aljaz/CTFd
1
0
Fork 0
mirror of https://github.com/aljazceru/CTFd.git synced 2025-12-17 14:04:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

1215 dockerfile improvements (#1461)

Browse Source 
* Switch Dockerfile from alpine to debian. Switch entrypoint from sh to bash
* Closes #1215
This commit is contained in:
Kevin Chung
2020-05-30 17:24:03 -04:00
committed by GitHub
parent 712e43aea4
commit 0afd25ed39
3 changed files with 23 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/tests.yml vendored
View File

@@ -49,7 +49,6 @@ jobs:
python -m pip install -r development.txt python -m pip install -r development.txt
sudo yarn install --non-interactive sudo yarn install --non-interactive
sudo yarn global add prettier@1.17.0 sudo yarn global add prettier@1.17.0
sudo python3.6 -m pip install black==19.3b0
- name: Lint - name: Lint
run: make lint run: make lint

32
Dockerfile
View File

@@ -1,33 +1,37 @@
FROM python:3.7-alpine FROM python:3.7-slim-buster
WORKDIR /opt/CTFd WORKDIR /opt/CTFd
RUN mkdir -p /opt/CTFd /var/log/CTFd /var/uploads RUN mkdir -p /opt/CTFd /var/log/CTFd /var/uploads
RUN apk update && \ # hadolint ignore=DL3008
apk add --no-cache \ RUN apt-get update \
python \ && apt-get install -y --no-install-recommends \
build-essential \
default-mysql-client \
python-dev \ python-dev \
linux-headers \
libffi-dev \ libffi-dev \
gcc \ libssl-dev \
make \
musl-dev \
py-pip \
mysql-client \
git\ git\
openssl-dev && apt-get clean \
&& rm -rf /var/lib/apt/lists/*
COPY . /opt/CTFd COPY . /opt/CTFd
RUN pip install -r requirements.txt --no-cache-dir RUN pip install -r requirements.txt --no-cache-dir
# hadolint ignore=SC2086
RUN for d in CTFd/plugins/*; do \ RUN for d in CTFd/plugins/*; do \
if [ -f "$d/requirements.txt" ]; then \ if [ -f "$d/requirements.txt" ]; then \
pip install -r $d/requirements.txt --no-cache-dir; \ pip install -r $d/requirements.txt --no-cache-dir; \
fi; \ fi; \
done; done;
RUN chmod +x /opt/CTFd/docker-entrypoint.sh RUN adduser \
RUN adduser -D -u 1001 -s /bin/sh ctfd --disabled-login \
RUN chown -R 1001:1001 /opt/CTFd /var/log/CTFd /var/uploads -u 1001 \
--gecos "" \
--shell /bin/bash \
ctfd
RUN chmod +x /opt/CTFd/docker-entrypoint.sh \
&& chown -R 1001:1001 /opt/CTFd /var/log/CTFd /var/uploads
USER 1001 USER 1001
EXPOSE 8000 EXPOSE 8000

6
docker-entrypoint.sh
View File

@@ -1,11 +1,13 @@
#!/bin/sh #!/bin/bash
set -eo pipefail set -euo pipefail
WORKERS=${WORKERS:-1} WORKERS=${WORKERS:-1}
WORKER_CLASS=${WORKER_CLASS:-gevent} WORKER_CLASS=${WORKER_CLASS:-gevent}
ACCESS_LOG=${ACCESS_LOG:--} ACCESS_LOG=${ACCESS_LOG:--}
ERROR_LOG=${ERROR_LOG:--} ERROR_LOG=${ERROR_LOG:--}
WORKER_TEMP_DIR=${WORKER_TEMP_DIR:-/dev/shm} WORKER_TEMP_DIR=${WORKER_TEMP_DIR:-/dev/shm}
SECRET_KEY=${SECRET_KEY:-}
DATABASE_URL=${DATABASE_URL:-}
# Check that a .ctfd_secret_key file or SECRET_KEY envvar is set # Check that a .ctfd_secret_key file or SECRET_KEY envvar is set
if [ ! -f .ctfd_secret_key ] && [ -z "$SECRET_KEY" ]; then if [ ! -f .ctfd_secret_key ] && [ -z "$SECRET_KEY" ]; then