Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Docker lastpass #4528

Merged
merged 25 commits into from
May 18, 2023
Merged

Docker lastpass #4528

merged 25 commits into from
May 18, 2023

Conversation

amenasse
Copy link
Contributor

@amenasse amenasse commented May 4, 2023
edited
Loading

A Dockerfile for downloading environment config from LastPass and writing to a directory.

Attempting multiple logins to LastPass from the same IP in succession often results in LastPass blocking the IP for some time. To avoid getting blocked, a "non essential" container can be run in the ECS Task to fetch configuration from LastPass prior to the application containers starting. The configuration is written to a Docker volume which can be mounted into each application container.

The container uses a script slightly modified from scripts/bash/downloadEnvironmentVariables.sh

The following changes have been made to the original script:

  • By not being in the ../../scripts/bash directory, modifications to this script don't invalidate the Docker cache prior to the application packages build. This was done to speed up development of the script.

  • Containers running in the ECS task will read env files from a common volume mount. To support this a destination directory needs to be provided as the first argument.

  • The fallback to 'dev' environments has been removed, if the specified deployment name is missing from the LastPass vault the script will error.

amenasse added 23 commits May 4, 2023 09:43
@amenasse
Initial Dockerfile build stage
d63cf0e
@amenasse
Build all internal packages for now
7a59e72
@amenasse
Remove redundant packages
ba9ddb7
@amenasse
Remove redundant layers (MKDIR)
76b323c
@amenasse
Use workspaces focus instead of install
a7f819e 
Seems to be the blessed yarn way now.
@amenasse
Run the app
6553190
@amenasse
Move to devops
55ee5c1 
Dockerfile is no longer specific to a particular service
@amenasse
Combine layers
dac82b9
@amenasse
Shrink image
c1e0c39
@amenasse
Reduce layers
c8c7d18
@amenasse
Combine config layers
40a084d
@amenasse
Use seperate stage for package.json copy
1607942 
Avoids invalidating layer cache and reduces image bloat. Approach
courtesy of @passcod.
@amenasse
Improve comments
2d06a40
@amenasse
Remove broken attempt at removing dev dependencies
512b7d3
@amenasse
Don't copy everything
44b3a29
@amenasse
Fix production bundle build
9d36728
@amenasse
Don't copy devops dir
7a9e898
@amenasse
Pull secrets from Lastpass on startup
72916cd
@amenasse
Move runtime docker scripts to avoid cache busting
f7d83c6
@amenasse
Remove fetching env from LastPass
7615fdb 
Fetching env from LastPass to be handled by a separate container.
@amenasse
Fix CodeShip builds due to missing devops pacakge
d3b06ce 
Remove the devops package  from .dockerignore. Scripts from this package are
required by CodeShip services containers.

This means the devops package is included in the image, which is
a little redundant but most likely harmless.

Move the Dockerfile out of devops so changes to the Dockerfile don't
invalidate the layer cache unnecessarily.
@amenasse
Container to fetch environment from LastPass
f290ea2
@amenasse
Additional comments
a3ccd47
@amenasse amenasse requested review from passcod, IgorNadj and rohan-bes May 4, 2023 00:39
@amenasse amenasse marked this pull request as ready for review May 4, 2023 00:39
@amenasse @passcod
Run apk once to install packages
e40c946 
Co-authored-by: Félix Saparelli <felix@passcod.name>
@amenasse amenasse mentioned this pull request May 10, 2023
Open
@amenasse amenasse merged commit 4f0e63d into dev May 18, 2023
@amenasse amenasse deleted the docker-lastpass branch May 18, 2023 01:09
@amenasse amenasse mentioned this pull request May 18, 2023
Closed
@IgorNadj IgorNadj mentioned this pull request Jun 5, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@IgorNadj IgorNadj IgorNadj approved these changes

@passcod passcod passcod left review comments

@rohan-bes rohan-bes Awaiting requested review from rohan-bes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@amenasse @passcod @IgorNadj