diff --git a/CHANGELOG.md b/CHANGELOG.md index feff0a7..bbad0e2 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,7 +2,18 @@ All notable changes to this project will be documented in this file. This project adheres to [Semantic Versioning](http://semver.org/). -## [Unreleased](https://github.com/passbolt/passbolt_docker/compare/v2.8.4...HEAD) +## [Unreleased](https://github.com/passbolt/passbolt_docker/compare/v2.9.0...HEAD) + +## [2.9.0](https://github.com/passbolt/passbolt_docker/compare/v2.8.4...v2.9.0) - 2019-04-24 + +### Added + +- Build arg to pass headers to curl +- Removed git as dev dependency + +### Fixed + +- Fix typo in Readme [#125](https://github.com/passbolt/passbolt_docker/pull/125) ## [2.8.4](https://github.com/passbolt/passbolt_docker/compare/v2.8.3...v2.8.4) - 2019-04-17 diff --git a/Dockerfile b/Dockerfile index 036339a..68819bb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -2,8 +2,9 @@ FROM php:7.2-fpm LABEL maintainer="diego@passbolt.com" -ARG PASSBOLT_VERSION="2.8.4" +ARG PASSBOLT_VERSION="2.9.0" ARG PASSBOLT_URL="https://github.com/passbolt/passbolt_api/archive/v${PASSBOLT_VERSION}.tar.gz" +ARG PASSBOLT_CURL_HEADERS="" ARG PHP_EXTENSIONS="gd \ intl \ @@ -21,8 +22,7 @@ ARG PASSBOLT_DEV_PACKAGES="libgpgme11-dev \ libicu-dev \ libxslt1-dev \ libmcrypt-dev \ - unzip \ - git" + unzip" ARG PASSBOLT_BASE_PACKAGES="nginx \ gnupg \ @@ -62,7 +62,8 @@ RUN apt-get update \ fi \ && php composer-setup.php \ && mv composer.phar /usr/local/bin/composer \ - && curl -sSL $PASSBOLT_URL | tar zxf - -C . --strip-components 1 \ + && rm composer-setup.php \ + && curl -sSL -H "$PASSBOLT_CURL_HEADERS" "$PASSBOLT_URL" | tar zxf - -C . --strip-components 1 \ && composer install -n --no-dev --optimize-autoloader \ && chown -R www-data:www-data . \ && chmod 775 $(find /var/www/passbolt/tmp -type d) \ @@ -77,7 +78,6 @@ RUN apt-get update \ && sed -i 's/# server_tokens/server_tokens/' /etc/nginx/nginx.conf \ && mv "$PHP_INI_DIR/php.ini-production" "$PHP_INI_DIR/php.ini" - COPY conf/passbolt.conf /etc/nginx/conf.d/default.conf COPY conf/supervisor/*.conf /etc/supervisor/conf.d/ COPY bin/docker-entrypoint.sh /docker-entrypoint.sh diff --git a/README.md b/README.md index bc62673..83f203d 100644 --- a/README.md +++ b/README.md @@ -113,7 +113,7 @@ Passbolt docker image provides several environment variables to configure differ | PASSBOLT_SECURITY_SET_HEADERS | Send CSP Headers | true | | SECURITY_SALT | CakePHP security salt | __SALT__ | For more env variables supported please check [default.php](https://github.com/passbolt/passbolt_api/blob/master/config/default.php) -For more env variables supported please check [app.default.php](https://github.com/passbolt/passbolt_api/blob/master/config/app.default.php) +and [app.default.php](https://github.com/passbolt/passbolt_api/blob/master/config/app.default.php) ### Configuration files diff --git a/docker-compose-pro.yml b/docker-compose-pro.yml index 3f8a353..e1ab1d3 100644 --- a/docker-compose-pro.yml +++ b/docker-compose-pro.yml @@ -10,7 +10,7 @@ services: - "127.0.0.1:3306:3306" passbolt: - image: passbolt/passbolt:2.8.4-pro-debian + image: passbolt/passbolt:2.9.0-pro-debian tty: true depends_on: - db diff --git a/docker-compose.yml b/docker-compose.yml index f5756c2..5bf7ca5 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,7 +10,7 @@ services: - "127.0.0.1:3306:3306" passbolt: - image: passbolt/passbolt:2.8.4-debian + image: passbolt/passbolt:2.9.0-debian tty: true depends_on: - db diff --git a/spec/docker_runtime_gitlab/runtime_spec.rb b/spec/docker_runtime_gitlab/runtime_spec.rb deleted file mode 100644 index e226408..0000000 --- a/spec/docker_runtime_gitlab/runtime_spec.rb +++ /dev/null @@ -1,105 +0,0 @@ -require 'spec_helper' - -describe 'passbolt_api service' do - - before(:all) do - @image = Docker::Image.build_from_dir(ROOT_DOCKERFILES) - @container = Docker::Container.create( - 'Env' => [ - "DATASOURCES_DEFAULT_HOST=db", - 'DATASOURCES_DEFAULT_PASSWORD=±!@#$%^&*()_+=-}{|:;<>?', - 'DATASOURCES_DEFAULT_USERNAME=passbolt', - 'DATASOURCES_DEFAULT_DATABASE=passbolt', - 'PASSBOLT_SSL_FORCE=true' - ], - 'Image' => @image.id) - @container.start - @container.logs(stdout: true) - - set :docker_container, @container.id - sleep 17 - end - - after(:all) do - @container.kill - end - - let(:passbolt_host) { @container.json['NetworkSettings']['IPAddress'] } - let(:uri) { "/healthcheck/status.json" } - let(:curl) { "curl -sk -o /dev/null -w '%{http_code}' -H 'Host: passbolt.local' https://#{passbolt_host}/#{uri}" } - - describe 'php service' do - it 'is running supervised' do - expect(service('php-fpm')).to be_running.under('supervisor') - end - - it 'has its port