Skip to content

Commit 0cfb269

Browse files
rasmunkrasmunk
authored
Initial support for hotfix integration as outlined in milestone 6. (#130)
Adds a new `/hotfixes` folder in containers and `${PERSISTENT_ROOT}/hotfixes` with `scripts` and `patches` in it on the host. Adds a simple script to help apply hotfixes from a folder and installs it in `/app/apply-hotfixes.sh` in all containers. All containers bind-mount `${PERSISTENT_ROOT}/hotfixes` on `/hotfixes` and `docker-entry.sh` is extended to first run `/app/apply-hotfixes.sh` on the mounted `/hotfixes`. It traverses it and sequentially applies any patches found in `/hotfix/patches/` and runs any scripts found in `/hotfix/scripts/` before proceeding with the usual container execution to effectively hot-fix everything inside the container before running. It is tested to work in the development env with a couple of simple `helloworld.sh` and `helloworld2.sh` scripts plus a minimal `motd.patch` . For production use it is recommended to instead use a numbering prefix for explicit ordering in order to assure patches and scripts are run in the expected order. E.g. `00-initial-changes.patch` , ..., `42-fix-something-else.patch` , ..., `99-final-wrap-up.patch` and similar for the scripts. Executed scripts and applied patches get registered in `/tmp` in order to skip them and only run newly added ones if `apply-hotfixes.sh` is re-run inside the containers. NB: scripts need to be executable and patches need to be made with absolute path so that `patch -d / -p 0 < PATCH` will apply them cleanly without interaction.
2 parents 9ba1511 + c415152 commit 0cfb269

File tree

7 files changed

+154
-3
lines changed

7 files changed

+154
-3
lines changed

Dockerfile.rocky9

Lines changed: 6 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -596,12 +596,14 @@ RUN useradd -l -u $UID -g $GID -ms /bin/bash $USER
596596
ENV MIG_ROOT=/home/$USER
597597
ENV WEB_DIR=/etc/httpd
598598
ENV CERT_DIR=$WEB_DIR/MiG-certificates
599+
ENV HOTFIXES_DIR=/hotfixes
599600

600601
USER root
601602

602-
RUN mkdir -p ${CERT_DIR}/MiG/${WILDCARD_DOMAIN} \
603+
RUN mkdir -p ${CERT_DIR}/MiG/${WILDCARD_DOMAIN} ${HOTFIXES_DIR} \
603604
&& chown $USER:$GROUP ${CERT_DIR} \
604-
&& chmod 775 ${CERT_DIR}
605+
&& chmod 775 ${CERT_DIR} \
606+
&& chmod 700 ${HOTFIXES_DIR}
605607

606608
#------------------------- next stage -----------------------------#
607609
# Certs and keys
@@ -1635,6 +1637,7 @@ ENTRYPOINT ["/tini", "--"]
16351637

16361638
# NOTE: it's recommended to use COPY over ADD except when URL/unpack is needed
16371639
COPY docker-entry.sh /app/docker-entry.sh
1640+
COPY apply-hotfixes.sh /app/apply-hotfixes.sh
16381641
COPY migrid-httpd.env /app/migrid-httpd.env
16391642
COPY migrid-httpd-init.sh /app/migrid-httpd-init.sh
16401643
COPY apache-init-helper /etc/init.d/apache-minimal
@@ -1643,7 +1646,7 @@ RUN sed "s/#LANG=.*/LANG=${LANG}/g" /app/migrid-httpd-init.sh > /etc/sysconfig/a
16431646
RUN grep LANG /etc/sysconfig/apache-minimal > /etc/sysconfig/migrid
16441647
COPY rsyslog-init-helper /etc/init.d/rsyslog-minimal
16451648
RUN chown $USER:$GROUP /app/docker-entry.sh \
1646-
&& chmod +x /app/docker-entry.sh
1649+
&& chmod +x /app/docker-entry.sh /app/apply-hotfixes.sh
16471650

