Skip to content

chowning certificates in startup.sh during BATS tests break CI environementsΒ #90

Open
@fir4

Description

@fir4

Hey :)
First, thanks for taking the time to design that image! It's very practical and complete.

We've been trying to automate build of our own images based on this one in Bamboo,
but stumbled on a problem: upon running the tests, and as a result launching
the docker image, startup.sh chowns a bunch of stuff in /container including the certificates directly to openldap user.

When tests are ran from a CI environment, this results in a bunch of files in host filesystems to be chowned to openldap's in-container user, rendering them unable to be subsequently removed by the CI system.

I can see a few ways to solve that problem, but i'm not sure which one is the most appropriate:

  • chmod 644 the certificates at startup rather than 600+chown, and set the host directory 600, effectively making the in-container files 644 without giving access to them on host.
  • copy the certificate files on startup rather than affecting the mapped files directly
  • perform BATS magic to circumvent the problem when running tests, such as ro'ing the files when mapping them to docker

I can propose a PR if you'd be so kind as to give some input on which method you consider best.
Regards, fir4

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions