CommunEu
/
Passbolt
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

initial runtime test passing

This commit is contained in:
Diego Lendoiro 2018-01-11 18:08:49 +01:00
parent 7b82cdac55
commit 7547032ce7
4 changed files with 100 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
Dockerfile
View File

@ -2,7 +2,7 @@ FROM php:7-fpm-alpine3.7
LABEL MAINTAINER diego@passbolt.com LABEL MAINTAINER diego@passbolt.com
ENV PASSBOLT_VERSION 1.6.5 ENV PASSBOLT_VERSION 2.0.0-rc1
ENV PASSBOLT_URL https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz ENV PASSBOLT_URL https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz
ARG PHP_EXTENSIONS="gd \ ARG PHP_EXTENSIONS="gd \
@ -32,6 +32,7 @@ RUN apk add --no-cache $PHP_GNUPG_BUILD_DEPS \
libxslt-dev \ libxslt-dev \
libmcrypt-dev \ libmcrypt-dev \
supervisor \ supervisor \
git \
&& pecl install gnupg redis mcrypt-snapshot \ && pecl install gnupg redis mcrypt-snapshot \
&& docker-php-ext-install -j4 $PHP_EXTENSIONS \ && docker-php-ext-install -j4 $PHP_EXTENSIONS \
&& docker-php-ext-enable $PHP_EXTENSIONS gnupg redis mcrypt \ && docker-php-ext-enable $PHP_EXTENSIONS gnupg redis mcrypt \
@ -45,10 +46,11 @@ COPY src/passbolt_api/ /var/www/passbolt/
RUN cd /var/www/passbolt \ RUN cd /var/www/passbolt \
&& composer global require hirak/prestissimo \ && composer global require hirak/prestissimo \
&& composer install \ && composer install \
&& chown -R nginx:nginx /var/www/passbolt \ && chown -R www-data:www-data /var/www/passbolt \
&& chmod -R o-w /var/www/passbolt \ && chmod 775 $(find /var/www/passbolt/tmp -type f) \
&& chmod -R +w /var/www/passbolt/tmp \ && chmod 664 $(find /var/www/passbolt/tmp -type d) \
&& chmod -R +w /var/www/passbolt/webroot/img/public && chmod 775 $(find /var/www/passbolt/webroot/img/public -type f) \
&& chmod 664 $(find /var/www/passbolt/webroot/img/public -type d)
COPY conf/passbolt.conf /etc/nginx/conf.d/default.conf COPY conf/passbolt.conf /etc/nginx/conf.d/default.conf
COPY conf/supervisord.conf /etc/supervisord.conf COPY conf/supervisord.conf /etc/supervisord.conf

20
bin/docker-entrypoint.sh
View File

@ -24,17 +24,17 @@ gpg_gen_key() {
Name-Email: $key_email Name-Email: $key_email
Expire-Date: $expiration Expire-Date: $expiration
%commit %commit
EOF" -ls /bin/sh nginx EOF" -ls /bin/sh www-data
su -m -c "gpg --armor --export-secret-keys $key_email > $gpg_private_key" -ls /bin/sh nginx su -c "gpg --armor --export-secret-keys $key_email > $gpg_private_key" -ls /bin/sh www-data
su -m -c "gpg --armor --export $key_email > $gpg_public_key" -ls /bin/sh nginx su -c "gpg --armor --export $key_email > $gpg_public_key" -ls /bin/sh www-data
} }
gpg_import_key() { gpg_import_key() {
key_id="" key_id=""
key_id=$(su -m -c "gpg --with-colons $gpg_private_key | grep sec |cut -f5 -d:" -ls /bin/sh nginx) key_id=$(su -m -c "gpg --with-colons $gpg_private_key | grep sec |cut -f5 -d:" -ls /bin/sh www-data)
su -m -c "gpg --batch --import $gpg_public_key" -ls /bin/sh nginx su -c "gpg --batch --import $gpg_public_key" -ls /bin/sh www-data
su -m -c "gpg -K $key_id" -ls /bin/sh nginx || su -m -c "gpg --batch --import $gpg_private_key" -ls /bin/sh nginx su -c "gpg -K $key_id" -ls /bin/sh www-data || su -m -c "gpg --batch --import $gpg_private_key" -ls /bin/sh www-data
} }
gen_ssl_cert() { gen_ssl_cert() {
@ -53,8 +53,8 @@ install() {
-p"$DATASOURCES_DEFAULT_PASSWORD" |wc -l) -p"$DATASOURCES_DEFAULT_PASSWORD" |wc -l)
if [ "$tables" -eq 0 ]; then if [ "$tables" -eq 0 ]; then
su -c "cp /var/www/passbolt/config/app.default.php /var/www/passbolt/config/app.php" -s /bin/sh nginx su -c "cp /var/www/passbolt/config/app.default.php /var/www/passbolt/config/app.php" -s /bin/sh www-data
su -m -c "PATH=$PATH:/usr/local/bin /var/www/passbolt/bin/cake passbolt install --no-admin --force" -s /bin/sh nginx su -c "PATH=$PATH:/usr/local/bin /var/www/passbolt/bin/cake passbolt install --no-admin --force" -s /bin/sh www-data
else else
echo "Enjoy! ☮" echo "Enjoy! ☮"
fi fi
@ -70,7 +70,7 @@ email_cron_job() {
echo "* * * * * run-parts $cron_task_dir" >> $root_crontab echo "* * * * * run-parts $cron_task_dir" >> $root_crontab
echo "#!/bin/sh" > $cron_task echo "#!/bin/sh" > $cron_task
chmod +x $cron_task chmod +x $cron_task
echo "su -c \"$process_email\" -s /bin/sh nginx" >> $cron_task echo "su -c \"$process_email\" -s /bin/sh www-data" >> $cron_task
} }
if [ -z "$DATASOURCES_DEFAULT_HOST" ] \ if [ -z "$DATASOURCES_DEFAULT_HOST" ] \
@ -95,7 +95,7 @@ if [ ! -f $ssl_key ] && [ ! -L $ssl_key ] && \
gen_ssl_cert gen_ssl_cert
fi fi
gpg_auto_fingerprint=$(su -m -c "gpg --with-fingerprint $gpg_public_key | grep fingerprint | awk '{for(i=4;i<=NF;++i)printf \$i}'" -ls /bin/sh nginx) gpg_auto_fingerprint=$(su -c "gpg --with-fingerprint $gpg_public_key | grep fingerprint | awk '{for(i=4;i<=NF;++i)printf \$i}'" -ls /bin/sh www-data)
export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint export PASSBOLT_GPG_SERVER_KEY_FINGERPRINT=$gpg_auto_fingerprint
install install
email_cron_job email_cron_job