16481651
USER root
16491652
WORKDIR /app

Makefile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -133,6 +133,7 @@ initdirs: initcomposevars
133133
mkdir -p ${PERSISTENT_ROOT}/wwwpublic-vgrid
134134
mkdir -p ${PERSISTENT_ROOT}/wwwpublic-download
135135
mkdir -p ${PERSISTENT_ROOT}/secrets
136+
mkdir -p ${PERSISTENT_ROOT}/hotfixes/{scripts,patches}
136137
mkdir -p ${PERSISTENT_ROOT}/mig-server-extconfs
137138
mkdir -p ${LOG_ROOT}/miglog
138139
mkdir -p ${LOG_ROOT}/syslog/migrid

apply-hotfixes.sh

Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
#!/bin/bash
2+
#
3+
# Apply all hot-fixes in specified folder
4+
5+
APPLIED_DIR="/tmp/hotfixes-applied"
6+
HOTFIXES_DIR="${HOTFIXES_DIR:-/hotfixes}"
7+
if [ $# -gt 0 ]; then
8+
HOTFIXES_DIR="$1"
9+
fi
10+
PATCH_SOURCE="${HOTFIXES_DIR}/patches"
11+
SCRIPT_SOURCE="${HOTFIXES_DIR}/scripts"
12+
PATCHES_APPLIED="${APPLIED_DIR}/patches"
13+
SCRIPTS_APPLIED="${APPLIED_DIR}/scripts"
14+
15+
if [ -d "${HOTFIXES_DIR}" ]; then
16+
#echo "DEBUG: Applying hot-fixes available in ${HOTFIXES_DIR}"
17+
mkdir -p ${PATCHES_APPLIED} ${SCRIPTS_APPLIED}
18+
if [ -d "${PATCH_SOURCE}" ]; then
19+
#echo "DEBUG: Applying any patches available in ${PATCH_SOURCE}"
20+
for PATCH_PATH in "${PATCH_SOURCE}"/* ; do
21+
PATCH_NAME=$(basename "${PATCH_PATH}")
22+
if [ ! -f "${PATCH_PATH}" ]; then
23+
# skip anything but files
24+
continue
25+
fi
26+
if [ -f "${PATCHES_APPLIED}/${PATCH_NAME}" ]; then
27+
echo "Skip already applied patch: ${PATCH_NAME}"
28+
else
29+
#echo "DEBUG: applying patch ${PATCH_PATH}"
30+
patch -d / -p0 < "${PATCH_PATH}" && \
31+
cp "${PATCH_PATH}" "${PATCHES_APPLIED}/"
32+
fi
33+
done
34+
fi
35+
if [ -d "${SCRIPT_SOURCE}" ]; then
36+
#echo "DEBUG: Applying any scripts available in ${SCRIPT_SOURCE}"
37+
for SCRIPT_PATH in "${SCRIPT_SOURCE}"/* ; do
38+
SCRIPT_NAME=$(basename "${SCRIPT_PATH}")
39+
if [ ! -f "${SCRIPT_PATH}" ]; then
40+
# skip anything but files
41+
continue
42+
fi
43+
if [ -f "${SCRIPTS_APPLIED}/${SCRIPT_NAME}" ]; then
44+
echo "Skip already applied script: ${SCRIPT_NAME}"
45+
else
46+
#echo "DEBUG: running script ${SCRIPT_PATH}"
47+
${SCRIPT_PATH} && \
48+
cp "${SCRIPT_PATH}" "${SCRIPTS_APPLIED}/"
49+
fi
50+
done
51+
fi
52+
#echo "DEBUG: Applied hot-fixes available in ${HOTFIXES_DIR}"
53+
exit 0
54+
else
55+
echo "WARNING: no such hot-fixes folder ${HOTFIXES_DIR}"
56+
exit 1
57+
fi
58+

