From b0a207446a369472312d2ad8891d475af7167d89 Mon Sep 17 00:00:00 2001
From: Kieren Evans <kierenevans@users.noreply.github.com>
Date: Fri, 22 Mar 2024 17:10:17 +0200
Subject: [PATCH] Fixes from usage (#45)

Various fixes from usage on a project:
1. Load dynamic entrypoint when in dev mode to fix permissions issues on
linux
2. Install iproute2 to provide /usr/sbin/ip
3. Fix path to ip based on bookworm docker images
4. Move test stage in jenkins to match docker harness
5. Upgrade to alpine 3.18 for nginx (and track maintained version) as
CVE for curl not patched
---
 _twig/docker-compose.yml/service/app.yml.twig                | 1 +
 application/overlay/_twig/Jenkinsfile/{ => stages}/test.twig | 0
 docker/image/app/Dockerfile.twig                             | 5 +++++
 docker/image/app/root-node/entrypoint.sh                     | 2 +-
 harness/attributes/docker-spa.yml                            | 4 ++--
 5 files changed, 9 insertions(+), 3 deletions(-)
 rename application/overlay/_twig/Jenkinsfile/{ => stages}/test.twig (100%)

diff --git a/_twig/docker-compose.yml/service/app.yml.twig b/_twig/docker-compose.yml/service/app.yml.twig
index 25effc6..281ed26 100644
--- a/_twig/docker-compose.yml/service/app.yml.twig
+++ b/_twig/docker-compose.yml/service/app.yml.twig
@@ -12,6 +12,7 @@ services:
 {% if @('app.build') == 'dynamic' %}
       target: node
     command: ["app", "start:dev"]
+    entrypoint: [/entrypoint.dynamic.sh]
     stdin_open: true # react-scripts start terminates if stdin closed
     volumes:
       - {{ (syncvolume) ? @('workspace.name') ~ '-sync:/app:nocopy' : ('./:/app' ~ @('docker.compose.host_volume_options')) }}
diff --git a/application/overlay/_twig/Jenkinsfile/test.twig b/application/overlay/_twig/Jenkinsfile/stages/test.twig
similarity index 100%
rename from application/overlay/_twig/Jenkinsfile/test.twig
rename to application/overlay/_twig/Jenkinsfile/stages/test.twig
diff --git a/docker/image/app/Dockerfile.twig b/docker/image/app/Dockerfile.twig
index 67759d5..18aaaeb 100644
--- a/docker/image/app/Dockerfile.twig
+++ b/docker/image/app/Dockerfile.twig
@@ -3,6 +3,11 @@
 FROM console as node
 COPY .my127ws/docker/image/app/root-node /
 
+RUN apt-get update && apt-get install --no-install-recommends -y iproute2 \
+ && apt-get auto-remove -qq -y \
+ && apt-get clean \
+ && rm -rf /var/lib/apt/lists/*
+
 FROM {{ @('services.app.build.from.nginx') }} as nginx
 
 RUN apk add --no-cache jq
diff --git a/docker/image/app/root-node/entrypoint.sh b/docker/image/app/root-node/entrypoint.sh
index 8097d51..60ee5a3 100755
--- a/docker/image/app/root-node/entrypoint.sh
+++ b/docker/image/app/root-node/entrypoint.sh
@@ -6,7 +6,7 @@ setup_app_networking()
     if [ "${HOST_OS_FAMILY}" = "linux" ]; then
         DOCKER_INTERNAL_HOST="host.docker.internal"
         if ! grep $DOCKER_INTERNAL_HOST /etc/hosts > /dev/null ; then
-            DOCKER_INTERNAL_IP=$(/sbin/ip route|awk '/default/ { print $3 }')
+            DOCKER_INTERNAL_IP=$(/usr/sbin/ip route|awk '/default/ { print $3 }')
             echo -e "$DOCKER_INTERNAL_IP    $DOCKER_INTERNAL_HOST" | tee -a /etc/hosts > /dev/null
         fi
     fi
diff --git a/harness/attributes/docker-spa.yml b/harness/attributes/docker-spa.yml
index 4f9ba7e..e02657a 100644
--- a/harness/attributes/docker-spa.yml
+++ b/harness/attributes/docker-spa.yml
@@ -7,7 +7,7 @@ attributes.default:
       build:
         from:
           node: = 'node:' ~ @('node.version') ~ '-slim'
-          nginx: nginx:1.25-alpine3.17
+          nginx: nginx:1.25-alpine
       environment:
         HOST_OS_FAMILY: = @('host.os')
       resources:
@@ -16,7 +16,7 @@ attributes.default:
       build:
         from: = 'node:' ~ @('node.version') ~ '-slim'
       publish: false
-  
+
   pipeline:
     base:
       ingresses: