diff --git a/.checkov.yml b/.checkov.yml index 8a6585d9a..5c25fdb70 100644 --- a/.checkov.yml +++ b/.checkov.yml @@ -1,3 +1,3 @@ quiet: true skip-check: - - CKV_DOCKER_3 + - CKV_DOCKER_3 # lsio images run containers as non-root by default diff --git a/.gitattributes b/.gitattributes index dc4842da2..9095abe6b 100644 --- a/.gitattributes +++ b/.gitattributes @@ -22,3 +22,6 @@ .gitattributes export-ignore .gitignore export-ignore .gitkeep export-ignore + +# Force root folder +/root/** text eol=lf diff --git a/.hadolint.yaml b/.hadolint.yml similarity index 56% rename from .hadolint.yaml rename to .hadolint.yml index 4c6227775..67febbf0d 100644 --- a/.hadolint.yaml +++ b/.hadolint.yml @@ -3,4 +3,5 @@ ## Hadolint config file ## ########################## ignored: - - DL3018 + - DL3013 # Pin versions in pip. + - DL3018 # Pin versions in apk add. diff --git a/Dockerfile b/Dockerfile index 567c3029c..20faa46b9 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,37 +1,32 @@ # Set the base image FROM ghcr.io/linuxserver/baseimage-alpine:3.17 -# Set the timezone -ARG TZ=Europe/London -ENV TZ=$TZ - # Set the maintainer LABEL maintainer="GhostWriters" -# Copy files from host to container -COPY root / - # Install required packages and application dependencies -RUN apk update && apk add --no-cache py3-pip tzdata && \ - ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && \ - echo $TZ > /etc/timezone && \ - pip3 install --no-cache-dir packt==1.7.0 - -# Update UID and GID of existing user "abc" to match PUID and PGID if supplied -ARG PUID=1000 -ARG PGID=1000 -RUN if [ "$PUID" -ne 1000 ] || [ "$PGID" -ne 1000 ]; then \ - usermod -u $PUID abc && \ - groupmod -g $PGID abc; \ - fi - -# Set user "abc" as default user -USER abc +RUN \ + echo "**** install runtime packages ****" && \ + apk add --no-cache \ + python3 && \ + echo "**** install app ****" && \ + python3 -m ensurepip && \ + pip3 install -U --no-cache-dir \ + pip \ + wheel \ + packt==1.8.0 && \ + echo "**** cleanup ****" && \ + rm -rf \ + /tmp/* \ + "$HOME/.cache" # Add a health check command to ensure the container is running correctly HEALTHCHECK --interval=1m \ --timeout=3s \ CMD ps -ef | grep cron || exit 1 -# Specify the entrypoint -ENTRYPOINT ["/opt/docker-entrypoint.sh"] +# copy local files +COPY root/ / + +# ports and volumes +VOLUME /config diff --git a/root/etc/crontabs/abc b/root/etc/crontabs/abc new file mode 100644 index 000000000..e69de29bb diff --git a/root/etc/crontabs/root b/root/etc/crontabs/root index 5b122f07d..f3673e700 100644 --- a/root/etc/crontabs/root +++ b/root/etc/crontabs/root @@ -1 +1,2 @@ -0 8 * * * packt-cli -gd -c /config/configFile.cfg 2>&1 | tee /config/logFile.log +# min hour day month weekday command + 0 8 * * * packt-cli -gd -c /config/configFile.cfg 2>&1 | tee /config/logFile.log diff --git a/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-packt-cli-config b/root/etc/s6-overlay/s6-rc.d/init-config-end/dependencies.d/init-packt-cli-config new file mode 100644 index 000000000..e69de29bb diff --git a/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/dependencies.d/init-packt-cli-config b/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/dependencies.d/init-packt-cli-config new file mode 100644 index 000000000..e69de29bb diff --git a/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/run b/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/run new file mode 100755 index 000000000..885936526 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/run @@ -0,0 +1,38 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +# make folders +mkdir -p \ + /config/crontabs + +## root +# if crontabs do not exist in config +if [[ ! -f /config/crontabs/root ]]; then + # copy crontab from system + if crontab -l -u root; then + crontab -l -u root >/config/crontabs/root + fi + + # if crontabs still do not exist in config (were not copied from system) + # copy