Build: change docker container to set MONKEY_DOCKER_CONTAINER env var. This variable is needed because we can't prompt for data dir removal on docker like we do on other deployments

Due to the fact that docker is not running interactively and user might be running on an old data dir if he uses volumes, we need special case for docker
This commit is contained in:
VakarisZ 2021-10-25 16:25:33 +03:00
parent 97642f45dc
commit cebd41b264
4 changed files with 53 additions and 6 deletions

View File

@ -18,6 +18,7 @@ COPY --from=builder /monkey /monkey
WORKDIR /monkey WORKDIR /monkey
EXPOSE 5000 EXPOSE 5000
EXPOSE 5001 EXPOSE 5001
ENV MONKEY_DOCKER_CONTAINER=true
RUN groupadd -r monkey-island && useradd --no-log-init -r -g monkey-island monkey-island RUN groupadd -r monkey-island && useradd --no-log-init -r -g monkey-island monkey-island
RUN chmod 444 /monkey/monkey_island/cc/server.key RUN chmod 444 /monkey/monkey_island/cc/server.key
RUN chmod 444 /monkey/monkey_island/cc/server.csr RUN chmod 444 /monkey/monkey_island/cc/server.csr

View File

@ -5,6 +5,7 @@ from pathlib import Path
from common.version import get_version from common.version import get_version
from monkey_island.cc.server_utils.file_utils import create_secure_directory from monkey_island.cc.server_utils.file_utils import create_secure_directory
from monkey_island.cc.setup.env_utils import is_running_on_docker
from monkey_island.cc.setup.version_file_setup import get_version_from_dir, write_version from monkey_island.cc.setup.version_file_setup import get_version_from_dir, write_version
logger = logging.getLogger(__name__) logger = logging.getLogger(__name__)
@ -26,6 +27,17 @@ def setup_data_dir(data_dir_path: Path) -> None:
def _is_data_dir_old(data_dir_path: Path) -> bool: def _is_data_dir_old(data_dir_path: Path) -> bool:
dir_exists = data_dir_path.exists() dir_exists = data_dir_path.exists()
if is_running_on_docker():
if _data_dir_version_mismatch_exists(data_dir_path):
error_message = "Found an old volume. "
"You must create an empty volume for each docker container "
"as specified in setup documentation: "
"https://www.guardicore.com/infectionmonkey/docs/setup/docker/"
raise IncompatibleDataDirectory(error_message)
else:
return False
if not dir_exists or not os.listdir(data_dir_path): if not dir_exists or not os.listdir(data_dir_path):
return False return False

View File

@ -0,0 +1,8 @@
import os
# Must match evn var name in build_scripts/docker/Dockerfile:21
DOCKER_ENV_VAR = "MONKEY_DOCKER_CONTAINER"
def is_running_on_docker():
return os.environ.get(DOCKER_ENV_VAR) == "true"

View File

@ -3,6 +3,7 @@ from pathlib import Path
import pytest import pytest
from monkey_island.cc.setup.data_dir import IncompatibleDataDirectory, setup_data_dir from monkey_island.cc.setup.data_dir import IncompatibleDataDirectory, setup_data_dir
from monkey_island.cc.setup.env_utils import DOCKER_ENV_VAR
from monkey_island.cc.setup.version_file_setup import _version_filename from monkey_island.cc.setup.version_file_setup import _version_filename
current_version = "1.1.1" current_version = "1.1.1"
@ -27,6 +28,12 @@ def temp_version_file_path(temp_data_dir_path) -> Path:
return temp_data_dir_path / _version_filename return temp_data_dir_path / _version_filename
def create_bogus_file(dir_path: Path) -> Path:
bogus_file_path = dir_path / "test.txt"
bogus_file_path.touch()
return bogus_file_path
def test_setup_data_dir(temp_data_dir_path, temp_version_file_path): def test_setup_data_dir(temp_data_dir_path, temp_version_file_path):
data_dir_path = temp_data_dir_path data_dir_path = temp_data_dir_path
setup_data_dir(data_dir_path) setup_data_dir(data_dir_path)
@ -41,8 +48,7 @@ def test_old_version_removed(monkeypatch, temp_data_dir_path, temp_version_file_
temp_data_dir_path.mkdir() temp_data_dir_path.mkdir()
temp_version_file_path.write_text(old_version) temp_version_file_path.write_text(old_version)
bogus_file_path = temp_data_dir_path / "test.txt" bogus_file_path = create_bogus_file(temp_data_dir_path)
bogus_file_path.touch()
setup_data_dir(temp_data_dir_path) setup_data_dir(temp_data_dir_path)
@ -58,8 +64,7 @@ def test_old_version_not_removed(
temp_data_dir_path.mkdir() temp_data_dir_path.mkdir()
temp_version_file_path.write_text(old_version) temp_version_file_path.write_text(old_version)
bogus_file_path = temp_data_dir_path / "test.txt" bogus_file_path = create_bogus_file(temp_data_dir_path)
bogus_file_path.touch()
with pytest.raises(IncompatibleDataDirectory): with pytest.raises(IncompatibleDataDirectory):
setup_data_dir(temp_data_dir_path) setup_data_dir(temp_data_dir_path)
@ -71,8 +76,7 @@ def test_old_version_not_removed(
def test_data_dir_setup_not_needed(temp_data_dir_path, temp_version_file_path): def test_data_dir_setup_not_needed(temp_data_dir_path, temp_version_file_path):
temp_data_dir_path.mkdir() temp_data_dir_path.mkdir()
temp_version_file_path.write_text(current_version) temp_version_file_path.write_text(current_version)
bogus_file_path = temp_data_dir_path / "test.txt" bogus_file_path = create_bogus_file(temp_data_dir_path)
bogus_file_path.touch()
setup_data_dir(temp_data_dir_path) setup_data_dir(temp_data_dir_path)
assert temp_version_file_path.read_text() == current_version assert temp_version_file_path.read_text() == current_version
@ -84,3 +88,25 @@ def test_empty_data_dir(temp_data_dir_path, temp_version_file_path):
setup_data_dir(temp_data_dir_path) setup_data_dir(temp_data_dir_path)
assert temp_version_file_path.read_text() == current_version assert temp_version_file_path.read_text() == current_version
def test_new_data_dir_docker(monkeypatch, temp_data_dir_path, temp_version_file_path):
monkeypatch.setenv(DOCKER_ENV_VAR, "true")
temp_data_dir_path.mkdir()
bogus_file_path = create_bogus_file(temp_data_dir_path)
temp_version_file_path.write_text(current_version)
setup_data_dir(temp_data_dir_path)
assert temp_version_file_path.read_text() == current_version
assert bogus_file_path.is_file()
def test_old_data_dir_docker(monkeypatch, temp_data_dir_path, temp_version_file_path):
monkeypatch.setenv(DOCKER_ENV_VAR, "true")
temp_data_dir_path.mkdir()
temp_version_file_path.write_text(old_version)
with pytest.raises(IncompatibleDataDirectory):
setup_data_dir(temp_data_dir_path)