From de17aee7debfe6dc77d222b2ae8ab87b7c564617 Mon Sep 17 00:00:00 2001 From: 5B96790E3664F40075A67E6ADF737EDB15B4408DBC91A81228B31537B0CE3E26 <33426478+iadgovuser29@users.noreply.github.com> Date: Mon, 18 Nov 2024 08:07:19 -0500 Subject: [PATCH] Enable usage of previously backed up settings when starting new ACA container (#871) * Add container env variable to import settings * New script needs +x [no ci] --- .ci/docker/Dockerfile.aca-rocky | 2 +- package/linux/aca/aca_check_env.sh | 18 ++++++++++++++++++ 2 files changed, 19 insertions(+), 1 deletion(-) create mode 100755 package/linux/aca/aca_check_env.sh diff --git a/.ci/docker/Dockerfile.aca-rocky b/.ci/docker/Dockerfile.aca-rocky index ce213f75..5a395382 100644 --- a/.ci/docker/Dockerfile.aca-rocky +++ b/.ci/docker/Dockerfile.aca-rocky @@ -84,4 +84,4 @@ HEALTHCHECK --start-period=50s --interval=1s --timeout=90s CMD curl -f https://l WORKDIR /hirs # On container launch, the database will be set up. Then bootRun should utilize build artifacts stored in the image. -CMD ["bash", "-c", "/hirs/package/linux/aca/aca_setup.sh --unattended && /tmp/hirs_add_aca_tls_path_to_os.sh && /hirs/package/linux/aca/aca_bootRun.sh"] \ No newline at end of file +CMD ["bash", "-c", "/hirs/package/linux/aca/aca_check_env.sh && /hirs/package/linux/aca/aca_setup.sh --unattended && /tmp/hirs_add_aca_tls_path_to_os.sh && /hirs/package/linux/aca/aca_bootRun.sh"] \ No newline at end of file diff --git a/package/linux/aca/aca_check_env.sh b/package/linux/aca/aca_check_env.sh new file mode 100755 index 00000000..25d5e358 --- /dev/null +++ b/package/linux/aca/aca_check_env.sh @@ -0,0 +1,18 @@ +#!/bin/bash + +# Imported /etc/hirs should only be used if one doesn't exist +if [ ! -d "/etc/hirs" ]; then + if [ -n "${HIRS_USE_IMPORTED_ETC_HIRS}" ]; then + IMPORTED_ETC_HIRS_PATH="${HIRS_USE_IMPORTED_ETC_HIRS}" + + if [ -d "$IMPORTED_ETC_HIRS_PATH" ]; then + cp -r "$IMPORTED_ETC_HIRS_PATH" /etc/hirs + + find /etc/hirs -type d -exec chown root:root {} + + find /etc/hirs/certificates -type d -exec chown :mysql {} + + find /etc/hirs -type d -exec chmod -R g+rx {} + + find /etc/hirs -type f -exec chmod -R 644 {} + + chmod 755 /etc/hirs + fi + fi +fi