docker-compose_development.yml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,9 @@ services:
5151
- type: volume
5252
source: mig
5353
target: /home/mig/mig
54+
- type: volume
55+
source: hotfixes
56+
target: /hotfixes
5457
- type: volume
5558
source: mig-server-extconfs
5659
target: /home/mig/mig/server/MiGserver.d
@@ -114,6 +117,9 @@ services:
114117
- type: volume
115118
source: mig
116119
target: /home/mig/mig
120+
- type: volume
121+
source: hotfixes
122+
target: /hotfixes
117123
- type: volume
118124
source: mig-server-extconfs
119125
target: /home/mig/mig/server/MiGserver.d
@@ -182,6 +188,9 @@ services:
182188
- type: volume
183189
source: mig
184190
target: /home/mig/mig
191+
- type: volume
192+
source: hotfixes
193+
target: /hotfixes
185194
- type: volume
186195
source: mig-server-extconfs
187196
target: /home/mig/mig/server/MiGserver.d
@@ -236,6 +245,9 @@ services:
236245
- type: volume
237246
source: mig
238247
target: /home/mig/mig
248+
- type: volume
249+
source: hotfixes
250+
target: /hotfixes
239251
- type: volume
240252
source: mig-server-extconfs
241253
target: /home/mig/mig/server/MiGserver.d
@@ -298,6 +310,9 @@ services:
298310
- type: volume
299311
source: mig
300312
target: /home/mig/mig
313+
- type: volume
314+
source: hotfixes
315+
target: /hotfixes
301316
- type: volume
302317
source: mig-server-extconfs
303318
target: /home/mig/mig/server/MiGserver.d
@@ -355,6 +370,9 @@ services:
355370
- type: volume
356371
source: mig
357372
target: /home/mig/mig
373+
- type: volume
374+
source: hotfixes
375+
target: /hotfixes
358376
- type: volume
359377
source: mig-server-extconfs
360378
target: /home/mig/mig/server/MiGserver.d
@@ -446,6 +464,14 @@ volumes:
446464
device: ${DOCKER_MIGRID_ROOT}/mig
447465
o: bind
448466

467+
hotfixes:
468+
# Volume used to contain the optional additional container hotfixes
469+
driver: local
470+
driver_opts:
471+
type: none
472+
device: ${PERSISTENT_ROOT}/hotfixes
473+
o: bind
474+
449475
mig-server-extconfs:
450476
# Volume used to contain the optional additional mig server config snippets
451477
driver: local

docker-compose_development_gdp.yml

Lines changed: 26 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -51,6 +51,9 @@ services:
5151
- type: volume
5252
source: mig
5353
target: /home/mig/mig
54+
- type: volume
55+
source: hotfixes
56+
target: /hotfixes
5457
- type: volume
5558
source: mig-server-extconfs
5659
target: /home/mig/mig/server/MiGserver.d
@@ -114,6 +117,9 @@ services:
114117
- type: volume
115118
source: mig
116119
target: /home/mig/mig
120+
- type: volume
121+
source: hotfixes
122+
target: /hotfixes
117123
- type: volume
118124
source: mig-server-extconfs
119125
target: /home/mig/mig/server/MiGserver.d
@@ -186,6 +192,9 @@ services:
186192
- type: volume
187193
source: mig
188194
target: /home/mig/mig
195+
- type: volume
196+
source: hotfixes
197+
target: /hotfixes
189198
- type: volume
190199
source: mig-server-extconfs
191200
target: /home/mig/mig/server/MiGserver.d
@@ -240,6 +249,9 @@ services:
240249
- type: volume
241250
source: mig
242251
target: /home/mig/mig
252+
- type: volume
253+
source: hotfixes
254+
target: /hotfixes
243255
- type: volume
244256
source: mig-server-extconfs
245257
target: /home/mig/mig/server/MiGserver.d
@@ -302,6 +314,9 @@ services:
302314
- type: volume
303315
source: mig
304316
target: /home/mig/mig
317+
- type: volume
318+
source: hotfixes
319+
target: /hotfixes
305320
- type: volume
306321
source: mig-server-extconfs
307322
target: /home/mig/mig/server/MiGserver.d
@@ -359,6 +374,9 @@ services:
359374
- type: volume
360375
source: mig
361376
target: /home/mig/mig
377+
- type: volume
378+
source: hotfixes
379+
target: /hotfixes
362380
- type: volume
363381
source: mig-server-extconfs
364382
target: /home/mig/mig/server/MiGserver.d
@@ -450,6 +468,14 @@ volumes:
450468
device: ${DOCKER_MIGRID_ROOT}/mig
451469
o: bind
452470

