From b8216037303df5f2711f0cf8aa3493d13888fc06 Mon Sep 17 00:00:00 2001
From: Ales Nezbeda <anezbeda@redhat.com>
Date: Mon, 8 Jul 2024 15:28:18 +0200
Subject: [PATCH 1/2] Move $HOME env variable outside web server's Document
 root

---
 7.4/Dockerfile.rhel7  |  3 ++-
 7.4/Dockerfile.rhel8  |  3 ++-
 8.0/Dockerfile.rhel8  |  3 ++-
 8.0/Dockerfile.rhel9  |  3 ++-
 8.1/Dockerfile.fedora |  3 ++-
 8.1/Dockerfile.rhel9  |  3 ++-
 8.2/Dockerfile.fedora |  3 ++-
 8.2/Dockerfile.rhel8  |  3 ++-
 8.2/Dockerfile.rhel9  |  3 ++-
 test/run              | 20 ++++++++++++++++++++
 10 files changed, 38 insertions(+), 9 deletions(-)

diff --git a/7.4/Dockerfile.rhel7 b/7.4/Dockerfile.rhel7
index 86b0da2c3..99dfee4dc 100644
--- a/7.4/Dockerfile.rhel7
+++ b/7.4/Dockerfile.rhel7
@@ -66,7 +66,8 @@ ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
     HTTPD_DATA_PATH=/var/www \
     HTTPD_DATA_ORIG_PATH=/opt/rh/httpd24/root/var/www \
     HTTPD_VAR_PATH=/opt/rh/httpd24/root/var \
-    SCL_ENABLED=rh-php74
+    SCL_ENABLED=rh-php74 \
+    HOME=/opt/app-root
 
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
diff --git a/7.4/Dockerfile.rhel8 b/7.4/Dockerfile.rhel8
index 8651b85a6..69af26180 100644
--- a/7.4/Dockerfile.rhel8
+++ b/7.4/Dockerfile.rhel8
@@ -65,7 +65,8 @@ ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
     HTTPD_VAR_RUN=/var/run/httpd \
     HTTPD_DATA_PATH=/var/www \
     HTTPD_DATA_ORIG_PATH=/var/www \
-    HTTPD_VAR_PATH=/var
+    HTTPD_VAR_PATH=/var \
+    HOME=/opt/app-root
 
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
diff --git a/8.0/Dockerfile.rhel8 b/8.0/Dockerfile.rhel8
index dc52ef1cb..f7a9524a3 100644
--- a/8.0/Dockerfile.rhel8
+++ b/8.0/Dockerfile.rhel8
@@ -65,7 +65,8 @@ ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
     HTTPD_VAR_RUN=/var/run/httpd \
     HTTPD_DATA_PATH=/var/www \
     HTTPD_DATA_ORIG_PATH=/var/www \
-    HTTPD_VAR_PATH=/var
+    HTTPD_VAR_PATH=/var \
+    HOME=/opt/app-root
 
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
diff --git a/8.0/Dockerfile.rhel9 b/8.0/Dockerfile.rhel9
index 376238939..82060d46f 100644
--- a/8.0/Dockerfile.rhel9
+++ b/8.0/Dockerfile.rhel9
@@ -70,7 +70,8 @@ ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
     HTTPD_VAR_RUN=/var/run/httpd \
     HTTPD_DATA_PATH=/var/www \
     HTTPD_DATA_ORIG_PATH=/var/www \
-    HTTPD_VAR_PATH=/var
+    HTTPD_VAR_PATH=/var \
+    HOME=/opt/app-root
 
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
diff --git a/8.1/Dockerfile.fedora b/8.1/Dockerfile.fedora
index ec83b89b5..f2dd240aa 100644
--- a/8.1/Dockerfile.fedora
+++ b/8.1/Dockerfile.fedora
@@ -64,7 +64,8 @@ ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
     HTTPD_VAR_RUN=/var/run/httpd \
     HTTPD_DATA_PATH=/var/www \
     HTTPD_DATA_ORIG_PATH=/var/www \
-    HTTPD_VAR_PATH=/var
+    HTTPD_VAR_PATH=/var \
+    HOME=/opt/app-root
 
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
diff --git a/8.1/Dockerfile.rhel9 b/8.1/Dockerfile.rhel9
index bdd798875..2e0a87aec 100644
--- a/8.1/Dockerfile.rhel9
+++ b/8.1/Dockerfile.rhel9
@@ -71,7 +71,8 @@ ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
     HTTPD_VAR_RUN=/var/run/httpd \
     HTTPD_DATA_PATH=/var/www \
     HTTPD_DATA_ORIG_PATH=/var/www \
-    HTTPD_VAR_PATH=/var
+    HTTPD_VAR_PATH=/var \
+    HOME=/opt/app-root
 
