feat: adding checks for safer startup #412
Conversation
O-Mutt
requested review from
cibero42 and
Copilot
and removed request for
Copilot
There was a problem hiding this comment.
Pull Request Overview
This PR enhances the Docker container startup for Mautic by adding robust validation steps and cleaning up the web entrypoint.
- Introduces modular startup checks for volumes, permissions, environment variables, and DB connectivity
- Simplifies the web entrypoint by removing redundant logic
- Updates the main entrypoint to invoke all new checks and adds a missing variable
Reviewed Changes
Copilot reviewed 6 out of 6 changed files in this pull request and generated 2 comments.
Show a summary per file
| File | Description |
|---|---|
| common/startup/check_volumes_exist.sh | Add function to verify required volumes exist as directories |
| common/startup/check_volume_permissions.sh | Add script to set ownership on volumes and fail on error |
| common/startup/check_environment_variables.sh | Add function to ensure required DB env vars are present |
| common/startup/check_database_connection.sh | Add retry loop to wait for MySQL readiness with timeout |
| common/entrypoint_mautic_web.sh | Remove redundant chown and DB wait logic |
| common/docker-entrypoint.sh | Define MAUTIC_VAR_DIR, invoke new startup scripts, set up volumes |
Comments suppressed due to low confidence (2)
common/docker-entrypoint.sh:6
- The default for MAUTIC_VOLUME_CONSOLE mistakenly references MAUTIC_VOLUME_CONFIG instead of MAUTIC_VOLUME_CONSOLE. Update it to
export MAUTIC_VOLUME_CONSOLE="${MAUTIC_VOLUME_CONSOLE:-/var/www/html/bin/console}"to avoid overriding the console path.
export MAUTIC_VOLUME_CONSOLE="${MAUTIC_VOLUME_CONFIG:-/var/www/html/bin/console}"
common/docker-entrypoint.sh:8
- [nitpick] The name
MAUTIC_VAR_DIRis inconsistent with other volume variables prefixed byMAUTIC_VOLUME_. Consider renaming toMAUTIC_VOLUME_VARfor naming consistency.
export MAUTIC_VAR_DIR="${MAUTIC_VAR_DIR:-/var/www/html/var}"
c955259 to
fccf272
Compare
There was a problem hiding this comment.
Pull Request Overview
This PR enhances container startup safety by adding modular checks for volumes, environment variables, and database readiness, while cleaning up redundant logic in entrypoint scripts.
- Introduces scripts to validate volume existence/permissions, required env vars, and retry MySQL connectivity.
- Simplifies the web entrypoint by removing duplicated ownership and DB-wait loops.
- Updates the main docker-entrypoint to export new defaults and invoke the new checks.
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| common/startup/check_volumes.sh | Add check_volume_permissions to verify directories and ownership. |
| common/startup/check_environment_variables.sh | Implement check_environment_variables for required env var validation. |
| common/startup/check_database_connection.sh | Add check_mysql_connection with retry logic for database readiness. |
| common/entrypoint_mautic_web.sh | Remove redundant ownership and DB-wait logic from web entrypoint. |
| common/docker-entrypoint.sh | Define new volume/env defaults and invoke the startup check scripts. |
Comments suppressed due to low confidence (3)
common/startup/check_environment_variables.sh:1
- [nitpick] Consider adding unit or integration tests for this script to validate behavior when required environment variables are missing or set.
function check_environment_variables {
common/startup/check_database_connection.sh:1
- Using
localat the top level is invalid in Bash; move these declarations inside a function or change to a standard assignment (e.g.,FAILURE_COUNT=0).
local FAILURE_COUNT=0
common/startup/check_database_connection.sh:5
- The escaped quotes (
\") will be passed literally tomysqladmin. Update to use--host="$MAUTIC_DB_HOST"(without backslashes) so the variable expands correctly.
IS_MYSQL_ALIVE=$(mysqladmin --host=\"$MAUTIC_DB_HOST\" --port=\"$MAUTIC_DB_PORT\" --user=\"$MAUTIC_DB_USER\" --password=\"$MAUTIC_DB_PASSWORD\" ping 2>&1)
There was a problem hiding this comment.
Pull Request Overview
This pull request enhances the startup process for Mautic Docker containers by introducing modular scripts to validate volume existence and ownership, environment variables, and database connectivity.
- Added a script to verify volume existence and ownership.
- Introduced a script to check for required environment variables.
- Implemented a robust MySQL connection check with a retry mechanism.
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 1 comment.
Show a summary per file
| File | Description |
|---|---|
| common/startup/check_volumes_exist_ownership.sh | Validates that required volumes exist and corrects ownership if needed. |
| common/startup/check_environment_variables.sh | Checks that essential environment variables are set. |
| common/startup/check_database_connection.sh | Implements a retry logic to confirm that MySQL is alive before proceeding. |
| common/entrypoint_mautic_web.sh | Removes redundant ownership and DB connectivity checks, delegating to startup scripts. |
| common/docker-entrypoint.sh | Exports additional variables and sequentially triggers new startup check scripts. |
Comments suppressed due to low confidence (1)
common/startup/check_database_connection.sh:5
- Using escaped quotes in the mysqladmin parameters may result in literal quotes being passed, which could affect connection behavior. Remove the escape characters so that the parameters are passed as --host="$MAUTIC_DB_HOST".
IS_MYSQL_ALIVE=$(mysqladmin --host="$MAUTIC_DB_HOST" --port="$MAUTIC_DB_PORT" --user="$MAUTIC_DB_USER" --password="$MAUTIC_DB_PASSWORD" ping 2>&1)
cibero42
added
the
hardening
Copilot be copiloting: #412 (comment) contradicts #412 (comment) |
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Renato <102629460+cibero42@users.noreply.github.com>
There was a problem hiding this comment.
Hey @O-Mutt,
I've done multiple suggestions to improve the code readability and performance, please take a look at them so that we can proceed with this PR.
Furthermore, please adopt a default indentation (4 spaces = 1 tab) throughout the code - currently we're using different standards among the files
Thanks!
…, fix various bits and bobs
|
All good! Thanks @O-Mutt, nice work :) |
3 participants
Description
This PR is to run several checks on docker container startup.
MAUTIC_DB_*env variables are setIn using these 4 steps we create a more friendly user experience for starting up the containers
Another split from #359, pt 2.
Copilot summary
This pull request refactors and improves the initialization process for a Docker-based Mautic setup by introducing modular checks for environment variables, database connectivity, and volume existence/ownership. It also simplifies and organizes the entrypoint scripts for better maintainability.
Refactoring and modularization of checks:
check_environment_variables.shto ensure required environment variables (MAUTIC_DB_HOST,MAUTIC_DB_PORT,MAUTIC_DB_USER,MAUTIC_DB_PASSWORD,DOCKER_MAUTIC_ROLE) are set before proceeding.check_database_connection.shto handle MySQL connectivity validation with retry logic and clear error handling if the database is not responsive after a maximum number of attempts.check_volumes_exist_ownership.shto verify that specified volumes exist and have the correct ownership (MAUTIC_WWW_USER:MAUTIC_WWW_GROUP), applying ownership changes if necessary.Simplification of entrypoint scripts:
docker-entrypoint.sh: Replaced inline checks with modular scripts (check_volumes_exist_ownership.sh,check_environment_variables.sh,check_database_connection.sh) for better organization and maintainability. Also introduced a newMAUTIC_VOLUMESarray to manage volume paths more effectively.entrypoint_mautic_web.sh: Eliminated direct ownership checks and database connection wait logic, delegating these tasks to the newly added modular scripts.