Fix Docker build issues: Replace shasum with sha256sum and handle Caddyfile path correctly
ci/woodpecker/push/woodpecker Pipeline failed
Details
ci/woodpecker/push/woodpecker Pipeline failed
Details
This commit is contained in:
parent
c4a45ef8fd
commit
2d50f99b65
|
@ -1,6 +1,6 @@
|
|||
FROM caddy:2-alpine
|
||||
|
||||
# Install required tools for hash calculation
|
||||
# Install required tools for hash calculation and CSP updates
|
||||
RUN apk add --no-cache bash coreutils findutils grep sed xxd perl gawk
|
||||
|
||||
# Copy update scripts first
|
||||
|
@ -9,6 +9,8 @@ COPY caddy.sh /srv/caddy.sh
|
|||
|
||||
# Copy Caddyfile and static content
|
||||
COPY Caddyfile /etc/caddy/Caddyfile
|
||||
# Also copy to /srv for compatibility with the script
|
||||
COPY Caddyfile /srv/Caddyfile
|
||||
COPY index.html /srv/
|
||||
COPY theme.js /srv/
|
||||
COPY utils.js /srv/
|
||||
|
@ -18,6 +20,12 @@ COPY favicon.ico /srv/
|
|||
# Copy one-pager-tools directory
|
||||
COPY one-pager-tools /srv/one-pager-tools/
|
||||
|
||||
# Copy includes directory if it exists
|
||||
COPY includes /srv/includes/ 2>/dev/null || :
|
||||
|
||||
# Copy stories directory if it exists
|
||||
COPY stories /srv/stories/ 2>/dev/null || :
|
||||
|
||||
# Set working directory
|
||||
WORKDIR /srv
|
||||
|
||||
|
|
|
@ -16,7 +16,12 @@ echo "Updating CSP hashes for all JavaScript, CSS files, and inline styles..."
|
|||
|
||||
# Directory containing the files
|
||||
BASE_DIR="$(pwd)"
|
||||
# Check if we're in a Docker environment
|
||||
if [ -f "/etc/caddy/Caddyfile" ]; then
|
||||
CADDYFILE="/etc/caddy/Caddyfile"
|
||||
else
|
||||
CADDYFILE="$BASE_DIR/Caddyfile"
|
||||
fi
|
||||
TEMP_INLINE_HASHES_FILE=$(mktemp)
|
||||
|
||||
# Arrays to store hashes
|
||||
|
@ -26,13 +31,13 @@ STYLE_HASHES=()
|
|||
# Calculate hash for a file
|
||||
calculate_hash() {
|
||||
local file=$1
|
||||
shasum -a 256 "$file" | awk '{print $1}' | xxd -r -p | base64
|
||||
sha256sum "$file" | awk '{print $1}' | xxd -r -p | base64
|
||||
}
|
||||
|
||||
# Calculate hash for inline style
|
||||
calculate_inline_hash() {
|
||||
local style_content=$1
|
||||
echo -n "$style_content" | shasum -a 256 | awk '{print $1}' | xxd -r -p | base64
|
||||
echo -n "$style_content" | sha256sum | awk '{print $1}' | xxd -r -p | base64
|
||||
}
|
||||
|
||||
# Process JavaScript files
|
||||
|
@ -160,6 +165,8 @@ STYLE_HASHES_STR=$(printf " %s" "${STYLE_HASHES[@]}")
|
|||
# Create the CSP string
|
||||
CSP_STRING="default-src 'none'; script-src 'self'$SCRIPT_HASHES_STR; style-src 'self'$STYLE_HASHES_STR; img-src 'self' data:; font-src 'self' data:; connect-src 'self'; object-src 'none'; frame-ancestors 'none'; base-uri 'none'; form-action 'none';"
|
||||
|
||||
# Check if Caddyfile exists before attempting to modify it
|
||||
if [ -f "$CADDYFILE" ]; then
|
||||
# Create a temporary file for the Caddyfile update
|
||||
tmp_file=$(mktemp)
|
||||
|
||||
|
@ -174,6 +181,9 @@ awk -v csp_string="$CSP_STRING" '
|
|||
|
||||
# Replace original Caddyfile with modified content
|
||||
mv "$tmp_file" "$CADDYFILE"
|
||||
else
|
||||
echo "Warning: Caddyfile not found at $CADDYFILE"
|
||||
fi
|
||||
|
||||
# Also update Caddyfile.local if it exists
|
||||
if [ -f "$BASE_DIR/Caddyfile.local" ]; then
|
||||
|
|
Loading…
Reference in New Issue