diff --git a/.ci/travis-buildkit.sh b/.ci/travis-buildkit.sh new file mode 100755 index 0000000..a7c8f4f --- /dev/null +++ b/.ci/travis-buildkit.sh @@ -0,0 +1,16 @@ +#!/bin/bash + +set -euo pipefail +IFS=$'\n\t' + +# update to latest docker for buildkit support +curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - +sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" +sudo apt-get update +sudo apt-get -y -o Dpkg::Options::="--force-confnew" install docker-ce + +# get base images to pull, as it will otherwise fail in travis +# git ls-files | xargs awk -F' ' '/^FROM/ { print $2 }' | sort -n | uniq | xargs --max-lines=1 docker pull + +docker pull docker/dockerfile:1.0-experimental +docker pull docker.io/docker/dockerfile-copy:v0.1.9 diff --git a/.gitignore b/.gitignore index 2ba672c..55fb1db 100644 --- a/.gitignore +++ b/.gitignore @@ -1,14 +1,14 @@ -.vscode/settings.json -**/.vscode !.travis.yml -.travis/config.yml -data/* -dive.log .env +.travis/config.yml +.vagrant +.vscode/settings.json *.env -docker-compose.override.yml +*.pem +**/.vscode +apt_auth.conf build.tags calendar/kopano-calendar-*/ -*.pem -apt_auth.conf -.vagrant +data/* +dive.log +docker-compose.override.yml diff --git a/.markdownlint.json b/.markdownlint.json new file mode 100644 index 0000000..8a62625 --- /dev/null +++ b/.markdownlint.json @@ -0,0 +1,5 @@ +{ + "MD013": false, + "MD026": false, + "MD034": false +} diff --git a/.travis.yml b/.travis.yml index 714afb2..8f0a722 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,6 +9,7 @@ services: before_install: - sudo rm /usr/local/bin/docker-compose # remove pre-installed docker-compose (too old) - bash .ci/setup-tools.sh + - .ci/travis-buildkit.sh # upgrade docker for buildkit support install: - "./version.sh" - make lint diff --git a/Makefile b/Makefile index c36c5b3..b92a905 100644 --- a/Makefile +++ b/Makefile @@ -56,7 +56,10 @@ ifdef TRAVIS @echo "fetching previous build to warm up build cache (only on travis)" docker pull $(docker_repo)/kopano_$(component):builder || true endif - docker build --rm \ +ifeq (,$(wildcard ./apt_auth.conf)) + touch apt_auth.conf +endif + DOCKER_BUILDKIT=1 docker build --rm \ --build-arg VCS_REF=$(vcs_ref) \ --build-arg docker_repo=${docker_repo} \ --build-arg KOPANO_CORE_VERSION=${core_download_version} \ @@ -76,6 +79,7 @@ endif --build-arg KOPANO_GID=$(KOPANO_GID) \ --cache-from $(docker_repo)/kopano_$(component):builder \ --cache-from $(docker_repo)/kopano_$(component):latest \ + --secret id=repocred,src=apt_auth.conf --progress=plain \ -t $(docker_repo)/kopano_$(component) $(component)/ .PHONY: build-simple @@ -94,7 +98,7 @@ ifdef TRAVIS @echo "fetching previous build to warm up build cache (only on travis)" docker pull $(docker_repo)/kopano_$(component):builder || true endif - docker build --rm \ + DOCKER_BUILDKIT=1 docker build --rm \ --target builder \ --build-arg VCS_REF=$(vcf_ref) \ --build-arg docker_repo=${docker_repo} \ @@ -159,7 +163,7 @@ build-kdav: component=kdav make build build-scheduler: - docker pull docker:18.09 + docker pull docker:19.03 component=scheduler make build-simple build-ssl: diff --git a/README.md b/README.md index e26c5b2..a787beb 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,5 @@ # (unofficial) Kopano Docker Images + [![Build Status](https://travis-ci.com/zokradonh/kopano-docker.svg?branch=master)](https://travis-ci.com/zokradonh/kopano-docker) This