Add a script which explicitly detects for the presence of config.yaml in the built container, and fails if it is there

This will prevent any leakage of config.yaml's into the built image
2018-01-31 18:56:50 -05:00 · 2018-01-31 18:56:50 -05:00 · 43d74d808c
commit 43d74d808c
parent bc8e8f60e7
3 changed files with 12 additions and 0 deletions
--- a/2
+++ b/2
@ -55,4 +55,6 @@ RUN ln -s $QUAYCONF /conf
 #            /root/node_modules /node_modules /grunt
 RUN PYTHONPATH=$QUAYPATH venv/bin/alembic heads | grep -E '^[0-9a-f]+ \(head\)$' > ALEMBIC_HEAD

+RUN ./detect-config.sh
+
 CMD ./quay-entrypoint.sh
--- a/detect-config.sh
+++ b/detect-config.sh
@ -0,0 +1,8 @@
+if find . -name "config.yaml" -exec false {} +
+then
+  exit 0
+else
+  echo '!!! config.yaml found in container !!!'
+  find . -name "config.yaml"
+  exit -1
+fi
--- a/quay-base.dockerfile
+++ b/quay-base.dockerfile
@ -98,4 +98,6 @@ RUN venv/bin/python -m external_libraries
 RUN rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /root/.cache
 VOLUME ["/var/log", "/datastorage", "/tmp"]

+ADD detect-config.sh .
+RUN ./detect-config.sh
 EXPOSE 443 8443 80