open' do - expect(@container.json['Config']['ExposedPorts']).to have_key('9000/tcp') - end - end - - describe 'email cron' do - it 'is running supervised' do - expect(service('cron')).to be_running.under('supervisor') - end - end - - describe 'web service' do - it 'is running supervised' do - expect(service('nginx')).to be_running.under('supervisor') - end - - it 'is listening on port 80' do - expect(@container.json['Config']['ExposedPorts']).to have_key('80/tcp') - end - - it 'is listening on port 443' do - expect(@container.json['Config']['ExposedPorts']).to have_key('443/tcp') - end - end - - describe 'passbolt status' do - it 'returns 200' do - expect(command(curl).stdout).to eq '200' - end - end - - describe 'passbolt serverkey unaccessible' do - let(:uri) { '/config/gpg/serverkey.asc' } - it "returns 404" do - expect(command(curl).stdout).to eq '404' - end - end - - describe 'passbolt serverkey private unaccessible' do - let(:uri) { '/config/gpg/serverkey_private.asc' } - it 'returns 404' do - expect(command(curl).stdout).to eq '404' - end - end - - describe 'passbolt conf unaccessible' do - let(:uri) { '/config/app.php' } - it 'returns 404' do - expect(command(curl).stdout).to eq '404' - end - end - describe 'passbolt tmp folder is unaccessible' do - let(:uri) { '/tmp/cache/database/empty' } - it 'returns 404' do - expect(command(curl).stdout).to eq '404' - end - end - - describe 'hide information' do - let(:curl) { "curl -Isk -H 'Host: passbolt.local' https://#{passbolt_host}/" } - it 'hides php version' do - expect(command("#{curl} | grep 'X-Powered-By: PHP'").stdout).to be_empty - end - - it 'hides nginx version' do - expect(command("#{curl} | grep 'Server:'").stdout.strip).to match(/^Server:\s+nginx$/) - end - end - -end diff --git a/spec/docker_runtime_gitlab_no_envs/runtime_no_envs_spec.rb b/spec/docker_runtime_gitlab_no_envs/runtime_no_envs_spec.rb deleted file mode 100644 index a82c00d..0000000 --- a/spec/docker_runtime_gitlab_no_envs/runtime_no_envs_spec.rb +++ /dev/null @@ -1,104 +0,0 @@ -require 'spec_helper' - -describe 'passbolt_api service' do - - before(:all) do - @image = Docker::Image.build_from_dir(ROOT_DOCKERFILES) - - @container = Docker::Container.create( - 'Env' => [ - "DATASOURCES_DEFAULT_HOST=db", - ], - 'Binds' => [ "#{FIXTURES_PATH + '/passbolt.php'}:/var/www/passbolt/config/passbolt.php" ], - 'Image' => @image.id) - - @container.start - @container.logs(stdout: true) - - set :docker_container, @container.id - sleep 17 - end - - after(:all) do - @container.kill - end - - let(:passbolt_host) { @container.json['NetworkSettings']['IPAddress'] } - let(:uri) { "/healthcheck/status.json" } - let(:curl) { "curl -sk -o /dev/null -w '%{http_code}' -H 'Host: passbolt.local' https://#{passbolt_host}/#{uri}" } - - describe 'php service' do - it 'is running supervised' do - expect(service('php-fpm')).to be_running.under('supervisor') - end - - it 'has its port open' do - expect(@container.json['Config']['ExposedPorts']).to have_key('9000/tcp') - end - end - - describe 'email cron' do - it 'is running supervised' do - expect(service('cron')).to be_running.under('supervisor') - end - end - - describe 'web service' do - it 'is running supervised' do - expect(service('nginx')).to be_running.under('supervisor') - end - - it 'is listening on port 80' do - expect(@container.json['Config']['ExposedPorts']).to have_key('80/tcp') - end - - it 'is listening on port 443' do - expect(@container.json['Config']['ExposedPorts']).to have_key('443/tcp') - end - end - - describe 'passbolt status' do - it 'returns 200' do - expect(command(curl).stdout).to eq '200' - end - end - - describe 'passbolt serverkey unaccessible' do - let(:uri) { '/config/gpg/serverkey.asc' } - it "returns 404" do - expect(command(curl).stdout).to eq '404' - end - end - - describe 'passbolt serverkey private unaccessible' do - let(:uri) { '/config/gpg/serverkey_private.asc' } - it 'returns 404' do - expect(command(curl).stdout).to eq '404' - end - end - - describe 'passbolt conf unaccessible' do - let(:uri) { '/config/app.php' } - it 'returns 404' do - expect(command(curl).stdout).to eq '404' - end - end - describe 'passbolt tmp folder is unaccessible' do - let(:uri) { '/tmp/cache/database/empty' } - it 'returns 404' do - expect(command(curl).stdout).to eq '404' - end - end - - describe 'hide information' do - let(:curl) { "curl -Isk -H 'Host: passbolt.local' https://#{passbolt_host}/" } - it 'hides php version' do - expect(command("#{curl} | grep 'X-Powered-By: PHP'").stdout).to be_empty - end - - it 'hides nginx version' do - expect(command("#{curl} | grep 'Server:'").stdout.strip).to match(/^Server:\s+nginx$/) - end - end - -end