repository contains an easy to replicate recipe to spin up a [Kopano](https://kopano.com/) demo environment, which can (through modification of `.env` and possibly `docker-compose.yml`/`docker-compose.override.yml`) also be used for production environments. @@ -7,18 +8,21 @@ This repository contains an easy to replicate recipe to spin up a [Kopano](https - make sure that you are running at least Docker 17.06.0 and [Docker Compose](https://docs.docker.com/compose/install/) 1.19.0. - clone this repository to your local disk -- run `setup.sh` - - this script will ask you a few questions about your environment. +- run `setup.sh`: + - this script will ask you a few questions about your environment - If you are just interested in the demo environment you can accept the default values by pressing `Enter` on each question - now run `docker-compose up` and you will see how the remaining Docker images are pulled and then everything is started - after startup has succeeded you can access the Kopano WebApp by going to `https://kopano.demo/webapp` -- there are already some users created in the demo LDAP. These users all have a password that is identical to the username, e.g. the password for `user1` user `user1`. +- there are already some users created in the demo LDAP + - these users all have a password that is identical to the username, e.g. the password for `user1` user `user1` +- to build own containers at least Docker 19.03 is required + - this is due to the usage of build-time secrets If you want to get an impression how the containers interact/relate with each other have a look at the [architecture](ARCHITECTURE.md) description. -**Note:** There have been reports about the LDAP demo not starting up on MacOS. It is recommended to use a Linux OS if you want to use the bundled LDAP image. +**Note:** There have been reports about the LDAP demo not starting up on MacOS. It is recommended to use a Linux OS if you want to use the bundled LDAP image. -The `docker-compose.yml` file by default pulls Docker containers from https://hub.docker.com/r/zokradonh/kopano_core/ and https://hub.docker.com/r/zokradonh/kopano_webapp/. These images are based on the [Kopano nightly builds](https://download.kopano.io/community/) and will contain the latest version available from the time the image was built. +The `docker-compose.yml` file by default pulls Docker containers from for example https://hub.docker.com/r/zokradonh/kopano_core/ and https://hub.docker.com/r/zokradonh/kopano_webapp/. These images are based on the [Kopano nightly builds](https://download.kopano.io/community/) and will contain the latest version available from the time the image was built. ## Troubleshooting @@ -91,25 +95,30 @@ This project also makes it possible to build Docker images based on the official # Docker Repository to push to/pull from docker_repo=zokradonh COMPOSE_PROJECT_NAME=kopano +COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml:docker-compose.db.yml:docker-compose.ldap.yml:docker-compose.mail.yml -# Modify below to build a different version, than the kopano nightly release -#KOPANO_CORE_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/core:/final/Debian_9.0/ -#KOPANO_WEBAPP_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/webapp:/final/Debian_9.0/ -#KOPANO_WEBAPP_FILES_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/files:/final/Debian_9.0/ -#KOPANO_WEBAPP_MDM_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/mdm:/final/Debian_9.0/ -#KOPANO_WEBAPP_SMIME_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/smime:/final/Debian_9.0/ -#KOPANO_ZPUSH_REPOSITORY_URL=http://repo.z-hub.io/z-push:/final/Debian_9.0/ +# Modify below to build a different version, than the Kopano nightly release +# credentials for repositories are handled through a file called apt_auth.conf (which will be created through setup.sh or Makefile) +#KOPANO_CORE_REPOSITORY_URL=https://download.kopano.io/supported/core:/9.x/Debian_10/ +#KOPANO_MEET_REPOSITORY_URL=https://download.kopano.io/supported/meet:/final/Debian_10/ +#KOPANO_WEBAPP_REPOSITORY_URL=https://download.kopano.io/supported/webapp:/final/Debian_10/ +#KOPANO_WEBAPP_FILES_REPOSITORY_URL=https://download.kopano.io/supported/files:/final/Debian_10/ +#KOPANO_WEBAPP_MDM_REPOSITORY_URL=https://download.kopano.io/supported/mdm:/final/Debian_10/ +#KOPANO_WEBAPP_SMIME_REPOSITORY_URL=https://download.kopano.io/supported/smime:/final/Debian_10/ +#KOPANO_ZPUSH_REPOSITORY_URL=http://repo.z-hub.io/z-push:/final/Debian_10/ #RELEASE_KEY_DOWNLOAD=1 #DOWNLOAD_COMMUNITY_PACKAGES=0 ``` -Just uncomment the last four lines and insert your Kopano subscription key where it currently says `REPLACE-ME`. Once this is done a `make build-all` will rebuild the images based on the latest available Kopano release (don't forget to `make tag-core` and `make tag-webapp` your images after building them). +The credentials for the Kopano package repositories can either be defined through the url itself, e.g. like `https://serial:REPLACE-ME@download.kopano.io/supported/core:/final/Debian_10/` or through an `apt_auth.conf` file. Using `apt_auth.conf` is preferred, since it does not "leak" credentials into the final image. -If you are running a private Docker Registry then you may also change `docker_repo` to reference your internal registry. +With the above lines uncommented and credentials in place running `make build-all` will rebuild the images based on the latest available Kopano release (don't forget to `make tag-core` and `make tag-webapp` your images after building them). + +If you are running a private Docker Registry then you have to change `docker_repo` to reference your internal registry. Afterward you can run for example `make publish-core` to push the image to your registry. ***WARNING*** -The built image includes your subscription key! Do not push this image to any public registry like e.g. https://hub.docker.com! +When storing the credentials in the url the built image will include your subscription key! Do not push this image to any public registry like e.g. https://hub.docker.com! ### When building my own containers, how can I make sure my build works as expected? diff --git a/core/Dockerfile b/core/Dockerfile index 431f0a1..64d633f 100644 --- a/core/Dockerfile +++ b/core/Dockerfile @@ -1,3 +1,4 @@ +# syntax = docker/dockerfile:1.0-experimental ARG docker_repo=zokradonh FROM ${docker_repo}/kopano_base @@ -39,9 +40,10 @@ LABEL maintainer=az@zok.xyz \ SHELL ["/bin/bash", "-o", "pipefail", "-c"] # install Kopano Core and refresh ca-certificates -# hadolint ignore=DL3015 -RUN \ - # apt key has already been installed in base +# hadolint currently does not understand the extended buildkit syntax