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
diff --git a/8.2/Dockerfile.fedora b/8.2/Dockerfile.fedora
index c831adf74..f3ee33f72 100644
--- a/8.2/Dockerfile.fedora
+++ b/8.2/Dockerfile.fedora
@@ -64,7 +64,8 @@ ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
     HTTPD_VAR_RUN=/var/run/httpd \
     HTTPD_DATA_PATH=/var/www \
     HTTPD_DATA_ORIG_PATH=/var/www \
-    HTTPD_VAR_PATH=/var
+    HTTPD_VAR_PATH=/var \
+    HOME=/opt/app-root
 
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
diff --git a/8.2/Dockerfile.rhel8 b/8.2/Dockerfile.rhel8
index ef604c03a..2784292cd 100644
--- a/8.2/Dockerfile.rhel8
+++ b/8.2/Dockerfile.rhel8
@@ -65,7 +65,8 @@ ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
     HTTPD_VAR_RUN=/var/run/httpd \
     HTTPD_DATA_PATH=/var/www \
     HTTPD_DATA_ORIG_PATH=/var/www \
-    HTTPD_VAR_PATH=/var
+    HTTPD_VAR_PATH=/var \
+    HOME=/opt/app-root
 
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
diff --git a/8.2/Dockerfile.rhel9 b/8.2/Dockerfile.rhel9
index 86e93c301..01444f080 100644
--- a/8.2/Dockerfile.rhel9
+++ b/8.2/Dockerfile.rhel9
@@ -71,7 +71,8 @@ ENV PHP_CONTAINER_SCRIPTS_PATH=/usr/share/container-scripts/php/ \
     HTTPD_VAR_RUN=/var/run/httpd \
     HTTPD_DATA_PATH=/var/www \
     HTTPD_DATA_ORIG_PATH=/var/www \
-    HTTPD_VAR_PATH=/var
+    HTTPD_VAR_PATH=/var \
+    HOME=/opt/app-root
 
 # Copy the S2I scripts from the specific language image to $STI_SCRIPTS_PATH
 COPY ./s2i/bin/ $STI_SCRIPTS_PATH
diff --git a/test/run b/test/run
index cc9000429..54993c4cf 100755
--- a/test/run
+++ b/test/run
@@ -19,6 +19,7 @@ test_ssl
 test_ssl_own_cert
 ct_npm_works
 test_build_from_dockerfile
+test_home_not_in_webroot
 "
 
 TEST_CLEAR_ENV="\
@@ -162,6 +163,25 @@ test_config_writeable() {
   docker run --rm "${IMAGE_NAME}" /bin/bash -c "${run_cmd}"
 }
 
+test_home_not_in_webroot() {
+  cid_file=$CID_FILE_DIR/$(mktemp -u -p . --suffix .cid)
+  docker run -d --cidfile=${cid_file} ${IMAGE_NAME}-testapp
+
+  # Wait for container to initialize fully
+  test_connection ${test_port}
+
+  info "Testing whether \$HOME points to web server Document root"
+  homef=$(docker exec -it $(cat ${cid_file}) /bin/bash -c "echo \$HOME")
+  ct_check_testcase_result $?
+  if [ "${homef}" = "${homef##/opt/app-root/src}" ]; then
+    echo "Home folder not set to Document root"
+    return 0
+  fi
+
+  info "Home folder set to Document root"
+  return 1
+}
+
 test_clear_env_setup() {
   local run_cmd="[ -f /etc/php-fpm.d/www.conf ] && grep \"^clear_env = no\" /etc/php-fpm.d/www.conf"
 

From 43f75f9133e45b9ae155f417ee9f80aa57464c4c Mon Sep 17 00:00:00 2001
From: Ales Nezbeda <anezbeda@redhat.com>
Date: Tue, 30 Jul 2024 14:37:36 +0200
Subject: [PATCH 2/2] Make variable inside test case local

---
 test/run | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/test/run b/test/run
index 54993c4cf..d7bbe0c40 100755
--- a/test/run
+++ b/test/run
@@ -171,7 +171,7 @@ test_home_not_in_webroot() {
   test_connection ${test_port}
 
   info "Testing whether \$HOME points to web server Document root"
-  homef=$(docker exec -it $(cat ${cid_file}) /bin/bash -c "echo \$HOME")
+  local homef=$(docker exec -it $(cat ${cid_file}) /bin/bash -c "echo \$HOME")
   ct_check_testcase_result $?
   if [ "${homef}" = "${homef##/opt/app-root/src}" ]; then
     echo "Home folder not set to Document root"