diff --git a/.gitignore b/.gitignore index 04d7247..8a5b3e4 100644 --- a/.gitignore +++ b/.gitignore @@ -18,3 +18,4 @@ src/main/webapp/* !src/main/webapp/WEB-INF/ .idea/ +.vscode diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml deleted file mode 100644 index a4aeb36..0000000 --- a/.gitlab-ci.yml +++ /dev/null @@ -1,38 +0,0 @@ -stages: - - build - -before_script: - - set -euxo pipefail - -build-webapp: - image: privacybydesign/node_yarn:latest - stage: build - script: - - cd webapp - - yarn install - - cd .. - - mkdir -p artifacts/webapp - - ./webapp/build.sh en - - mv webapp/build artifacts/webapp/en - - ./webapp/build.sh nl - - mv webapp/build artifacts/webapp/nl - artifacts: - # Disabling artifact expiry is not supported yet, so make - expire_in: 100 year - paths: - - artifacts/webapp - -build-war: - image: privacybydesign/jdk11:latest - stage: build - script: - - mkdir artifacts - - gradle clean - - gradle build - - mv build/libs/irma_email_issuer-*.war ./irma_email_issuer.war - artifacts: - # Disabling artifact expiry is not supported yet, so make - expire_in: 100 year - paths: - - irma_email_issuer.war - diff --git a/.vscode/settings.json b/.vscode/settings.json deleted file mode 100644 index d53ecaf..0000000 --- a/.vscode/settings.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "java.compile.nullAnalysis.mode": "automatic", - "java.configuration.updateBuildConfiguration": "automatic" -} \ No newline at end of file diff --git a/Dockerfile b/Dockerfile index f38be64..971072e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -12,14 +12,21 @@ RUN ./build.sh nl && mv build /www/nl # Let root redirect to the english version RUN cp /webapp/redirect-en.html /www/index.html -FROM gradle:7.6-jdk11 as javabuild +# -------------------------------------------------------- + +FROM gradle:7.6-jdk11 AS javabuild # Build the java app COPY ./ /app/ WORKDIR /app RUN gradle build +# -------------------------------------------------------- + FROM tomee:9.1-jre11 +RUN apt-get update && apt-get install gettext-base + +WORKDIR /server # Copy the webapp to the webapps directory RUN rm -rf /usr/local/tomee/webapps/* @@ -32,12 +39,13 @@ COPY --from=javabuild /app/build/libs/irma_email_issuer.war /usr/local/tomee/web COPY ./src/main/resources/email-en.html /email-templates/email-en.html COPY ./src/main/resources/email-nl.html /email-templates/email-nl.html +COPY --from=javabuild /app/start.sh ./start.sh +RUN chmod +x ./start.sh RUN mkdir /usr/local/keys - -ENV IRMA_CONF="/config/" +RUN mkdir /irma-config +ENV IRMA_CONF="/irma-config/" ENV EMAIL_TEMPLATE_DIR="/email-templates/" EXPOSE 8080 -# Copy the config file to the webapp. This is done at runtime so that the config file can be mounted as a volume. -CMD [ "/bin/sh", "-c", "openssl rsa -in /irma-jwt-key/priv.pem -outform der -out /usr/local/keys/priv.der && for lang in 'en' 'nl'; do cp /config/config.js /usr/local/tomee/webapps/ROOT/$lang/assets/config.js; done && exec catalina.sh run" ] +CMD [ "/bin/sh", "-C", "./start.sh" ] diff --git a/start.sh b/start.sh new file mode 100644 index 0000000..8228a3d --- /dev/null +++ b/start.sh @@ -0,0 +1,21 @@ +# this is the startup script in the docker container, +# doing a bunch of config at runtime before starting the actual server + +set -e # exit the script immediately when an error is encountered + +# in some cases secrets from different places might be required to be used together +# so this provides the option to provide a config template with some environment variables +echo "creating config.json based on template" +envsubst < /config/config.json > $IRMA_CONF/config.json + +echo "generating binary file for private key" +openssl rsa -in /irma-jwt-key/priv.pem -outform der -out /usr/local/keys/priv.der + +echo "copying config files to web app dir" +for lang in 'en' 'nl'; do + cp /config/config.js /usr/local/tomee/webapps/ROOT/$lang/assets/config.js; +done + + +echo "starting up server" +exec catalina.sh run