Merge branch 'feature/PB-49871_Dont-overwrite-nginx-configuration-symbolic-link-in-Dockerfiles' into 'master'

PB-49871: don't overwrite nginx configuration symbolic links in Dockerfiles using sed

See merge request passbolt/passbolt_docker!247

Author: LouisVallat

debian/Dockerfile

@@ -47,7 +47,7 @@ RUN apt-get update \
   && rm /etc/nginx/sites-enabled/default \
   && cp /usr/share/passbolt/examples/nginx-passbolt-ssl.conf /etc/nginx/snippets/passbolt-ssl.conf \
   && sed -i 's,;clear_env = no,clear_env = no,' /etc/php/$PHP_VERSION/fpm/pool.d/www.conf \
-  && sed -i 's,# include __PASSBOLT_SSL__,include /etc/nginx/snippets/passbolt-ssl.conf;,' /etc/nginx/sites-enabled/nginx-passbolt.conf \
+  && sed -i 's,# include __PASSBOLT_SSL__,include /etc/nginx/snippets/passbolt-ssl.conf;,' /etc/nginx/sites-available/nginx-passbolt.conf \
   && sed -i 's,__CERT_PATH__,/etc/ssl/certs/certificate.crt;,' /etc/nginx/snippets/passbolt-ssl.conf \
   && sed -i 's,__KEY_PATH__,/etc/ssl/certs/certificate.key;,' /etc/nginx/snippets/passbolt-ssl.conf \
   && sed -i 's,www-data.*$,root su -s /bin/bash -c ". /etc/environment \&\& $PASSBOLT_BASE_DIR/bin/cron" www-data >/proc/1/fd/1 2>\&1,' /etc/cron.d/$PASSBOLT_PKG \

debian/Dockerfile.openshift

@@ -69,17 +69,17 @@ COPY conf/supervisor/php.conf /etc/supervisor/conf.d/php.conf
 
 RUN rm /etc/nginx/sites-enabled/default \
   && cp /usr/share/passbolt/examples/nginx-passbolt-ssl.conf /etc/nginx/snippets/passbolt-ssl.conf \
-  && sed -i -E 's/listen (|\[\:\:\]\:)80/listen \18080/g' /etc/nginx/sites-enabled/nginx-passbolt.conf \
+  && sed -i -E 's/listen (|\[\:\:\]\:)80/listen \18080/g' /etc/nginx/sites-available/nginx-passbolt.conf \
   && sed -i -E 's/listen (|\[\:\:\]\:)443/listen \14433/g' /etc/nginx/snippets/passbolt-ssl.conf \
   && sed -i 's,;clear_env = no,clear_env = no,' /etc/php/$PHP_VERSION/fpm/pool.d/www.conf \
-  && sed -i 's,# include __PASSBOLT_SSL__,include /etc/nginx/snippets/passbolt-ssl.conf;,' /etc/nginx/sites-enabled/nginx-passbolt.conf \
+  && sed -i 's,# include __PASSBOLT_SSL__,include /etc/nginx/snippets/passbolt-ssl.conf;,' /etc/nginx/sites-available/nginx-passbolt.conf \
   && sed -i 's,__CERT_PATH__,/etc/passbolt/certs/certificate.crt;,' /etc/nginx/snippets/passbolt-ssl.conf \
   && sed -i 's,__KEY_PATH__,/etc/passbolt/certs/certificate.key;,' /etc/nginx/snippets/passbolt-ssl.conf \
   && sed -i '/user www-data;/d' /etc/nginx/nginx.conf \
   && sed -i 's,/run/nginx.pid,/tmp/nginx.pid,' /etc/nginx/nginx.conf \
   && sed -i "/^http {/a \    proxy_temp_path /tmp/proxy_temp;\n    client_body_temp_path /tmp/client_temp;\n    fastcgi_temp_path /tmp/fastcgi_temp;\n    uwsgi_temp_path /tmp/uwsgi_temp;\n    scgi_temp_path /tmp/scgi_temp;\n" /etc/nginx/nginx.conf \
   && sed -i "s,listen = /run/php/php$PHP_VERSION-fpm.sock,listen = 127.0.0.1:9000," /etc/php/$PHP_VERSION/fpm/pool.d/www.conf \
-  && sed -i "s,unix:/run/php/php$PHP_VERSION-fpm.sock,127.0.0.1:9000," /etc/nginx/sites-enabled/nginx-passbolt.conf \
+  && sed -i "s,unix:/run/php/php$PHP_VERSION-fpm.sock,127.0.0.1:9000," /etc/nginx/sites-available/nginx-passbolt.conf \
   && sed -i "s,pid = /run/php/php$PHP_VERSION-fpm.pid,pid = /tmp/php$PHP_VERSION-fpm.pid," /etc/php/$PHP_VERSION/fpm/php-fpm.conf \
   && sed -i 's,/var/run/supervisor.sock,/tmp/supervisor.sock,' /etc/supervisor/supervisord.conf \
   && chown -R www-data:0 /etc/nginx \

