Add support for entrypoint scripts

This commit adds support for run-time configuration which is executed as part of the startup of the container. Two options are supported: * shell scripts; and * .ini files for PHP configuration. These can be placed into a new directory, located at /docker-entrypoint-initdb.d and files are executed in lexical order returned by a bash glob.
moodlehq · Mar 16, 2023 · 8a4f26d · 8a4f26d
1 parent 251fea0
commit 8a4f26d
Show file tree

Hide file tree

Showing 9 changed files with 137 additions and 2 deletions.
diff --git a/.github/workflows/test_buildx_and_publish.yml b/.github/workflows/test_buildx_and_publish.yml
@@ -24,9 +24,15 @@ jobs:
 
       - name: Run tests
         run: |
-          docker run --name test0 -d -p 8000:80 -v $PWD/tests/fixtures:/var/www/html moodle-php-apache
+          docker run --name test0 -d -p 8000:80 \
+              -v $PWD/tests/fixtures:/var/www/html \
+              -v $PWD/tests/docker-entrypoint.d:/docker-entrypoint.d \
+              moodle-php-apache
           docker exec test0 php /var/www/html/test.php
+          docker exec test0 php /var/www/html/check-ini.php
+          docker exec test0 php /var/www/html/check-entrypoint-scripts.php
           curl --fail http://127.0.0.1:8000/test.php
+          curl --fail http://127.0.0.1:8000/check-ini.php
 
       - name: Display container logs on failure
         if: failure()

diff --git a/Dockerfile b/Dockerfile
@@ -47,3 +47,6 @@ ADD root/usr /usr
 
 # Fix the original permissions of /tmp, the PHP default upload tmp dir.
 RUN chmod 777 /tmp && chmod +t /tmp
+
+CMD ["apache2-foreground"]
+ENTRYPOINT ["moodle-docker-php-entrypoint"]
diff --git a/README.md b/README.md
@@ -39,15 +39,40 @@ $ docker run --name web0 -p 8080:80  -v $PWD:/var/www/html moodlehq/moodle-php-a
 * For PHP 7.3 and up, both `linux/amd64` and `linux/arm64` images are being built. Note that `linux/arm64` doesn't support the sqlsrv and oci extensions yet. Other than that, both architectures work exactly the same.
 * Verified by [automated tests](https://travis-ci.com/moodlehq/moodle-php-apache).
 * Autobuilt from GHA, on push.
+* Support for entrypoint scripts and PHP Configuration
 
 ## Directories
-To faciliate testing and easy setup the following directories are created and owned by www-data by default:
+To facilitate testing and easy setup the following directories are created and owned by www-data by default:
 
 * `/var/www/moodledata`
 * `/var/www/phpunitdata`
 * `/var/www/behatdata`
 * `/var/www/behatfaildumps`
 
+## Initialisation scripts
+
+If you would like to do additional initialization, you can add one or more `*.sh`, or `*.ini`  scripts under `/docker-entrypoint.d` (creating the directory if necessary). When the entrypoint script is called, it will run any executable `*.sh` script, source any non-executable `*.sh` scripts found in that directory, and will copy any `*.ini` scripts into the PHP Configuration directory (`/usr/local/etc/php/conf.d`).
+
+For example, to configure PHP to support a higher `upload_max_filesize` option you might add the following to a `config/10-uploads.ini` file:
+
+```
+; Specify a max filesize of 200M for uploads.
+upload_max_filesize = 200M
+post_max_size = 210M
+```
+
+When starting your container you could do so passing in the config directory:
+
+```
+docker run \
+    --name web0 \
+    -p 8080:80 \
+    -v $PWD/moodle:/var/www/html
+    -v $PWD/config:/docker-entrypoint.d \
+    moodle-php-apache:latest
+```
+
+These initialization files will be executed in sorted name order as defined by the current locale, which defaults to en_US.utf8.
 
