Mount removal#76
Merged
Merged
Conversation
Contributor
the test script can copy the CA cert from the running container instead of looking in the ssl folder, and now that we no longer need the ssl folder, it can be removed from the gitignore.
Unfortunately podman does not support the subpath attribute for named volumes and so the entire email volume including the logs needs to be mounted in and the paths in the Containerfile need to be updated. This isn't really a security issue since the logs are hardly interesting and do not contain anything not available from reading the email, and the data is mounted as read only for pop so it cannot inject fake logs into the log directory even if it were compromised. Without the email folder, the test script needs to reach into the volume in order to clear the emails. It can just run a temporary container to do so. While we are at it, we can actually save the original contents and restore them after the test instead of just completely nuking all stored email whenever running the test script. Now that the email folder is no longer needed, it can be removed from the .gitignore.
users and sessions will persists when restarting the container The tests need to start with a blank slate, so import an empty db before testing begins. While we are at it, save and restore existing db so that any existing data from before the testing is preserved.
instead of mounting docs and git dir in at runtime and having to deal with selinux nonsense, just build the content into the container
ea4dc0b to
e957a22
Compare
theyoyojo
reviewed
Apr 1, 2024
theyoyojo
reviewed
Apr 1, 2024
theyoyojo
reviewed
Apr 1, 2024
theyoyojo
reviewed
Apr 1, 2024
theyoyojo
reviewed
Apr 1, 2024
by building the contents of the webroot into extenginx we can avoid needing to mount them at all for prod and staging where selinux is a hassle.
The previous commit deleted what used to be snippet zero, we can now bump all the snippet numbers down so they start at zero again.
e957a22 to
772e03f
Compare
Contributor
|
PASS |
theyoyojo
approved these changes
Apr 1, 2024
Closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.

friendship with bind mounts ended
volumes are my new friend