Enable usage of previously backed up settings when starting new ACA container (#871)

* Add container env variable to import settings * New script needs +x [no ci]
2024-12-18 20:47:58 +00:00 · 2024-11-18 08:07:19 -05:00 · 2024-11-18 08:07:19 -05:00 · de17aee7de
commit de17aee7de
parent 42d7c73fe1
2 changed files with 19 additions and 1 deletions
--- a/.ci/docker/Dockerfile.aca-rocky
+++ b/.ci/docker/Dockerfile.aca-rocky
@ -84,4 +84,4 @@ HEALTHCHECK --start-period=50s --interval=1s --timeout=90s CMD curl -f https://l
 WORKDIR /hirs

 # On container launch, the database will be set up. Then bootRun should utilize build artifacts stored in the image.
-CMD ["bash", "-c", "/hirs/package/linux/aca/aca_setup.sh --unattended && /tmp/hirs_add_aca_tls_path_to_os.sh && /hirs/package/linux/aca/aca_bootRun.sh"]
+CMD ["bash", "-c", "/hirs/package/linux/aca/aca_check_env.sh && /hirs/package/linux/aca/aca_setup.sh --unattended && /tmp/hirs_add_aca_tls_path_to_os.sh && /hirs/package/linux/aca/aca_bootRun.sh"]
--- a/package/linux/aca/aca_check_env.sh
+++ b/package/linux/aca/aca_check_env.sh
@ -0,0 +1,18 @@
+#!/bin/bash
+
+# Imported /etc/hirs should only be used if one doesn't exist
+if [ ! -d "/etc/hirs" ]; then
+    if [ -n "${HIRS_USE_IMPORTED_ETC_HIRS}" ]; then
+        IMPORTED_ETC_HIRS_PATH="${HIRS_USE_IMPORTED_ETC_HIRS}"
+
+        if [ -d "$IMPORTED_ETC_HIRS_PATH" ]; then
+            cp -r "$IMPORTED_ETC_HIRS_PATH" /etc/hirs
+
+	    find /etc/hirs -type d -exec chown root:root {} +
+	    find /etc/hirs/certificates -type d -exec chown :mysql {} +
+	    find /etc/hirs -type d -exec chmod -R g+rx {} +
+	    find /etc/hirs -type f -exec chmod -R 644 {} +
+	    chmod 755 /etc/hirs
+        fi
+    fi
+fi