 ## See also
 This container is part of a set of containers for Moodle development, see also:

diff --git a/root/usr/local/bin/moodle-docker-php-entrypoint b/root/usr/local/bin/moodle-docker-php-entrypoint
@@ -0,0 +1,36 @@
+#!/usr/bin/env bash
+set -Eeo pipefail
+
+docker_process_init_files() {
+  local f
+  for f; do
+    case "$f" in
+      *.sh)
+        # Note: This hack is required for MacOS because the exeute bit is not checked for bind mounts.
+        # The executable bit is stored, but the test -x flag does not return corretly.
+        # Copying the file to an alternate file system allows it to be respected.
+        rm -f /tmp/testscript
+        cp "$f" /tmp/testscript
+        if [ -x "/tmp/testscript" ]; then
+          echo "$0: running $f"
+          "$f"
+        else
+          echo "$0: sourcing $f"
+          . "$f"
+        fi
+        ;;
+      *.ini)
+        echo "$0: copying $f into /usr/local/etc/php/conf.d/"
+        cp "$f" /usr/local/etc/php/conf.d/
+        ;;
+    esac
+  done
+}
+
+echo "Running entrypoint files from /docker-entrypoint.d/*"
+docker_process_init_files /docker-entrypoint.d/*
+echo
+
+echo "Starting docker-php-entrypoint with $@"
+source /usr/local/bin/docker-php-entrypoint
+echo
diff --git a/tests/docker-entrypoint.d/20-example.ini b/tests/docker-entrypoint.d/20-example.ini
@@ -0,0 +1,2 @@
+; Test file which disable file uploads.
+file_uploads = Off
diff --git a/tests/docker-entrypoint.d/30-sourced.sh b/tests/docker-entrypoint.d/30-sourced.sh
@@ -0,0 +1,8 @@
+# This file should not have a shbang! as it is expected to be sourced.
+# It should not be executable either.
+
+mkdir -p /var/www/data
+
+if [[ $_ != $0 ]]; then
+  echo "Sourced" >> /var/www/data/sourced.txt
+fi
diff --git a/tests/docker-entrypoint.d/40-exec.sh b/tests/docker-entrypoint.d/40-exec.sh
@@ -0,0 +1,8 @@
+# This file should not have a shbang! as it is expected to be sourced.
+# It should not be executable either.
+
+mkdir -p /var/www/data
+
+if [[ $_ == $0 ]]; then
+  echo "Executed" >> /var/www/data/executed.txt
+fi
diff --git a/tests/fixtures/check-entrypoint-scripts.php b/tests/fixtures/check-entrypoint-scripts.php
@@ -0,0 +1,27 @@
+<?php
+
+$sourced = file_exists('/var/www/data/sourced.txt');
+$executed = file_exists('/var/www/data/executed.txt');
+
+if (php_sapi_name() === 'cli') {
+    if ($sourced && $executed) {
+        echo "OK\n";
+        exit(0);
+    } else if ($sourced && !$executed) {
+        echo "Executable file was not executed";
+    } else {
+        echo "non-executable file was not sourced";
+    }
+    exit(1);
+} else {
+    if ($sourced && $executed) {
+        header('HTTP/1.1 200 - OK');
+        exit(0);
+    } else if ($sourced && !$executed) {
+        $message = "Executable file was not executed";
+    } else {
+        $message = "non-executable file was not sourced";
+    }
+    header('HTTP/1.1 500 - ' . $message);
+    exit(1);
+}
diff --git a/tests/fixtures/check-ini.php b/tests/fixtures/check-ini.php
@@ -0,0 +1,20 @@
+<?php
+
+$uploadsEnabled = ini_get('file_uploads');
+
+if (php_sapi_name() === 'cli') {
+    if (empty($uploadsEnabled)) {
+        echo "OK\n";
+        exit(0);
+    }
+    echo "Uploads are enabled and should be disabled.";
+    var_dump($uploadsEnabled);
+    exit(1);
+} else {
+    if (empty($uploadsEnabled)) {
+        header('HTTP/1.1 200 - OK');
+        exit(0);
+    }
+    header('HTTP/1.1 500 - Uploads are enabled and should be disabled: ' . var_export($uploadsEnabled, true));
+    exit(1);
+}
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1,2 @@
		; Test file which disable file uploads.
		file_uploads = Off