diff --git a/.travis.yml b/.travis.yml index 4b01a1fee..ff8d7c6e6 100644 --- a/.travis.yml +++ b/.travis.yml @@ -25,7 +25,7 @@ script: - test -f "$DOCKER_DIR/image.tar" && docker load -i "$DOCKER_DIR/image.tar" || true - docker build -t core:build --target build . - docker build -t core:dist --target dist --build-arg VCS_BRANCH="$TRAVIS_BRANCH" --build-arg VCS_COMMIT="$TRAVIS_COMMIT" . - - docker build -t core:testing --target testing . + - docker build -t core:testing --target dev . - docker save -o "$DOCKER_DIR/image.tar" $(docker history -q core:build | grep -v '') $(docker history -q core:dist | grep -v '') - ./tests/bin/run-tests-docker.sh --image core:testing diff --git a/Dockerfile b/Dockerfile index 39bde6d7c..380ed1606 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,9 +17,12 @@ RUN apk add --no-cache git COPY --from=build /usr/local/sbin/unitd /usr/local/sbin/unitd COPY --from=build /usr/local/lib/python.unit.so /usr/local/lib/python.unit.so -EXPOSE 80 8080 27017 +EXPOSE 80 8080 VOLUME /data/db +VOLUME /data/persistent + WORKDIR /src/core +ENV SCITRAN_PERSISTENT_DATA_PATH=/data/persistent COPY docker/unit.json /var/local/unit/conf.json COPY requirements.txt requirements.txt @@ -28,14 +31,17 @@ RUN pip install -r requirements.txt COPY . . RUN pip install -e . -CMD ["unitd", "--control", "*:8080", "--no-daemon", "--log", "/dev/stdout"] - ARG VCS_BRANCH=NULL ARG VCS_COMMIT=NULL RUN docker/build_info.sh $VCS_BRANCH $VCS_COMMIT | tee /version.json +ENTRYPOINT ["./entrypoint.sh"] +CMD ["unitd", "--control", "*:8080", "--no-daemon", "--log", "/dev/stdout"] + + +FROM dist as dev -FROM dist as testing +EXPOSE 27017 RUN apk add --no-cache mongodb diff --git a/docker/dev+mongo.sh b/docker/dev+mongo.sh index 974c92838..bc329f248 100755 --- a/docker/dev+mongo.sh +++ b/docker/dev+mongo.sh @@ -3,4 +3,6 @@ mongod & MONGOD_PID=$! -exec unitd --control "*:8888" --no-daemon --log /dev/stdout +chown nobody:nobody -R $SCITRAN_PERSISTENT_DATA_PATH + +exec unitd --control "*:8080" --no-daemon --log /dev/stdout diff --git a/docker/unit.json b/docker/unit.json index ab9147d46..7bd141056 100644 --- a/docker/unit.json +++ b/docker/unit.json @@ -9,8 +9,7 @@ "scitran-core": { "type": "python", "workers": 2, - "user": "root", - "group": "root", + "user": "nobody", "path": "/src/core", "module": "api.app" } diff --git a/entrypoint.sh b/entrypoint.sh new file mode 100755 index 000000000..689c3513e --- /dev/null +++ b/entrypoint.sh @@ -0,0 +1,10 @@ +#!/usr/bin/env sh + +set -e + +# If running unitd and started as root, update file ownership +if [ "$1" == "unitd" -a "$(id -u)" == "0" ]; then + chown nobody:nobody -R $SCITRAN_PERSISTENT_DATA_PATH +fi + +exec "$@"