From b7d358bb9b1f2e23f2a6204d374fd1ce5892fb88 Mon Sep 17 00:00:00 2001 From: Nigel Banks Date: Thu, 12 Sep 2024 12:11:28 +0200 Subject: [PATCH 1/3] Update Matomo Extra Tools from 5.0.1 -> 5.0.4 Required to fix build issue, that was being covered up by a previously successful cache. --- matomo/Dockerfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/matomo/Dockerfile b/matomo/Dockerfile index 1002a1ef..783ae29b 100644 --- a/matomo/Dockerfile +++ b/matomo/Dockerfile @@ -8,10 +8,10 @@ ARG MATOMO_FILE="${MATOMO_VERSION}.tar.gz" ARG MATOMO_URL="https://builds.matomo.org/matomo-${MATOMO_FILE}" ARG MATOMO_SHA256="cd656ee7df4b29ac453456c6b9708d8264093ac2c99d6669d2830f31624cd626" -ARG EXTRA_TOOLS_VERSION="5.0.1" +ARG EXTRA_TOOLS_VERSION="5.0.4" ARG EXTRA_TOOLS_FILE="${EXTRA_TOOLS_VERSION}.tar.gz" ARG EXTRA_TOOLS_URL="https://github.com/digitalist-se/extratools/archive/refs/tags/${EXTRA_TOOLS_FILE}" -ARG EXTRA_TOOLS_SHA256="e76592e839a6aa0c73189790bed7e0032281e58a6b5b648278844b664367267c" +ARG EXTRA_TOOLS_SHA256="dacb54e3dd8d234ece8ed2454121cbe23870da1d3ea3357c436a43fd651a2e1e" EXPOSE 8000 From 5c83e054b7add12c452aa9b03bab750fe7d0addc Mon Sep 17 00:00:00 2001 From: Nigel Banks Date: Thu, 12 Sep 2024 15:01:10 +0200 Subject: [PATCH 2/3] Fix for potential permission issues. A number of permission issues have gone unnoticed, I became aware of them when I did a fresh build without cache on a newly installed computer. When building Docker images, Docker copies files/folders with the same permissions as they have on the host machine. Git does not track the permissions of files except for the executable bit on files. So depending on who builds the images files/folders can get different permissions. This changes it such that the Makefile will ensure the appropriate permissions are set when building. This is required as we run services as different users other than root in the container. Those users must be able to access and execute certain files. --- Makefile | 28 +++++++++++++++++++++++++++- drupal/Dockerfile | 2 +- 2 files changed, 28 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 6affc5c9..02a5d9ec 100644 --- a/Makefile +++ b/Makefile @@ -77,6 +77,32 @@ build: %: $(call executable-exists,$@) +# Prior to building, all folders which might be copied into Docker images must +# have the executable bit set for all users. So that they can be read by the +# users we create like 'tomcat'. We can not insure this via Git as it does +# not track permissions for folders, so we rely on this hack. +.PHONY: folder-permissions +folder-permissions: + find . -type d -exec chmod +x {} \; + +# Prior to building, all scripts which might be copied into Docker images must +# have the executable bit set for all users. So that they can be executed by +# the users we create like 'nginx'. We can not insure this via Git as it does +# not track executable permissions for "groups" or "others". +.PHONY: executable-permissons +executable-permissons: + find . -type f \ + \( \ + -name "*.sh" \ + -o -name "run" \ + -o -name "check" \ + -o -name "finish" \ + -o -name "bash.bashrc" \ + -o -name "drush" \ + -o -name "composer" \ + \) \ + -exec chmod +rx {} \; + # Checks for docker compose plugin. .PHONY: docker-compose docker-compose: MISSING_DOCKER_PLUGIN_MESSAGE = ${RED}docker compose plugin is not installed${RESET}\n${README_MESSAGE} @@ -165,7 +191,7 @@ docker-compose.override.yml: # Despite being a real target we make it PHONY so it is run everytime as $(TARGET) can change. .PHONY: build/bake.json .SILENT: build/bake.json -build/bake.json: | docker-buildx jq build +build/bake.json: | docker-buildx jq build folder-permissions