I encountered a number of issues trying to follow the quickstart guide to run in docker containers on Windows. One of these (the first one) is due to the environment, but the remainder appear to be issues with the container build, scripts, and templates themselves.
I'm not sure that the solutions here are the 'correct' ones, which is why I'm not submitting them as a PR - especially the latter ones re: CA and password for mysqladmin pings... I'm not sure what the conventional way of doing this is with multiple containers. So, I'm submitting this issue for details on how I was able to work past them.
1. docker-entrypoint.sh not found
Description: secstore_app container fails to start
Solution: change docker-entrypoint.sh to LF line endings instead of CRLF
2. mysqladmin command not found
Description: secstore_app container starts but fails database check because mysqladmin command is not found
Solution: add default-mysql-client to the apt-get installed system dependencies in dockerfile
3. Database not ready yet, waiting...
Description: mysqladmin command is now available, but it still fails. This is due to self-signed certificate in the certificate chain and the fact that we are not providing any credentials.
Solution: add username and password to docker-entrypoint.sh mysqladmin ping command, as well as --ssl-verify-server-cert=false. NOTE: this is clearly not secure, but I am not sure how we retrieve the self-signed CA from the secstore_db container to pass it via --ssl-ca. I'm also not sure how to include the correct credentials in the command as replacement tokens... I think we can just use the ENV var but it's really late and I haven't tested that.
until mysqladmin ping -h"db" -u secstore -p"SecureDBPass123!" --ssl-verify-server-cert=false; do
4. Filter 'escape' is not allowed
Description: once the db is deemed to be running, the setup page throws an error indicating that 'escape' filter is not allowed.
Solution: remove the |escape filters from setup.latte. I suspect there is a more appropriate approach to this...
Note: the same error is thrown on /admin/security page.
The good news is... once I addressed these findings, it appears to work :)
I encountered a number of issues trying to follow the quickstart guide to run in docker containers on Windows. One of these (the first one) is due to the environment, but the remainder appear to be issues with the container build, scripts, and templates themselves.
I'm not sure that the solutions here are the 'correct' ones, which is why I'm not submitting them as a PR - especially the latter ones re: CA and password for mysqladmin pings... I'm not sure what the conventional way of doing this is with multiple containers. So, I'm submitting this issue for details on how I was able to work past them.
1. docker-entrypoint.sh not found
Description: secstore_app container fails to start
Solution: change docker-entrypoint.sh to LF line endings instead of CRLF
2. mysqladmin command not found
Description: secstore_app container starts but fails database check because mysqladmin command is not found
Solution: add
default-mysql-clientto the apt-get installed system dependencies in dockerfile3. Database not ready yet, waiting...
Description: mysqladmin command is now available, but it still fails. This is due to
self-signed certificate in the certificate chainand the fact that we are not providing any credentials.Solution: add username and password to docker-entrypoint.sh mysqladmin ping command, as well as
--ssl-verify-server-cert=false. NOTE: this is clearly not secure, but I am not sure how we retrieve the self-signed CA from the secstore_db container to pass it via--ssl-ca. I'm also not sure how to include the correct credentials in the command as replacement tokens... I think we can just use the ENV var but it's really late and I haven't tested that.until mysqladmin ping -h"db" -u secstore -p"SecureDBPass123!" --ssl-verify-server-cert=false; do4. Filter 'escape' is not allowed
Description: once the db is deemed to be running, the setup page throws an error indicating that 'escape' filter is not allowed.
Solution: remove the
|escapefilters fromsetup.latte. I suspect there is a more appropriate approach to this...Note: the same error is thrown on
/admin/securitypage.The good news is... once I addressed these findings, it appears to work :)