diff options
| author |   Fiete Ostkamp <Fiete.Ostkamp@telekom.de> | 2024-05-07 16:16:20 +0200 |
|---|---|---|
| committer | Fiete Ostkamp <Fiete.Ostkamp@telekom.de> | 2024-05-07 16:23:25 +0200 |
| commit | 6cb27526d896d93198cde75fc2af914155087441 (patch) | |
| tree | ce0d917afa6c6d78978787e49d86404f31d75ae0 | |
| parent | d3f7d2935986c5be36c702d9a5e1b4500b488d2a (diff) | |
Make ui filesystem readonly0.1.0
- remove nginx.template and docker_entrypoint from repo [1]
- add version.properties file
[1] they will be mounted via the chart since files can't be modified (using envsubst) in a readonly filesystem
Issue-ID: PORTALNG-96
Change-Id: Ic3352be45b104ffb2b620532d07470cb8247e4d3
Signed-off-by: Fiete Ostkamp <Fiete.Ostkamp@telekom.de>
| -rw-r--r-- | Dockerfile | 8 | ||||
| -rwxr-xr-x | docker_entrypoint.sh | 31 | ||||
| -rw-r--r-- | server/nginx.template | 55 | ||||
| -rw-r--r-- | version | 1 | ||||
| -rw-r--r-- | version.properties | 13 |
5 files changed, 16 insertions, 92 deletions
@@ -13,13 +13,11 @@ COPY . . RUN npm run build -- --configuration production FROM nginxinc/nginx-unprivileged:alpine-slim -USER root -RUN apk add --no-cache gettext # required for envsubst in docker_entrypoint.sh USER nginx -COPY --chown=nginx:nginx server/nginx* ./ -COPY --chown=nginx:nginx docker_entrypoint.sh . COPY --from=builder --chown=nginx:nginx /usr/src/app/dist/frontend /usr/share/nginx/html -ENTRYPOINT ["/docker_entrypoint.sh"] + +# Overwrite existing entrypoint from base image +ENTRYPOINT [] EXPOSE ${NGINX_PORT} CMD ["nginx", "-g", "daemon off;"] diff --git a/docker_entrypoint.sh b/docker_entrypoint.sh deleted file mode 100755 index 9c04a97..0000000 --- a/docker_entrypoint.sh +++ /dev/null @@ -1,31 +0,0 @@ -#!/usr/bin/env sh -# -# -# Copyright (c) 2022. Deutsche Telekom AG -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. -# -# SPDX-License-Identifier: Apache-2.0 -# -# -# - -set -eu - -export CLUSTER_NAMESERVER_IP=$(grep 'nameserver' /etc/resolv.conf | awk '{print $2}') # dynamically retrieve nameserver on startup -envsubst '${BFF_URL} ${NGINX_PORT} ${KEYCLOAK_URL} ${KEYCLOAK_REALM} ${KEYCLOAK_INTERNAL_URL} ${CLUSTER_NAMESERVER_IP}' < ./nginx.template > /etc/nginx/conf.d/default.conf - -# dynamically set Angular environment config upon container startup -envsubst < /usr/share/nginx/html/assets/env.template.js > /usr/share/nginx/html/assets/env.js - -exec "$@" diff --git a/server/nginx.template b/server/nginx.template deleted file mode 100644 index e3dd750..0000000 --- a/server/nginx.template +++ /dev/null @@ -1,55 +0,0 @@ -# if run in local docker container add this resolver for the DNS to connect to Keycloak -resolver ${CLUSTER_NAMESERVER_IP}; - -server { - listen ${NGINX_PORT}; - - location / { - root /usr/share/nginx/html; - index index.html; - try_files $uri $uri/ /index.html =404; - } - - location /api/ { - set $upstream ${BFF_URL}; - rewrite /api/(.*) /$1 break; - add_header Access-Control-Allow-Origin *; - proxy_pass $upstream/$1$is_args$args; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - proxy_set_header X-Forwarded-Port $server_port; - proxy_set_header X-Forwarded-Proto $scheme; - proxy_http_version 1.1; - } - - location /auth/ { - set $upstream ${KEYCLOAK_INTERNAL_URL}; - rewrite /auth/(.*) /$1 break; - add_header Access-Control-Allow-Origin *; - proxy_pass $upstream/$1$is_args$args; - proxy_http_version 1.1; - proxy_set_header Host $host; - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header X-Forwarded-Host $host; - proxy_set_header X-Forwarded-Server $host; - proxy_set_header X-Forwarded-Port $server_port; - proxy_set_header X-Forwarded-Proto $scheme; - } -} - -## -# Gzip Settings -## -gzip on; -gzip_vary on; -gzip_proxied any; -gzip_min_length 1100; -gzip_comp_level 6; -gzip_buffers 16 8k; -gzip_http_version 1.1; -gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; - diff --git a/version b/version deleted file mode 100644 index 6e8bf73..0000000 --- a/version +++ /dev/null @@ -1 +0,0 @@ -0.1.0 diff --git a/version.properties b/version.properties new file mode 100644 index 0000000..5294d92 --- /dev/null +++ b/version.properties @@ -0,0 +1,13 @@ +# Versioning variables
+# Note that these variables cannot be structured (e.g. : version.release or version.snapshot etc... )
+# because they are used in Jenkins, whose plug-in doesn't support
+
+major=0
+minor=1
+patch=0
+
+base_version=${major}.${minor}.${patch}
+
+# Release must be completed with git revision # in Jenkins
+release_version=${base_version}
+snapshot_version=${base_version}-SNAPSHOT
\ No newline at end of file |