crontab from included defaults (using -n, do not overwrite an existing file) + cp -n /etc/crontabs/root /config/crontabs/ +fi +# set permissions and import user crontabs +lsiown root:root /config/crontabs/root +crontab -u root /config/crontabs/root + +## abc +# if crontabs do not exist in config +if [[ ! -f /config/crontabs/abc ]]; then + # copy crontab from system + if crontab -l -u abc; then + crontab -l -u abc >/config/crontabs/abc + fi + + # if crontabs still do not exist in config (were not copied from system) + # copy crontab from included defaults (using -n, do not overwrite an existing file) + cp -n /etc/crontabs/abc /config/crontabs/ +fi +# set permissions and import user crontabs +lsiown abc:abc /config/crontabs/abc +crontab -u abc /config/crontabs/abc diff --git a/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/type b/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/type new file mode 100644 index 000000000..bdd22a185 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/up b/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/up new file mode 100644 index 000000000..006d81414 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-crontabs-config/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-crontabs-config/run diff --git a/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/dependencies.d/init-config b/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/dependencies.d/init-config new file mode 100644 index 000000000..e69de29bb diff --git a/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/run b/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/run new file mode 100755 index 000000000..ee294f4d1 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/run @@ -0,0 +1,56 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +CFG="/config/configFile.cfg" + +# Downloads and copies a new configfile template if one is not present in the config dir. +if [[ ! -f "$CFG" ]]; then + echo "No config file, providing sample" + wget -O "$CFG" https://gitlab.com/packt-cli/packt-cli/-/raw/master/configFileTemplate.cfg +fi + +# If environment arguments have been provided, switch the values in the config to these. +if [[ -n "$PACKT_EMAIL" ]]; then + echo "ENV PACKT_EMAIL provided" + sed -i "s/email=.*/email=\"$PACKT_EMAIL\"/" "$CFG" +else + echo "ENV PACKT_EMAIL not set" +fi + +if [[ -n "$PACKT_PASSWORD" ]]; then + echo "ENV PACKT_PASSWORD provided" + sed -i "s/password=.*/password=\"$PACKT_PASSWORD\"/" "$CFG" +else + echo "ENV PACKT_PASSWORD not set" +fi + +if [[ -n "$PACKT_DOWNLOAD_FORMATS" ]]; then + echo "ENV PACKT_DOWNLOAD_FORMATS provided as \"$PACKT_DOWNLOAD_FORMATS\"" + sed -i "s/download_formats:.*/download_formats:\ \"$PACKT_DOWNLOAD_FORMATS\"/" "$CFG" +else + echo "ENV PACKT_DOWNLOAD_FORMATS not set" +fi + +if [[ -n "$PACKT_DOWNLOAD_BOOK_TITLES" ]]; then + echo "ENV PACKT_DOWNLOAD_BOOK_TITLES provided as \"$PACKT_DOWNLOAD_BOOK_TITLES\"" + sed -i "s/download_book_titles:.*/download_book_titles:\ \"$PACKT_DOWNLOAD_BOOK_TITLES\"/" "$CFG" +else + echo "ENV PACKT_DOWNLOAD_BOOK_TITLES not set" + sed -i "s/download_book_titles:.*/download_book_titles:/" "$CFG" +fi + +if [[ -n "$PACKT_ANTICAPTCHA_KEY" ]]; then + echo "ENV PACKT_ANTICAPTCHA_Key provided" + sed -i "s/key:.*/key:\ \"$PACKT_ANTICAPTCHA_KEY\"/" "$CFG" +else + echo "ENV PACKT_ANTICAPTCHA_KEY not set" +fi + +echo "Replacing path with /data" +sed -i "s@download_folder_path:.*@download_folder_path:\ \\/data@" "$CFG" + +echo "Set logfile path to /data" +sed -i "s@ebook_extra_info_log_file_path:.