Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Userguide docker image #1087

Closed
dlpzx opened this issue Mar 5, 2024 · 0 comments · Fixed by #1089
Closed

Userguide docker image #1087

dlpzx opened this issue Mar 5, 2024 · 0 comments · Fixed by #1089

Comments

@dlpzx
Copy link
Contributor

dlpzx commented Mar 5, 2024
edited
Loading

Describe the bug

The dockerfile of the userguide contains some duplicates and results in failures when it is deployed to AWS.

When deploying the VPC facing architecture from scratch and with userguide, the CodeBuild stage that builds the docker image fails with the following error: No such file or directory: 'documentation/userguide/requirements.txt

I tried tweaking a bit the CodeBuild commands and removed the cd documentation/userguide command and specify the whole path in docker build -f documentation/userguide/docker/prod/Dockerfile -t $IMAGE_TAG:$IMAGE_TAG . But I got errors in mkdocs build ---> 'mkdocs.yml' does not exist.

{
      "commands": [
        "aws codeartifact login --tool pip --repository pr-pypi-store --domain pr-domain-fresh3 --domain-owner 849270055435",
        "docker build -f documentation/userguide/docker/prod/Dockerfile -t $IMAGE_TAG:$IMAGE_TAG .",
        "aws ecr get-login-password --region eu-west-1 | docker login --username AWS --password-stdin 849270055435.dkr.ecr.eu-west-1.amazonaws.com",
        "docker tag $IMAGE_TAG:$IMAGE_TAG $REPOSITORY_URI:$IMAGE_TAG",
        "docker push $REPOSITORY_URI:$IMAGE_TAG"
      ]
}

Updating the dockerfile to not use the documentation/frontend path inside the dockerfile solved the issue but then I ran into a different issue:

Step 22/27 : RUN python$PYTHON_VERSION -m mkdocs build

.....
  File "/usr/local/lib/python3.9/site-packages/mkdocs/utils/__init__.py", line 129, in copy_file
    os.makedirs(output_dir, exist_ok=True)
  File "/usr/lib64/python3.9/os.py", line 215, in makedirs
    makedirs(head, exist_ok=exist_ok)
  File "/usr/lib64/python3.9/os.py", line 225, in makedirs
mkdir(name, mode)
PermissionError: [Errno 13] Permission denied: '/site'
The command '/bin/sh -c python$PYTHON_VERSION -m mkdocs build' returned a non-zero code: 1

I think it is related to mkdocs creating the site directory, we should grant user permissions to that directory or change the directory to use a directory that the user already has access to. When running mkdocs build locally we can see the new directory:
image

How to Reproduce

Deploy data.all with userguide and VPC facing architecture

Expected behavior

Successful deployment and clean dockerfile

Your project

No response

Screenshots

No response

OS

n/a

Python version

n/a

AWS data.all version

2.2

Additional context

No response
@dlpzx dlpzx mentioned this issue Mar 5, 2024
Merged
@noah-paige noah-paige linked a pull request Mar 6, 2024 that will close this issue
Fix/userguide dockerfile #1089
Merged
dlpzx added a commit that referenced this issue Mar 7, 2024
@dlpzx @noah-paige
Fix/userguide dockerfile (#1089)
a463374 
### Feature or Bugfix
- Bugfix

### Detail
- view #1087 

### Relates
- <URL or Ticket>

### Security
Please answer the questions below briefly where applicable, or write
`N/A`. Based on
[OWASP 10](https://owasp.org/Top10/en/).

- Does this PR introduce or modify any input fields or queries - this
includes
fetching data from storage outside the application (e.g. a database, an
S3 bucket)?
  - Is the input sanitized?
- What precautions are you taking before deserializing the data you
consume?
  - Is injection prevented by parametrizing queries?
  - Have you ensured no `eval` or similar functions are used?
- Does this PR introduce any functionality or component that requires
authorization?
- How have you ensured it respects the existing AuthN/AuthZ mechanisms?
  - Are you logging failed auth attempts?
- Are you using or adding any cryptographic features?
  - Do you use a standard proven implementations?
  - Are the used keys controlled by the customer? Where are they stored?
- Are you introducing any new policies/roles/users?
  - Have you used the least-privilege principle? How?


By submitting this pull request, I confirm that my contribution is made
under the terms of the Apache 2.0 license.

---------

Co-authored-by: Noah Paige <noahpaig@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix/userguide dockerfile data-dot-all/dataall
1 participant
@dlpzx