Skip to content

Commit bef1c5f

Browse files
tstephen-nhststephen
tstephen-nhs
and
tstephen
authored
Chore: [AEA-0000] - add standard lifecycle scripts (#76)
## Summary - 🤖 Operational or Infrastructure Change ### Details - Add standard lifecycle event scripts to base container. - Make the installation of git secrets work the same on fresh clone or existing - move to postCreate so it does not try to run on every start - test if already installed. --------- Co-authored-by: Tim Stephenson <tim@knowprocess.com>
1 parent 30e4b70 commit bef1c5f

File tree

18 files changed

+66
-2
lines changed

18 files changed

+66
-2
lines changed

.devcontainer/devcontainer.json

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,9 @@
2222
"--network=host"
2323
],
2424
"remoteEnv": { "LOCAL_WORKSPACE_FOLDER": "${localWorkspaceFolder}" },
25-
"postAttachCommand": "git-secrets --register-aws; git-secrets --add-provider -- cat /usr/share/secrets-scanner/nhsd-rules-deny.txt",
25+
"postCreateCommand": "bash ${SCRIPTS_DIR}/post_create.sh",
26+
"postStartCommand": "bash ${SCRIPTS_DIR}/post_start.sh",
27+
"postAttachCommand": "bash ${SCRIPTS_DIR}/post_attach.sh",
2628
"features": {
2729
},
2830
"customizations": {

Makefile

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -65,8 +65,12 @@ build-all: build-base-image build-node-24-image build-node-24-python-3-10-image
6565
build-regression-tests-image
6666

6767
build-image: guard-CONTAINER_NAME guard-BASE_VERSION_TAG guard-BASE_FOLDER guard-IMAGE_TAG
68+
workspace_folder="$${CONTAINER_NAME}"; \
69+
case "$${CONTAINER_NAME}" in \
70+
eps_*) workspace_folder="$$(printf '%s' "$${CONTAINER_NAME}" | tr '_' '-')" ;; \
71+
esac; \
6872
npx devcontainer build \
69-
--workspace-folder ./src/$${BASE_FOLDER}/$${CONTAINER_NAME} \
73+
--workspace-folder ./src/$${BASE_FOLDER}/$${workspace_folder} \
7074
$(NO_CACHE_FLAG) \
7175
--push false \
7276
--output type=image,name="${CONTAINER_PREFIX}$${CONTAINER_NAME}:$${IMAGE_TAG}",push=false,compression=zstd \

src/base/.devcontainer/Dockerfile

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ ENV CONTAINER_NAME=${CONTAINER_NAME}
2121
ENV TARGETARCH=${TARGETARCH}
2222

2323
COPY .tool-versions.asdf ${SCRIPTS_DIR}/${CONTAINER_NAME}/.tool-versions.asdf
24+
COPY --chmod=755 scripts/lifecycle/*.sh ${SCRIPTS_DIR}/
2425
COPY --chmod=755 scripts/root_install.sh ${SCRIPTS_DIR}/${CONTAINER_NAME}/root_install.sh
2526
COPY --chmod=755 Mk ${SCRIPTS_DIR}/Mk
2627

src/base/.devcontainer/devcontainer.json

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -12,6 +12,9 @@
1212
"IMAGE_TAG": "${localEnv:IMAGE_TAG}"
1313
}
1414
},
15+
"postCreateCommand": "bash ${SCRIPTS_DIR}/post_create.sh",
16+
"postStartCommand": "bash ${SCRIPTS_DIR}/post_start.sh",
17+
"postAttachCommand": "bash ${SCRIPTS_DIR}/post_attach.sh",
1518
"features": {
1619
"ghcr.io/devcontainers/features/docker-outside-of-docker:1": {
1720
"version": "latest",

src/base/.devcontainer/scripts/lifecycle/post_attach.sh

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
#!/usr/bin/env bash
2+
# Script to run as devcontainer postAttachCommand
3+
set -euo pipefail
4+
5+
# currently empty

src/base/.devcontainer/scripts/lifecycle/post_create.sh

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
#!/usr/bin/env bash
2+
# Script to run as devcontainer postCreateCommand
3+
set -euo pipefail
4+
5+
# Install git-secrets, register AWS patterns and NHS rules in an idempotent way
6+
if ! git config --get-all secrets.patterns | grep -Fq AKIA; then
7+
git-secrets --register-aws
8+
fi
9+
if ! git config --get-all secrets.providers | grep -Fxq "cat /usr/share/secrets-scanner/nhsd-rules-deny.txt"; then
10+
git-secrets --add-provider -- cat /usr/share/secrets-scanner/nhsd-rules-deny.txt
11+
fi

src/base/.devcontainer/scripts/lifecycle/post_start.sh

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
#!/usr/bin/env bash
2+
# Script to run as devcontainer postStartCommand
3+
set -euo pipefail
4+
5+
# currently empty

src/base_node/node_24/.devcontainer/devcontainer.json

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,9 @@
1313
},
1414
"context": "."
1515
},
16+
"postCreateCommand": "bash ${SCRIPTS_DIR}/post_create.sh",
17+
"postStartCommand": "bash ${SCRIPTS_DIR}/post_start.sh",
18+
"postAttachCommand": "bash ${SCRIPTS_DIR}/post_attach.sh",
1619
"features": {}
1720
}
1821

src/languages/node_24_python_3_10/.devcontainer/devcontainer.json

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,9 @@
1313
},
1414
"context": "."
1515
},
16+
"postCreateCommand": "bash ${SCRIPTS_DIR}/post_create.sh",
17+
"postStartCommand": "bash ${SCRIPTS_DIR}/post_start.sh",
18+
"postAttachCommand": "bash ${SCRIPTS_DIR}/post_attach.sh",
1619
"features": {}
1720
}
1821

src/languages/node_24_python_3_12/.devcontainer/devcontainer.json

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -13,6 +13,9 @@
1313
},
1414
"context": "."
1515
},
16+
"postCreateCommand": "bash ${SCRIPTS_DIR}/post_create.sh",
17+
"postStartCommand": "bash ${SCRIPTS_DIR}/post_start.sh",
18+
"postAttachCommand": "bash ${SCRIPTS_DIR}/post_attach.sh",
1619
"features": {}
1720
}
1821

0 commit comments

Comments
 (0)