https://github.com/hadolint/hadolint/issues/347 +# hadolint ignore=SC2215,DL3015 +RUN --mount=type=secret,id=repocred,dst=/etc/apt/apt_auth.conf \ + # apt key for this repo has already been installed in base echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ # install apt-get update && \ diff --git a/kdav/Dockerfile b/kdav/Dockerfile index 27cd6ac..68bfdde 100644 --- a/kdav/Dockerfile +++ b/kdav/Dockerfile @@ -1,3 +1,4 @@ +# syntax = docker/dockerfile:1.0-experimental ARG docker_repo=zokradonh FROM composer:1.9 as builder @@ -31,7 +32,9 @@ LABEL maintainer=az@zok.xyz \ org.label-schema.schema-version="1.0" # install Kopano kDAV -RUN \ +# hadolint ignore=SC2215 +RUN --mount=type=secret,id=repocred,dst=/etc/apt/apt_auth.conf \ + # apt key for this repo has already been installed in base echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ set -x && \ apt-get update && apt-get install -y --no-install-recommends \ diff --git a/meet/Dockerfile b/meet/Dockerfile index a92e913..dc33e00 100644 --- a/meet/Dockerfile +++ b/meet/Dockerfile @@ -1,3 +1,4 @@ +# syntax = docker/dockerfile:1.0-experimental ARG docker_repo=zokradonh FROM ${docker_repo}/kopano_base:latest @@ -30,8 +31,9 @@ LABEL maintainer=az@zok.xyz \ SHELL ["/bin/bash", "-o", "pipefail", "-c"] -# install Kopano Core and refresh ca-certificates -RUN \ +# hadolint ignore=SC2215 +RUN --mount=type=secret,id=repocred,dst=/etc/apt/apt_auth.conf \ + # apt key for this repo has already been installed in base # community download and package as apt source repository . /kopano/helper/create-kopano-repo.sh && \ if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ diff --git a/php/Dockerfile b/php/Dockerfile index b8e0644..08b2f9e 100644 --- a/php/Dockerfile +++ b/php/Dockerfile @@ -1,3 +1,4 @@ +# syntax = docker/dockerfile:1.0-experimental ARG docker_repo=zokradonh FROM ${docker_repo}/kopano_base @@ -28,8 +29,9 @@ LABEL maintainer=az@zok.xyz \ SHELL ["/bin/bash", "-o", "pipefail", "-c"] # add install common php dependencies -# hadolint ignore=SC2129 -RUN \ +# hadolint ignore=SC2215 +RUN --mount=type=secret,id=repocred,dst=/etc/apt/apt_auth.conf \ + # apt key for this repo has already been installed in base echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ # install set -x && \ diff --git a/playground/Dockerfile b/playground/Dockerfile index 3d70fec..541f8bb 100644 --- a/playground/Dockerfile +++ b/playground/Dockerfile @@ -10,7 +10,7 @@ RUN mv kapi/examples/* /web/kapi-playground WORKDIR /web/kapi-playground RUN rm Makefile && ln -s oidc-client-example.html index.html -FROM halverneus/static-file-server:v1.7.0 +FROM halverneus/static-file-server:v1.8.0 ARG CODE_VERSION @@ -26,4 +26,4 @@ LABEL maintainer=az@zok.xyz \ COPY --from=builder /web /web ARG VCS_REF -LABEL org.label-schema.vcs-ref=$VCS_REF \ No newline at end of file +LABEL org.label-schema.vcs-ref=$VCS_REF diff --git a/python/Dockerfile b/python/Dockerfile index 23f36e6..3b75192 100644 --- a/python/Dockerfile +++ b/python/Dockerfile @@ -1,3 +1,4 @@ +# syntax = docker/dockerfile:1.0-experimental ARG docker_repo=zokradonh FROM ${docker_repo}/kopano_base @@ -27,8 +28,8 @@ LABEL maintainer=az@zok.xyz \ SHELL ["/bin/bash", "-o", "pipefail", "-c"] -# hadolint ignore=SC2129 -RUN \ +# hadolint ignore=SC2215 +RUN --mount=type=secret,id=repocred,dst=/etc/apt/apt_auth.conf \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ # install set -x && \ diff --git a/scheduler/Dockerfile b/scheduler/Dockerfile index 1270d3f..ac3e9f1 100644 --- a/scheduler/Dockerfile +++ b/scheduler/Dockerfile @@ -1,4 +1,4 @@ -FROM docker:18.09 +FROM docker:19.03 ENV \ DOCKERIZE_VERSION=v0.6.1 \ diff --git a/setup.sh b/setup.sh index 726de3b..b148208 100755 --- a/setup.sh +++ b/setup.sh @@ -45,6 +45,11 @@ for dockerenv in ldap password-self-service mail db kopano_ssl kopano_server kop touch ./"$dockerenv".env done +if ! grep -q download.kopano.com ./apt_auth.conf 2&> /dev/null; then + echo "Adding example entry to local apt_auth.conf" + echo "machine download.kopano.com login serial REPLACE-ME" >> ./apt_auth.conf +fi + if [ ! -e ./.env ]; then PRINT_SETUP_SUCCESS="" @@ -334,13 +339,14 @@ docker_repo=zokradonh COMPOSE_PROJECT_NAME=kopano COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml:docker-compose.db.yml:docker-compose.ldap.yml:docker-compose.mail.yml -# Modify below to build a different version, than the kopano nightly release -#KOPANO_CORE_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/core:/9.x/Debian_10/ -#KOPANO_MEET_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/meet:/final/Debian_10/ -#KOPANO_WEBAPP_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/webapp:/final/Debian_10/ -#KOPANO_WEBAPP_FILES_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/files:/final/Debian_10/ -#KOPANO_WEBAPP_MDM_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/mdm:/final/Debian_10/ -#KOPANO_WEBAPP_SMIME_REPOSITORY_URL=https://serial:REPLACE-ME@download.kopano.io/supported/smime:/final/Debian_10/ +# Modify below to build a different version, than the Kopano nightly release +# credentials for repositories are handled through a file called apt_auth.conf (which will be created through setup.sh or Makefile) +#KOPANO_CORE_REPOSITORY_URL=https://download.kopano.io/supported/core:/9.x/Debian_10/ +#KOPANO_MEET_REPOSITORY_URL=https://download.kopano.io/supported/meet:/final/Debian_10/ +#KOPANO_WEBAPP_REPOSITORY_URL=https://download.kopano.io/supported/webapp:/final/Debian_10/ +#KOPANO_WEBAPP_FILES_REPOSITORY_URL=https://download.kopano.io/supported/files:/final/Debian_10/ +#KOPANO_WEBAPP_MDM_REPOSITORY_URL=https://download.kopano.io/supported/mdm:/final/Debian_10/ +#KOPANO_WEBAPP_SMIME_REPOSITORY_URL=https://download.kopano.io/supported/smime:/final/Debian_10/ #KOPANO_ZPUSH_REPOSITORY_URL=http://repo.z-hub.io/z-push:/final/Debian_10/ #RELEASE_KEY_DOWNLOAD=1 #DOWNLOAD_COMMUNITY_PACKAGES=0 @@ -354,7 +360,6 @@ ADDITIONAL_KOPANO_WEBAPP_PLUGINS="$ADDITIONAL_KOPANO_WEBAPP_PLUGINS" EOF else - if ! grep -q COMPOSE_FILE ./.env; then echo "Adding COMPOSE_FILE setting to .env (for docker-compose.ports.yml)" echo "COMPOSE_FILE=docker-compose.yml:docker-compose.ports.yml" >> ./.env diff --git a/utils/Dockerfile b/utils/Dockerfile index 9c97da4..a6f58a2 100644 --- a/utils/Dockerfile +++ b/utils/Dockerfile @@ -1,3 +1,4 @@ +# syntax = docker/dockerfile:1.0-experimental ARG docker_repo=zokradonh FROM ${docker_repo}/kopano_core @@ -9,7 +10,9 @@ LABEL maintainer=az@zok.xyz \ org.label-schema.version=$KOPANO_CORE_VERSION \ org.label-schema.schema-version="1.0" -RUN apt-get update && apt-get install --no-install-recommends -y \ +# hadolint ignore=SC2215 +RUN --mount=type=secret,id=repocred,dst=/etc/apt/apt_auth.conf \ + apt-get update && apt-get install --no-install-recommends -y \ git \ iputils-ping \ kopano-backup \ diff --git a/webapp/Dockerfile b/webapp/Dockerfile index 3e7e483..b034a71 100644 --- a/webapp/Dockerfile +++ b/webapp/Dockerfile @@ -1,3 +1,4 @@ +# syntax = docker/dockerfile:1.0-experimental ARG docker_repo=zokradonh FROM ${docker_repo}/kopano_php @@ -22,12 +23,13 @@ ENV \ KOPANO_CORE_REPOSITORY_URL=$KOPANO_CORE_REPOSITORY_URL \ KOPANO_CORE_VERSION=$KOPANO_CORE_VERSION \ KOPANO_REPOSITORY_FLAGS=$KOPANO_REPOSITORY_FLAGS \ - RELEASE_KEY_DOWNLOAD=$RELEASE_KEY_DOWNLOAD \ + KOPANO_WEBAPP_FILES_REPOSITORY_URL=$KOPANO_WEBAPP_FILES_REPOSITORY_URL \ + KOPANO_WEBAPP_MDM_REPOSITORY_URL=$KOPANO_WEBAPP_MDM_REPOSITORY_URL \ KOPANO_WEBAPP_REPOSITORY_URL=$KOPANO_WEBAPP_REPOSITORY_URL \ KOPANO_WEBAPP_SMIME_REPOSITORY_URL=$KOPANO_WEBAPP_SMIME_REPOSITORY_URL \ - KOPANO_WEBAPP_MDM_REPOSITORY_URL=$KOPANO_WEBAPP_MDM_REPOSITORY_URL \ - KOPANO_WEBAPP_FILES_REPOSITORY_URL=$KOPANO_WEBAPP_FILES_REPOSITORY_URL \ - KOPANO_WEBAPP_VERSION=$KOPANO_WEBAPP_VERSION + KOPANO_WEBAPP_VERSION=$KOPANO_WEBAPP_VERSION \ + LANG=en_US.UTF-8 \ + RELEASE_KEY_DOWNLOAD=$RELEASE_KEY_DOWNLOAD LABEL maintainer=az@zok.xyz \ org.label-schema.name="Kopano WebApp container" \ @@ -39,10 +41,11 @@ LABEL maintainer=az@zok.xyz \ SHELL ["/bin/bash", "-o", "pipefail", "-c"] -# install Kopano WebApp and refresh ca-certificates -# hadolint ignore=SC2129 -RUN \ +# install Kopano WebApp +# hadolint ignore=SC2129,SC2215 +RUN --mount=type=secret,id=repocred,dst=/etc/apt/apt_auth.conf \ # community download and package as apt source repository + # TODO is it neccesary to source this file here? was already sourced before . /kopano/helper/create-kopano-repo.sh && \ if [ ${DOWNLOAD_COMMUNITY_PACKAGES} -eq 1 ]; then \ dl_and_package_community "webapp" "Debian_10"; \ @@ -73,8 +76,6 @@ COPY kweb.cfg /etc/kweb.cfg COPY start.sh /kopano/start.sh COPY goss* /goss/ -ENV LANG en_US.UTF-8 - WORKDIR /kopano/path ENTRYPOINT ["/usr/bin/dumb-init", "--"] diff --git a/zpush/Dockerfile b/zpush/Dockerfile index 1147d36..645faa5 100644 --- a/zpush/Dockerfile +++ b/zpush/Dockerfile @@ -1,3 +1,4 @@ +# syntax = docker/dockerfile:1.0-experimental ARG docker_repo=zokradonh FROM ${docker_repo}/kopano_base @@ -17,9 +18,10 @@ ENV \ KOPANO_CORE_REPOSITORY_URL=$KOPANO_CORE_REPOSITORY_URL \ KOPANO_CORE_VERSION=$KOPANO_CORE_VERSION \ KOPANO_REPOSITORY_FLAGS=$KOPANO_REPOSITORY_FLAGS \ - RELEASE_KEY_DOWNLOAD=$RELEASE_KEY_DOWNLOAD \ KOPANO_ZPUSH_REPOSITORY_URL=$KOPANO_ZPUSH_REPOSITORY_URL \ - KOPANO_ZPUSH_VERSION=$KOPANO_ZPUSH_VERSION + KOPANO_ZPUSH_VERSION=$KOPANO_ZPUSH_VERSION \ + LANG=en_US.UTF-8 \ + RELEASE_KEY_DOWNLOAD=$RELEASE_KEY_DOWNLOAD LABEL maintainer=az@zok.xyz \ org.label-schema.name="Kopano Z-Push container" \ @@ -32,7 +34,9 @@ LABEL maintainer=az@zok.xyz \ SHELL ["/bin/bash", "-o", "pipefail", "-c"] # install Z-Push -RUN \ +# TODO secret handling could go away when kopano_php is used as a base image +# hadolint ignore=SC2215 +RUN --mount=type=secret,id=repocred,dst=/etc/apt/apt_auth.conf \ echo "deb [${KOPANO_REPOSITORY_FLAGS}] ${KOPANO_CORE_REPOSITORY_URL} ./" > /etc/apt/sources.list.d/kopano.list; \ # prepare z-push installation echo "deb ${KOPANO_ZPUSH_REPOSITORY_URL} /" > /etc/apt/sources.list.d/zpush.list && \ @@ -96,8 +100,6 @@ EXPOSE 80/tcp COPY start.sh /kopano/start.sh -ENV LANG en_US.UTF-8 - ENTRYPOINT ["/usr/bin/dumb-init", "--"] CMD [ "/kopano/start.sh" ]