 00:00:00 2001 From: Demjan Kaluzki Date: Sat, 19 Dec 2020 20:55:54 +0100 Subject: [PATCH 2/3] [webdevops/Dockerfile#226] fix cli task for webdevops/base* images --- provisioning/base/general/bin/entrypoint.d/cli.sh | 6 +++--- provisioning/base/general/bin/entrypoint.sh | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/provisioning/base/general/bin/entrypoint.d/cli.sh b/provisioning/base/general/bin/entrypoint.d/cli.sh index fe212a8ea..80109a7bd 100644 --- a/provisioning/base/general/bin/entrypoint.d/cli.sh +++ b/provisioning/base/general/bin/entrypoint.d/cli.sh @@ -5,13 +5,13 @@ ############################################# if [ -n "${CLI_SCRIPT}" ]; then - if [ -n "$APPLICATION_USER" ]; then + if [ -n "${CONTAINER_UID}" ]; then # Run as EFFECTIVE_USER shift - exec gosu "${APPLICATION_USER}" ${CLI_SCRIPT} "$@" + exec gosu "${CONTAINER_UID}" "${CLI_SCRIPT}" "$@" else # Run as root - exec ${CLI_SCRIPT} "$@" + exec "${CLI_SCRIPT}" "$@" fi else echo "[ERROR] No CLI_SCRIPT in in docker environment defined" diff --git a/provisioning/base/general/bin/entrypoint.sh b/provisioning/base/general/bin/entrypoint.sh index 254cef075..4795ba60a 100644 --- a/provisioning/base/general/bin/entrypoint.sh +++ b/provisioning/base/general/bin/entrypoint.sh @@ -1,7 +1,7 @@ #!/usr/bin/env bash if [[ -z "$CONTAINER_UID" ]]; then - export CONTAINER_UID="application" + export CONTAINER_UID=1000 fi set -o pipefail # trace ERR through pipes From 7df050c9504e93d3664a89bb75ba7c93a4dc5e7c Mon Sep 17 00:00:00 2001 From: Demjan Kaluzki Date: Sat, 19 Dec 2020 20:58:18 +0100 Subject: [PATCH 3/3] [webdevops/Dockerfile#226] make provision --- docker/base/alpine/conf/bin/config.sh | 1 - docker/base/centos-7/conf/bin/config.sh | 1 - docker/base/debian-10/conf/bin/config.sh | 1 - docker/base/debian-7/conf/bin/config.sh | 1 - docker/base/debian-8/conf/bin/config.sh | 1 - docker/base/debian-9/conf/bin/config.sh | 1 - docker/base/ubuntu-12.04/conf/bin/config.sh | 1 - docker/base/ubuntu-14.04/conf/bin/config.sh | 1 - docker/base/ubuntu-15.04/conf/bin/config.sh | 1 - docker/base/ubuntu-15.10/conf/bin/config.sh | 1 - docker/base/ubuntu-16.04/conf/bin/config.sh | 1 - docker/base/ubuntu-16.10/conf/bin/config.sh | 1 - docker/base/ubuntu-17.04/conf/bin/config.sh | 1 - docker/base/ubuntu-17.10/conf/bin/config.sh | 1 - docker/base/ubuntu-18.04/conf/bin/config.sh | 1 - docker/php-official/5.6/conf/bin/config.sh | 1 - docker/php-official/7.0/conf/bin/config.sh | 1 - docker/php-official/7.1-alpine/conf/bin/config.sh | 1 - docker/php-official/7.1/conf/bin/config.sh | 1 - docker/php-official/7.2-alpine/conf/bin/config.sh | 1 - docker/php-official/7.2/conf/bin/config.sh | 1 - docker/php-official/7.3-alpine/conf/bin/config.sh | 1 - docker/php-official/7.3/conf/bin/config.sh | 1 - docker/php-official/7.4-alpine/conf/bin/config.sh | 1 - docker/php-official/7.4/conf/bin/config.sh | 1 - docker/php-official/8.0-alpine/conf/bin/config.sh | 1 - docker/php-official/8.0/conf/bin/config.sh | 1 - docker/samson-deployment/latest/conf/bin/config.sh | 1 - 28 files changed, 28 deletions(-) diff --git a/docker/base/alpine/conf/bin/config.sh b/docker/base/alpine/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/alpine/conf/bin/config.sh +++ b/docker/base/alpine/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/centos-7/conf/bin/config.sh b/docker/base/centos-7/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/centos-7/conf/bin/config.sh +++ b/docker/base/centos-7/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/debian-10/conf/bin/config.sh b/docker/base/debian-10/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/debian-10/conf/bin/config.sh +++ b/docker/base/debian-10/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/debian-7/conf/bin/config.sh b/docker/base/debian-7/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/debian-7/conf/bin/config.sh +++ b/docker/base/debian-7/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/debian-8/conf/bin/config.sh b/docker/base/debian-8/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/debian-8/conf/bin/config.sh +++ b/docker/base/debian-8/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/debian-9/conf/bin/config.sh b/docker/base/debian-9/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/debian-9/conf/bin/config.sh +++ b/docker/base/debian-9/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/ubuntu-12.04/conf/bin/config.sh b/docker/base/ubuntu-12.04/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/ubuntu-12.04/conf/bin/config.sh +++ b/docker/base/ubuntu-12.04/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/ubuntu-14.04/conf/bin/config.sh b/docker/base/ubuntu-14.04/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/ubuntu-14.04/conf/bin/config.sh +++ b/docker/base/ubuntu-14.04/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/ubuntu-15.04/conf/bin/config.sh b/docker/base/ubuntu-15.04/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/ubuntu-15.04/conf/bin/config.sh +++ b/docker/base/ubuntu-15.04/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/ubuntu-15.10/conf/bin/config.sh b/docker/base/ubuntu-15.10/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/ubuntu-15.10/conf/bin/config.sh +++ b/docker/base/ubuntu-15.10/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/ubuntu-16.04/conf/bin/config.sh b/docker/base/ubuntu-16.04/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/ubuntu-16.04/conf/bin/config.sh +++ b/docker/base/ubuntu-16.04/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/ubuntu-16.10/conf/bin/config.sh b/docker/base/ubuntu-16.10/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/ubuntu-16.10/conf/bin/config.sh +++ b/docker/base/ubuntu-16.10/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/ubuntu-17.04/conf/bin/config.sh b/docker/base/ubuntu-17.04/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/ubuntu-17.04/conf/bin/config.sh +++ b/docker/base/ubuntu-17.04/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/ubuntu-17.10/conf/bin/config.sh b/docker/base/ubuntu-17.10/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/ubuntu-17.10/conf/bin/config.sh +++ b/docker/base/ubuntu-17.10/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/base/ubuntu-18.04/conf/bin/config.sh b/docker/base/ubuntu-18.04/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/base/ubuntu-18.04/conf/bin/config.sh +++ b/docker/base/ubuntu-18.04/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/5.6/conf/bin/config.sh b/docker/php-official/5.6/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/5.6/conf/bin/config.sh +++ b/docker/php-official/5.6/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/7.0/conf/bin/config.sh b/docker/php-official/7.0/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/7.0/conf/bin/config.sh +++ b/docker/php-official/7.0/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/7.1-alpine/conf/bin/config.sh b/docker/php-official/7.1-alpine/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/7.1-alpine/conf/bin/config.sh +++ b/docker/php-official/7.1-alpine/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/7.1/conf/bin/config.sh b/docker/php-official/7.1/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/7.1/conf/bin/config.sh +++ b/docker/php-official/7.1/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/7.2-alpine/conf/bin/config.sh b/docker/php-official/7.2-alpine/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/7.2-alpine/conf/bin/config.sh +++ b/docker/php-official/7.2-alpine/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/7.2/conf/bin/config.sh b/docker/php-official/7.2/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/7.2/conf/bin/config.sh +++ b/docker/php-official/7.2/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/7.3-alpine/conf/bin/config.sh b/docker/php-official/7.3-alpine/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/7.3-alpine/conf/bin/config.sh +++ b/docker/php-official/7.3-alpine/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/7.3/conf/bin/config.sh b/docker/php-official/7.3/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/7.3/conf/bin/config.sh +++ b/docker/php-official/7.3/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/7.4-alpine/conf/bin/config.sh b/docker/php-official/7.4-alpine/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/7.4-alpine/conf/bin/config.sh +++ b/docker/php-official/7.4-alpine/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/7.4/conf/bin/config.sh b/docker/php-official/7.4/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/7.4/conf/bin/config.sh +++ b/docker/php-official/7.4/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/8.0-alpine/conf/bin/config.sh b/docker/php-official/8.0-alpine/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/8.0-alpine/conf/bin/config.sh +++ b/docker/php-official/8.0-alpine/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/php-official/8.0/conf/bin/config.sh b/docker/php-official/8.0/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/php-official/8.0/conf/bin/config.sh +++ b/docker/php-official/8.0/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi diff --git a/docker/samson-deployment/latest/conf/bin/config.sh b/docker/samson-deployment/latest/conf/bin/config.sh index 3eef76c3b..3b9bec689 100644 --- a/docker/samson-deployment/latest/conf/bin/config.sh +++ b/docker/samson-deployment/latest/conf/bin/config.sh @@ -79,7 +79,6 @@ function runEntrypoints() { fi if [ ! -f "$ENTRYPOINT_SCRIPT" ]; then - echo "not found $ENTRYPOINT_SCRIPT" exit 1 fi