Add support for building behind TLS/IDS (in dev container)

Dev container build uses npm install within docker-entrypoint.sh to populate the packages. this is slower then 'npm ci' how-ever more robust and allows for further development/package changes. This required to split the docker into more stages allowing both dev and production images. While here start working on fixes for docker compose production build. Some changes by zyronix seems to be lost somehow.
gluafamichl · Aug 1, 2023 · f4bc21b · f4bc21b
1 parent 8c77e85
commit f4bc21b
Show file tree

Hide file tree

Showing 7 changed files with 78 additions and 25 deletions.
diff --git a/.devcontainer/.env.sample b/.devcontainer/.env.sample
@@ -0,0 +1,12 @@
+CONTAINER_USER_CMD_PRE='cat > /usr/local/share/ca-certificates/corporate_ca.crt << EOF
+-----BEGIN CERTIFICATE-----
+<<< INSERT_PEM_FORMATTED_ROOT_CA_CHAIN_HERE >>>
+-----END CERTIFICATE-----
+EOF
+update-ca-certificates --fresh
+echo "openssl.cafile=/etc/ssl/certs/ca-certificates.crt" > /usr/local/etc/php/conf.d/corporate-cert.ini
+mkdir -p /usr/etc/
+
+# NPM repository cache example
+echo "registry=https://nexus.example.com/repository/npm-all/" > /usr/etc/npmrc
+'
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
diff --git a/.devcontainer/docker-compose.yml b/.devcontainer/docker-compose.yml
@@ -1,8 +1,23 @@
-container_name: hashtopolis-web-ui-dev
-build:
-  context: ..
-  dockerfile: Dockerfile
-  target: hashtopolis-web-ui-dev
-ports:
-  - "4200:4200"
-volumes:
+version: "3.8"
+services:
+  hashtopolis-web-ui-dev:
+    container_name: hashtopolis-web-ui-dev
+    build:
+      context: ..
+      target: hashtopolis-web-ui-dev
+      args:
+        - CONTAINER_USER_CMD_PRE
+        - CONTAINER_USER_CMD_POST
+    ports:
+      - "4200:4200"
+    volumes:
+      # This is where VS Code should expect to find your project's source code
+      # and the value of "workspaceFolder" in .devcontainer/devcontainer.json
+      - ..:/app
+    networks:
+      - hashtopolis_dev
+
+networks:
+  hashtopolis_dev:
+    # This network will also be used by the python-agent
+    name: hashtopolis_dev
diff --git a/.devcontainer/docker-entrypoint.sh b/.devcontainer/docker-entrypoint.sh
@@ -1,10 +1,12 @@
 #!/bin/sh
 export PUPPETEER_SKIP_DOWNLOAD='true'
-echo "Waiting for workspace to be mounted"
+
+echo -n "Waiting for workspace to be mounted..."
 until [ -f /app/package.json ]
 do
      sleep 5
 done
-echo "Workspace mounted"
+echo "DONE"
+
 npm install
-npm start
+npm start
diff --git a/.gitignore b/.gitignore
@@ -46,3 +46,4 @@ git-version.json
 
 # Config file
 config.json
+.devcontainer/.env
diff --git a/Dockerfile b/Dockerfile
@@ -2,13 +2,40 @@ FROM node:18.15-bullseye as hashtopolis-web-ui-base
 ENV PUPPETEER_SKIP_DOWNLOAD='true'
 EXPOSE 4200
 
+# Enable possible build args for injecting user commands
+ARG CONTAINER_USER_CMD_PRE
+ARG CONTAINER_USER_CMD_POST
+
+# Avoid warnings by switching to noninteractive
+ENV DEBIAN_FRONTEND=noninteractive
+ENV NODE_OPTIONS='--use-openssl-ca'
+
+# Add support for TLS inspection corporate setups, see .env.sample for details
+ENV NODE_EXTRA_CA_CERTS=/etc/ssl/certs/ca-certificates.crt
+
+# Check for and run optional user-supplied command to enable (advanced) customizations of the container
+RUN if [ -n "${CONTAINER_USER_CMD_PRE}" ]; then echo "Applying CONTAINER_USER_CMD_PRE customizations..."; echo "${CONTAINER_USER_CMD_PRE}" | sh ; fi
+
+RUN mkdir /app
+WORKDIR /app
+
+# BUILD Image
+#----BEGIN----
+FROM hashtopolis-web-ui-base as hashtopolis-web-ui-build
+# Coping the app into the container
 COPY . ./
+
+# npm package - clean install
+COPY package-lock.json package.json ./
+RUN npm ci
 RUN npm run build
+# ----END----
+
 
 # PRODUCTION Image
 # ----BEGIN----
 FROM nginx:bullseye as hashtopolis-web-ui-prod
-COPY --from=hashtopolis-web-ui-base /app/dist/ /usr/share/nginx/html
+COPY --from=hashtopolis-web-ui-build /app/dist/ /usr/share/nginx/html
 COPY docker-entrypoint.sh /usr/local/bin
 ENTRYPOINT [ "docker-entrypoint.sh" ]
 # ----END----
@@ -18,7 +45,9 @@ ENTRYPOINT [ "docker-entrypoint.sh" ]
 # ----BEGIN----
 FROM hashtopolis-web-ui-base as hashtopolis-web-ui-dev
 COPY .devcontainer/docker-entrypoint.sh /usr/local/bin
+# Enable tooling like 'ng' for regular users
+RUN echo "export PATH=/app/node_modules/.bin:${PATH}" >> /etc/profile.d/npm.inc.sh
+
 USER node
 ENTRYPOINT [ "docker-entrypoint.sh" ]
-
 # ----END----
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -1,7 +1,11 @@
 version: "3.8"
 services:
-  hashtopolis-web-ui-dev:
-    container_name: hashtopolis-web-ui-dev
+  hashtopolis-web-ui:
+    container_name: hashtopolis-web-ui
+    image: hashtopolis/web-ui:latest
+    restart: always
+    environment:
+      - HASHTOPOLIS_BACKEND_URL
     build:
       context: ..
       dockerfile: Dockerfile
Original file line number	Diff line number	Diff line change
Expand Up		@@ -46,3 +46,4 @@ git-version.json

		# Config file
		config.json
		.devcontainer/.env