2
spec/docker_image/image_spec.rb
View File

@ -21,7 +21,7 @@ describe 'Dockerfile' do
let(:passbolt_home) { '/var/www/passbolt' } let(:passbolt_home) { '/var/www/passbolt' }
let(:passbolt_tmp) { '/var/www/passbolt/tmp' } let(:passbolt_tmp) { '/var/www/passbolt/tmp' }
let(:passbolt_image) { '/var/www/passbolt/webroot/img/public' } let(:passbolt_image) { '/var/www/passbolt/webroot/img/public' }
let(:passbolt_owner) { 'nginx' } let(:passbolt_owner) { 'www-data' }
let(:exposed_ports) { [ '80', '443' ] } let(:exposed_ports) { [ '80', '443' ] }
let(:composer) { '/usr/local/bin/composer'} let(:composer) { '/usr/local/bin/composer'}
let(:php_extensions) { [ let(:php_extensions) { [

82
spec/docker_runtime/runtime_spec.rb Normal file
View File

@ -0,0 +1,82 @@
require 'spec_helper'
require 'rspec/wait'
describe 'passbolt_api service' do
before(:all) do
@mysql = Docker::Container.create(
'Env' => [
'MYSQL_ROOT_PASSWORD=test',
'MYSQL_DATABASE=passbolt',
'MYSQL_USER=passbolt',
'MYSQL_PASSWORD=P4ssb0lt'
],
"Healthcheck" => {
"Test": [
"CMD-SHELL",
"mysqladmin ping --silent"
]
},
'Image' => 'mysql')
@mysql.start
while @mysql.json['State']['Health']['Status'] != 'healthy'
sleep 1
end
@image = Docker::Image.build_from_dir(ROOT_DOCKERFILES)
@container = Docker::Container.create(
'Env' => [
"DATASOURCES_DEFAULT_HOST=#{@mysql.json['NetworkSettings']['IPAddress']}",
'DATASOURCES_DEFAULT_PASSWORD=P4ssb0lt',
'DATASOURCES_DEFAULT_USERNAME=passbolt',
'DATASOURCES_DEFAULT_DATABASE=passbolt',
#'DATASOURCES_DEFAULT_PORT=3306',
#'PASSBOLT_GPG_KEYRING=/var/lib/nginx/.gnupg',
#'PASSBOLT_GPG_SERVER_KEY_PUBLIC=/var/www/passbolt/config/gpg/serverkey.asc',
#'PASSBOLT_GPG_SERVER_KEY_PRIVATE=/var/www/passbolt/config/gpg/serverkey_private.asc'
],
'Image' => @image.id)
@container.start
@container.logs(stdout: true)
set :docker_container, @container.id
sleep 17
end
after(:all) do
@mysql.kill
@container.kill
end
describe 'php service' do
it 'is running supervised' do
expect(process('php-fpm')).to be_running.under('supervisor')
end
it 'has its port open' do
expect(port(9000)).to be_listening.with('tcp')
end
end
describe 'email cron' do
it 'is running supervised' do
expect(service('crond')).to be_running.under('supervisor')
end
end
describe 'web service' do
it 'is running supervised' do
expect(service('nginx')).to be_running.under('supervisor')
end
it 'is listening on port 80' do
expect(port(80)).to be_listening.with('tcp')
end
it 'is listening on port 443' do
expect(port(443)).to be_listening.with('tcp')
end
end
end