Closed geldabhojal closed 4 years ago
I haven't tested the build on Mac yet, so maybe there's some issue.
Before I dive in, I need to ask:
Have you used BUILD_HREF
argument for the docker build? Have you made any changes to the source code?
Thank you for your response.
No I did not pass BASE_HREF for the docker build... I am using the default “/“ . No I did not make changes to the source code.
Steps I followed: 1) docker build .-t my-image 2) docker run -p 9000:9000 --name zoonavigator --restart unless-stopped my-image:latest 3) I hit http://localhost:9000 on my browser and that gives me the error I posted.
Also I was wondering which environment did you test the docker build on. Also would it really matter since everything is happening in the container and not on the host.
The reason I am trying to build the image myself and not pull from docker hub is because , the docker image is trying to access /src and /app... which require root access. We are running our containers in Openshift and our openshift cluster does not allow access to root paths.
So the only change I made to Dockerfile is to use /tmp/src and /tmp/app and not /src and /app
FROM node:11.15.0-alpine as npm
ENV SBT_VERSION=1.2.8
ENV SBT_GPG_KEY=99E82A75642AC823
ENV DOCKERIZE_VERSION=0.6.1
ENV BASE_HREF="/"
RUN apk --no-cache add git=2.20.2-r0
RUN mkdir -p /tmp/src /tmp/app
WORKDIR /tmp/src
RUN git clone https://github.com/elkozmon/zoonavigator.git
WORKDIR /tmp/src/zoonavigator
RUN git clone https://github.com/elkozmon/zoonavigator-api.git
RUN git clone https://github.com/elkozmon/zoonavigator-web.git
RUN cp -r zoonavigator-web/* .
RUN cp -r build/docker/files/zoonavigator-web/* .
RUN apk --no-cache add tar=1.32-r0 curl=7.64.0-r3 python2-dev=2.7.16-r1 make=4.2.1-r2 g++=8.3.0-r0
RUN curl \ -Lo dockerize-alpine-linux-amd64-v${DOCKERIZE_VERSION}.tar.gz \ https://github.com/jwilder/dockerize/releases/download/v${DOCKERIZE_VERSION}/dockerize-alpine-linux-amd64-v${DOCKERIZE_VERSION}.tar.gz \ && tar xzvf dockerize-alpine-linux-amd64-v${DOCKERIZE_VERSION}.tar.gz -C /usr/local/bin \ && rm dockerize-alpine-linux-amd64-v${DOCKERIZE_VERSION}.tar.gz
RUN dockerize \ -template ./environment.ts.template:./src/environments/environment.prod.ts
RUN npm install -g @angular/cli@8.3.20 \ && npm install \ && ng build --prod --base-href ${BASE_HREF} \ && mv dist /tmp/app
FROM openjdk:8u151-jdk-alpine3.7 as sbt
ENV SBT_VERSION=1.2.8
ENV SBT_GPG_KEY=99E82A75642AC823
RUN apk --no-cache add git=2.15.4-r0
WORKDIR /tmp/src
RUN git clone https://github.com/elkozmon/zoonavigator.git
WORKDIR /tmp/src/zoonavigator
RUN git clone https://github.com/elkozmon/zoonavigator-api.git
RUN git clone https://github.com/elkozmon/zoonavigator-web.git
RUN cp -r zoonavigator-api/* .
COPY --from=npm /tmp/app ./play/public
RUN apk --no-cache add aria2=1.33.1-r1 gnupg=2.2.3-r1 ca-certificates=20190108-r0 bash=4.4.19-r1 \ && aria2c -x4 "https://github.com/sbt/sbt/releases/download/v${SBT_VERSION}/sbt-${SBT_VERSION}.tgz" \ && aria2c -x4 "https://github.com/sbt/sbt/releases/download/v${SBT_VERSION}/sbt-${SBT_VERSION}.tgz.asc" \ && gpg --keyserver keyserver.ubuntu.com --recv-keys ${SBT_GPG_KEY} \ && gpg --verify sbt-${SBT_VERSION}.tgz.asc sbt-${SBT_VERSION}.tgz \ && tar xvfz sbt-${SBT_VERSION}.tgz -C /usr/local \ && ln -s /usr/local/sbt/bin/sbt /usr/bin/sbt
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
RUN sbt play/dist \ && VERSION=$(find play/target/universal/zoonavigator-play-.zip | sed -E 's/.zoonavigator-play-(.*).zip$/\1/') \ && unzip play/target/universal/zoonavigator-play-"$VERSION".zip \ && mv zoonavigator-play-"$VERSION" /tmp/app
FROM openjdk:14-jdk-slim
ENV BASE_HREF="/"
ENV HTTP_PORT=9000 \ SESSION_TIMEOUT_MILLIS=3600000 \ REQUEST_TIMEOUT_MILLIS=10000 \ ZK_CLIENT_TIMEOUT_MILLIS=5000 \ ZK_CONNECT_TIMEOUT_MILLIS=5000
ENV DEBIAN_FRONTEND=noninteractive
RUN apt-get update \ && apt-get install --no-install-recommends -y curl=7.64.0-4 krb5-user=1.17-3 git=1:2.20.1-2+deb10u1 \ && apt-get clean \ && rm -rf /var/lib/apt/lists/*
WORKDIR /tmp/src
RUN git clone https://github.com/elkozmon/zoonavigator.git
WORKDIR /tmp/src/zoonavigator
RUN git clone https://github.com/elkozmon/zoonavigator-api.git
RUN git clone https://github.com/elkozmon/zoonavigator-web.git
WORKDIR /tmp/app
RUN groupadd -g 1000 zoonavigator \ && useradd -r -u 1000 -g zoonavigator zoonavigator\ && chown -R zoonavigator:zoonavigator .
USER zoonavigator:zoonavigator
COPY --chown=zoonavigator:zoonavigator --from=sbt /tmp/app .
COPY --chown=zoonavigator:zoonavigator --from=npm /usr/local/bin/dockerize /usr/local/bin/dockerize
RUN cp -r /tmp/src/zoonavigator/build/docker/files/zoonavigator-api/* .
RUN cp -r /tmp/src/zoonavigator/build/docker/files/zoonavigator-web/* .
RUN chown -R zoonavigator:zoonavigator ./*
RUN dockerize \ -template ./run.sh.template:./run.sh \ -template ./healthcheck.sh.template:./healthcheck.sh \ && chmod +x \ ./run.sh \ ./healthcheck.sh
HEALTHCHECK --interval=30s --timeout=3s \ CMD ./healthcheck.sh
EXPOSE 9000
ENTRYPOINT ["./run.sh"]
Sorry for the late reply. I have tested the Docker build on macOS (with original Dockerfile) and it worked well, so it seems it is related to changes you made.
Anyway, if the root of your issue is the root access, I think we should fix that in this repository, rather then fixing your custom Dockerfile, so other users on OpenShift won't have the same problem. Do you agree?
Would it suffice to change the directory permissions as described in the OpenShift guidelines?
RUN chgrp -R 0 /some/directory && \
chmod -R g=u /some/directory
If so I can make the changes for you in this repository.
The latest build is now capable of running as an arbitrary non-privileged user.
Please let me know if there are any more issues.
I am able to successfully build the image with the Dockerfile provided on Mac OS. On running that image with the following command:
docker run -p 9000:9000 --name zoonavigator --restart unless-stopped zoonavigator
and then going to 0.0.0.0:9000 I get the following 404 http error:
{"success":false,"message":"Resource not found by Assets controller"}
Please help about how to fix it.