executable-permissons # Generate build plan for the given target and update the contexts if provided by the CI. BRANCH=$(BRANCH) \ CACHE_FROM_REPOSITORY=$(CACHE_FROM_REPOSITORY) \ diff --git a/drupal/Dockerfile b/drupal/Dockerfile index 41b97e4e..f455f76a 100644 --- a/drupal/Dockerfile +++ b/drupal/Dockerfile @@ -67,4 +67,4 @@ ENV \ COPY --link rootfs / -RUN chown -R nginx:nginx /var/www +RUN chown -R nginx:nginx /var/www /usr/share/drush From 23ba4e0a5416e0c458720fd523a2805fc781eecc Mon Sep 17 00:00:00 2001 From: Nigel Banks Date: Thu, 12 Sep 2024 18:28:25 +0200 Subject: [PATCH 3/3] Update to latest starter site, and hard-code paths to support it. --- code-server/rootfs/etc/confd/templates/tasks.json.tmpl | 2 +- drupal/rootfs/etc/islandora/utilities.sh | 8 ++++---- test/Dockerfile | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/code-server/rootfs/etc/confd/templates/tasks.json.tmpl b/code-server/rootfs/etc/confd/templates/tasks.json.tmpl index 80f1f277..162242d5 100644 --- a/code-server/rootfs/etc/confd/templates/tasks.json.tmpl +++ b/code-server/rootfs/etc/confd/templates/tasks.json.tmpl @@ -162,7 +162,7 @@ "type": "command", "command": "shellCommand.execute", "args": { - "command": "drush pm-list --field=path | sort -u | xargs -I{} echo $(drush drupal:directory)/{}", + "command": "drush pm-list --field=path | sort -u | xargs -I{} echo /var/www/drupal/web/{}", "cwd": "/var/www/drupal", "description": "Select Module/Theme" } diff --git a/drupal/rootfs/etc/islandora/utilities.sh b/drupal/rootfs/etc/islandora/utilities.sh index 16b9b973..4fc6b3f7 100755 --- a/drupal/rootfs/etc/islandora/utilities.sh +++ b/drupal/rootfs/etc/islandora/utilities.sh @@ -239,7 +239,7 @@ function install_site { use_existing_config_arg site="${1}" shift - drupal_root=$(drush drupal:directory) + drupal_root=/var/www/drupal/web driver=$(drupal_site_env "${site}" "DB_DRIVER") host=$(drupal_site_env "${site}" "DB_HOST") port=$(drupal_site_env "${site}" "DB_PORT") @@ -343,7 +343,7 @@ function allow_settings_modifications { local site drupal_root subdir site_directory site="${1}" shift - drupal_root=$(drush drupal:directory) + drupal_root=/var/www/drupal/web subdir=$(drupal_site_env "${site}" "SUBDIR") site_directory=$(realpath "${drupal_root}/sites/${subdir}") @@ -366,7 +366,7 @@ function restore_settings_ownership { shift previous_owner_group="${1}" shift - drupal_root=$(drush drupal:directory) + drupal_root=/var/www/drupal/web subdir=$(drupal_site_env "${site}" "SUBDIR") site_directory=$(realpath "${drupal_root}/sites/${subdir}") @@ -665,7 +665,7 @@ function set_site_uuid { site="${1}" shift site_url=$(drupal_site_env "${site}" "SITE_URL") - drupal_root=$(drush drupal:directory) + drupal_root=/var/www/drupal/web # Handle the case if config_dir is a relative path. config_dir=$(realpath "$(drush --root="${drupal_root}" php:eval "echo \Drupal\Core\Site\Settings::get('config_sync_directory');")") uuid=$(awk '/uuid/ { print $2 }' "${config_dir:?}/system.site.yml") diff --git a/test/Dockerfile b/test/Dockerfile index c75e6d25..216464d4 100644 --- a/test/Dockerfile +++ b/test/Dockerfile @@ -2,10 +2,10 @@ FROM drupal ARG TARGETARCH -ARG COMMIT=1.5.0 +ARG COMMIT=a129ed9e57b0de749f7c32f61684d639031e74ae ARG FILE=${COMMIT}.tar.gz ARG URL=https://github.com/Islandora/islandora-starter-site/archive/${FILE} -ARG SHA256=600f6af9d8b09815d2f36ea24ed0ddd6be5735ad58dbe262bf2acb6bbace0978 +ARG SHA256=a91638746f9acb61a83e2f03d5e62c844feede574f3b71795982d0aebe6967b7 # Platform agnostic does not require arch specific identifier. RUN --mount=type=cache,id=test-downloads-${TARGETARCH},sharing=locked,target=/opt/downloads \