Removed TPM from the ACA on Rocky image, changed container detection

2025-01-25 21:59:22 +00:00 · 2023-11-15 11:11:42 -05:00 · 2023-11-15 11:11:42 -05:00 · fbeb54522f
commit fbeb54522f
parent 9fa43a2b00
4 changed files with 4 additions and 18 deletions
--- a/.ci/docker/Dockerfile.aca-rocky
+++ b/.ci/docker/Dockerfile.aca-rocky
@ -24,19 +24,6 @@ ENV HIRS_DNF_TPM_COMPILE="tpm2-tools gcc cmake openssl-devel"
 # Download and install all dependencies at one time
 RUN dnf -y install $(echo "$HIRS_DNF_OS_SETUP") $(echo "$HIRS_DNF_OS_TOOLS") $(echo "$HIRS_DNF_ACA_COMPILE") $(echo "$HIRS_DNF_ACA_RUN") $(echo "$HIRS_DNF_TPM_COMPILE")

-# Set up TPM Simulator
-RUN git clone https://github.com/kgoldman/ibmswtpm2 /ibmswtpm2
-WORKDIR /ibmswtpm2/src
-RUN make
-# The following script allows the TPM to be set up in the docker image.
-# This will install an empty TPM. 
-RUN echo "#!/bin/bash" > /tmp/tpm_config && \
-    echo "/ibmswtpm2/src/tpm_server &" >> /tmp/tpm_config && \
-    echo "sleep 5" >> /tmp/tpm_config && \
-    echo "tpm2_startup -c" >> /tmp/tpm_config && \
-    bash /tmp/tpm_config && \
-    rm -rf /tmp/tpm_config
-
 #EXPOSE 8080 # Only needed if TLS is not working.
 EXPOSE 8443

--- a/.ci/docker/Dockerfile.aca-windows
+++ b/.ci/docker/Dockerfile.aca-windows
@ -57,7 +57,7 @@ RUN echo $Env:JAVA_HOME
 WORKDIR C:/
 RUN git config --global --add core.autocrlf false
 RUN git config --global --add safe.directory '*'
-RUN git clone -b v3_windows-package-scripts https://github.com/nsacyber/hirs.git C:/repo
+RUN git clone -b main https://github.com/nsacyber/hirs.git C:/repo

 # Defensive copy of the repo so it's easy to start fresh if needed
 WORKDIR C:/repo
--- a/.ci/docker/compose-acceptance-test.yml
+++ b/.ci/docker/compose-acceptance-test.yml
@ -1,7 +1,7 @@
 version: "3.9"
 services:
  aca:  # policy settings not saved, will have a clean database/default policy on each boot for now
-    image: ghcr.io/nsacyber/hirs/aca:alpha2
+    image: ghcr.io/nsacyber/hirs/aca:alpha3
    container_name: aca
    ports:
      - "8443:8443"
@ -9,7 +9,7 @@ services:
      hat_network:
        ipv4_address: 172.16.1.75
  hat:
-    image: ghcr.io/nsacyber/hirs/hat:alpha4
+    image: ghcr.io/nsacyber/hirs/hat:alpha6
    container_name: hat
    ports:
       - 53:53/tcp
--- a/package/scripts/db/mysql_util.sh
+++ b/package/scripts/db/mysql_util.sh
@ -12,8 +12,7 @@ SQL_SERVICE="mariadb"
 check_for_container () {
  PRINT_STATUS=$1
  # Check if we're in a Docker container
-  if [[ $(cat /proc/1/cgroup | head -n 1) == *"docker"* ]]; then  
-  #if [ -f /.dockerenv ]; then
+  if [[ $(cat /proc/1/cgroup | head -n 1) == *"docker"* ]] || [ -f /.dockerenv ]; then  
    DOCKER_CONTAINER=true
    if [[ $PRINT_STATUS == "-p" ]]; then echo "ACA is running in a container..." | tee -a "$LOG_FILE"; fi
  else