*@ebook_extra_info_log_file_path:\ \\/data\\/eBookMetadata.log@" "$CFG" + +# set permissions +lsiown -R abc:abc /config diff --git a/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/type b/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/type new file mode 100644 index 000000000..bdd22a185 --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/type @@ -0,0 +1 @@ +oneshot diff --git a/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/up b/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/up new file mode 100644 index 000000000..c69d516db --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/init-packt-cli-config/up @@ -0,0 +1 @@ +/etc/s6-overlay/s6-rc.d/init-packt-cli-config/run diff --git a/root/etc/s6-overlay/s6-rc.d/svc-cron/dependencies.d/init-services b/root/etc/s6-overlay/s6-rc.d/svc-cron/dependencies.d/init-services new file mode 100644 index 000000000..e69de29bb diff --git a/root/etc/s6-overlay/s6-rc.d/svc-cron/run b/root/etc/s6-overlay/s6-rc.d/svc-cron/run new file mode 100755 index 000000000..5eaadfdcb --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-cron/run @@ -0,0 +1,4 @@ +#!/usr/bin/with-contenv bash +# shellcheck shell=bash + +exec /usr/sbin/crond -f -S -l 5 diff --git a/root/etc/s6-overlay/s6-rc.d/svc-cron/type b/root/etc/s6-overlay/s6-rc.d/svc-cron/type new file mode 100644 index 000000000..5883cff0c --- /dev/null +++ b/root/etc/s6-overlay/s6-rc.d/svc-cron/type @@ -0,0 +1 @@ +longrun diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-crontabs-config b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-crontabs-config new file mode 100644 index 000000000..e69de29bb diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-packt-cli-config b/root/etc/s6-overlay/s6-rc.d/user/contents.d/init-packt-cli-config new file mode 100644 index 000000000..e69de29bb diff --git a/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-cron b/root/etc/s6-overlay/s6-rc.d/user/contents.d/svc-cron new file mode 100644 index 000000000..e69de29bb diff --git a/root/opt/docker-entrypoint.sh b/root/opt/docker-entrypoint.sh deleted file mode 100755 index c52bc315a..000000000 --- a/root/opt/docker-entrypoint.sh +++ /dev/null @@ -1,70 +0,0 @@ -#!/bin/sh - -date - -echo 'Running as user:' "$(whoami)" -id "$(whoami)" - -# if [ ! -d /config ]; then -# echo "ERROR: /config volume is not mounted" -# exit 1 -# fi - -# if [ ! -d /data ]; then -# echo "ERROR: /data volume is not mounted" -# exit 1 -# fi - -CFG=/config/configFile.cfg - -# Downloads and copies a new configfile template if one is not present in the config dir. -if [ ! -f $CFG ]; then - echo 'No config file, providing sample' - wget -O $CFG https://gitlab.com/packt-cli/packt-cli/-/raw/master/configFileTemplate.cfg -fi - -# If environment arguments have been provided, switch the values in the config to these. -if [ -n "$PACKT_EMAIL" ]; then - echo 'ENV PACKT_EMAIL provided' - sed -i s/email=.*/email="$PACKT_EMAIL"/ $CFG -else - echo 'ENV PACKT_EMAIL not set' -fi - -if [ -n "$PACKT_PASSWORD" ]; then - echo 'ENV PACKT_PASSWORD provided' - sed -i s/password=.*/password="$PACKT_PASSWORD"/ $CFG -else - echo 'ENV PACKT_PASSWORD not set' -fi - -if [ -n "$PACKT_DOWNLOAD_FORMATS" ]; then - echo "ENV PACKT_DOWNLOAD_FORMATS provided as '$PACKT_DOWNLOAD_FORMATS'" - sed -i s/download_formats:.*/download_formats:\ "$PACKT_DOWNLOAD_FORMATS"/ $CFG -else - echo 'ENV PACKT_DOWNLOAD_FORMATS not set' -fi - -if [ -n "$PACKT_DOWNLOAD_BOOK_TITLES" ]; then - echo "ENV PACKT_DOWNLOAD_BOOK_TITLES provided as '$PACKT_DOWNLOAD_BOOK_TITLES'" - sed -i s/download_book_titles:.*/download_book_titles:\ "$PACKT_DOWNLOAD_BOOK_TITLES"/ $CFG -else - echo 'ENV PACKT_DOWNLOAD_BOOK_TITLES not set' - sed -i s/download_book_titles:.*/download_book_titles:/ $CFG -fi - -if [ -n "$PACKT_ANTICAPTCHA_KEY" ]; then - echo 'ENV PACKT_ANTICAPTCHA_Key provided' - sed -i s/key:.*/key:\ "$PACKT_ANTICAPTCHA_KEY"/ $CFG -else - echo 'ENV PACKT_ANTICAPTCHA_KEY not set' -fi - -echo 'Replacing path with /data' -sed -i s@download_folder_path:.*@download_folder_path:\ \\/data@ $CFG - -echo 'Set logfile path to /data' -sed -i s@ebook_extra_info_log_file_path:.*@ebook_extra_info_log_file_path:\ \\/data\\/eBookMetadata.log@ $CFG - -echo 'Start crond in the foreground' -crond -f