debian/Dockerfile.rootless

@@ -69,17 +69,17 @@ COPY conf/supervisor/php.conf /etc/supervisor/conf.d/php.conf
 
 RUN rm /etc/nginx/sites-enabled/default \
   && cp /usr/share/passbolt/examples/nginx-passbolt-ssl.conf /etc/nginx/snippets/passbolt-ssl.conf \
-  && sed -i -E 's/listen (|\[\:\:\]\:)80/listen \18080/g' /etc/nginx/sites-enabled/nginx-passbolt.conf \
+  && sed -i -E 's/listen (|\[\:\:\]\:)80/listen \18080/g' /etc/nginx/sites-available/nginx-passbolt.conf \
   && sed -i -E 's/listen (|\[\:\:\]\:)443/listen \14433/g' /etc/nginx/snippets/passbolt-ssl.conf \
   && sed -i 's,;clear_env = no,clear_env = no,' /etc/php/$PHP_VERSION/fpm/pool.d/www.conf \
-  && sed -i 's,# include __PASSBOLT_SSL__,include /etc/nginx/snippets/passbolt-ssl.conf;,' /etc/nginx/sites-enabled/nginx-passbolt.conf \
+  && sed -i 's,# include __PASSBOLT_SSL__,include /etc/nginx/snippets/passbolt-ssl.conf;,' /etc/nginx/sites-available/nginx-passbolt.conf \
   && sed -i 's,__CERT_PATH__,/etc/passbolt/certs/certificate.crt;,' /etc/nginx/snippets/passbolt-ssl.conf \
   && sed -i 's,__KEY_PATH__,/etc/passbolt/certs/certificate.key;,' /etc/nginx/snippets/passbolt-ssl.conf \
   && sed -i '/user www-data;/d' /etc/nginx/nginx.conf \
   && sed -i 's,/run/nginx.pid,/tmp/nginx.pid,' /etc/nginx/nginx.conf \
   && sed -i "/^http {/a \    proxy_temp_path /tmp/proxy_temp;\n    client_body_temp_path /tmp/client_temp;\n    fastcgi_temp_path /tmp/fastcgi_temp;\n    uwsgi_temp_path /tmp/uwsgi_temp;\n    scgi_temp_path /tmp/scgi_temp;\n" /etc/nginx/nginx.conf \
   && sed -i "s,listen = /run/php/php$PHP_VERSION-fpm.sock,listen = 127.0.0.1:9000," /etc/php/$PHP_VERSION/fpm/pool.d/www.conf \
-  && sed -i "s,unix:/run/php/php$PHP_VERSION-fpm.sock,127.0.0.1:9000," /etc/nginx/sites-enabled/nginx-passbolt.conf \
+  && sed -i "s,unix:/run/php/php$PHP_VERSION-fpm.sock,127.0.0.1:9000," /etc/nginx/sites-available/nginx-passbolt.conf \
   && sed -i "s,pid = /run/php/php$PHP_VERSION-fpm.pid,pid = /tmp/php$PHP_VERSION-fpm.pid," /etc/php/$PHP_VERSION/fpm/php-fpm.conf \
   && sed -i 's,/var/run/supervisor.sock,/tmp/supervisor.sock,' /etc/supervisor/supervisord.conf \
   # nginx user must own the cache and etc directory to write cache and tweak the nginx config

spec/docker_image/image_spec.rb

@@ -156,6 +156,10 @@
       expect(file(site_conf)).to exist
     end
 
+    it 'is a symbolic link' do
+      expect(file(site_conf)).to be_symlink
+    end
+
     it 'has the correct permissions' do
       expect(file(site_conf)).to be_owned_by $root_user
     end