471+
hotfixes:
472+
# Volume used to contain the optional additional container hotfixes
473+
driver: local
474+
driver_opts:
475+
type: none
476+
device: ${PERSISTENT_ROOT}/hotfixes
477+
o: bind
478+
453479
mig-server-extconfs:
454480
# Volume used to contain the optional additional mig server config snippets
455481
driver: local

docker-compose_production.yml

Lines changed: 29 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,9 @@ services:
4141
- type: volume
4242
source: mig
4343
target: /home/mig/mig
44+
- type: volume
45+
source: hotfixes
46+
target: /hotfixes
4447
- type: volume
4548
source: mig-server-extconfs
4649
target: /home/mig/mig/server/MiGserver.d
@@ -95,6 +98,9 @@ services:
9598
- type: volume
9699
source: mig
97100
target: /home/mig/mig
101+
- type: volume
102+
source: hotfixes
103+
target: /hotfixes
98104
- type: volume
99105
source: mig-server-extconfs
100106
target: /home/mig/mig/server/MiGserver.d
@@ -243,6 +249,9 @@ services:
243249
- type: volume
244250
source: mig
245251
target: /home/mig/mig
252+
- type: volume
253+
source: hotfixes
254+
target: /hotfixes
246255
- type: volume
247256
source: mig-server-extconfs
248257
target: /home/mig/mig/server/MiGserver.d
@@ -386,6 +395,9 @@ services:
386395
- type: volume
387396
source: mig
388397
target: /home/mig/mig
398+
- type: volume
399+
source: hotfixes
400+
target: /hotfixes
389401
- type: volume
390402
source: mig-server-extconfs
391403
target: /home/mig/mig/server/MiGserver.d
@@ -528,6 +540,9 @@ services:
528540
- type: volume
529541
source: mig
530542
target: /home/mig/mig
543+
- type: volume
544+
source: hotfixes
545+
target: /hotfixes
531546
- type: volume
532547
source: mig-server-extconfs
533548
target: /home/mig/mig/server/MiGserver.d
@@ -670,6 +685,9 @@ services:
670685
- type: volume
671686
source: mig
672687
target: /home/mig/mig
688+
- type: volume
689+
source: hotfixes
690+
target: /hotfixes
673691
- type: volume
674692
source: mig-server-extconfs
675693
target: /home/mig/mig/server/MiGserver.d
@@ -812,6 +830,9 @@ services:
812830
- type: volume
813831
source: mig
814832
target: /home/mig/mig
833+
- type: volume
834+
source: hotfixes
835+
target: /hotfixes
815836
- type: volume
816837
source: mig-server-extconfs
817838
target: /home/mig/mig/server/MiGserver.d
@@ -891,6 +912,14 @@ volumes:
891912
device: ${DOCKER_MIGRID_ROOT}/mig
892913
o: bind
893914

915+
hotfixes:
916+
# Volume used to contain the optional additional container hotfixes
917+
driver: local
918+
driver_opts:
919+
type: none
920+
device: ${PERSISTENT_ROOT}/hotfixes
921+
o: bind
922+
894923
mig-server-extconfs:
895924
# Volume used to contain the optional additional mig server config snippets
896925
driver: local

docker-entry.sh

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -7,6 +7,7 @@
77
CHECKCONF=0
88
KEEPALIVE=0
99
VERSIONINFO=0
10+
APPLYHOTFIXES="/app/apply-hotfixes.sh"
1011

1112
# Make sure requested timezone is actually used everywhere for consistent
1213
# log time stamps.
@@ -46,6 +47,13 @@ if [ ! -d "${MIG_ROOT}" ]; then
4647
exit 1
4748
fi
4849

50+
if [ ! -f "${APPLYHOTFIXES}" ]; then
51+
echo "No hot-fix support available in ${APPLYHOTFIXES}"
52+
else
53+
echo "Apply hot-fixes with ${APPLYHOTFIXES}"
54+
${APPLYHOTFIXES}
55+
fi
56+
4957

5058
# Create any user requested
5159
while getopts cku:p:s:V option; do

0 commit comments

Comments
 (0)