Container

CHANGELOG.md

@@ -1,5 +1,9 @@
 # Change log
 
+## release v1.2
+
+- GH-53: Add support for docker container images
+
 ## release v1.1
 
 - GH-66: Allow parallel building of AMI and Vagrant boxes.

Source/Builders/Initialize-ISH.Instance.ps1

@@ -17,7 +17,10 @@ param(
     [securestring]$PFXCertificatePassword,
     [Parameter(Mandatory=$false,ParameterSetName="External Database")]
     [Parameter(Mandatory=$false,ParameterSetName="Demo Database")]
-    [string]$HostName=$null
+    [string]$HostName=$null,
+    [Parameter(Mandatory=$false,ParameterSetName="External Database")]
+    [Parameter(Mandatory=$false,ParameterSetName="Demo Database")]
+    [switch]$InContainer=$false
 )
 
 $cmdletsPaths="$PSScriptRoot\..\Cmdlets"
@@ -102,6 +105,27 @@ Set-ISHUserLocal -OSUserCredentials $OSUserCredentials
 Set-ISHUserAdministrator -OSUser $osUserName
 Initialize-ISHUserLocalProfile -OSUserCredentials $OSUserCredentials
 
+#region Grant read access to certificate private key
+
+if($InContainer)
+{
+    $permission = $OSUserCredentials.UserName,"Read","Allow"
+    $accessRule = New-Object -TypeName System.Security.AccessControl.FileSystemAccessRule -ArgumentList $permission
+
+    $keyPath = $env:ProgramData + "\Microsoft\Crypto\RSA\MachineKeys\"
+    $keyName = $certificate.PrivateKey.CspKeyContainerInfo.UniqueKeyContainerName
+    $keyFullPath = Join-Path $keyPath $keyName
+
+    # Get the current acl of the private key
+    $acl = Get-Acl -Path $keyFullPath
+
+    # Add the new ace to the acl of the private key
+    $acl.AddAccessRule($accessRule)
+
+    # Write back the new acl
+    Set-Acl -Path $keyFullPath -AclObject $acl
+}
+#endregion
 
 #endregion
 
@@ -206,6 +230,7 @@ $extensions=@(
     "*.xsl"
     "*.ps1"
     "*.psm1"
+    "*.bat"
 )
 
 $foldersToScan=@(

Source/Docker/ISH.Cmd.ps1

@@ -1,103 +1,122 @@
 param(
-    [Parameter(Mandatory=$true,ParameterSet="External Database")]
-    [Parameter(Mandatory=$true,ParameterSet="Internal Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="External Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="Internal Database")]
     [string]$OsUserName,
-    [Parameter(Mandatory=$true,ParameterSet="External Database")]
-    [Parameter(Mandatory=$true,ParameterSet="Internal Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="External Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="Internal Database")]
     [string]$OsUserPassword,
-    [Parameter(Mandatory=$true,ParameterSet="External Database")]
-    [Parameter(Mandatory=$true,ParameterSet="Internal Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="External Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="Internal Database")]
     [string]$PFXCertificatePath,
-    [Parameter(Mandatory=$true,ParameterSet="External Database")]
-    [Parameter(Mandatory=$true,ParameterSet="Internal Database")]
-    [securestring]$PFXCertificatePassword,
-    [Parameter(Mandatory=$false,ParameterSet="External Database")]
-    [Parameter(Mandatory=$false,ParameterSet="Internal Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="External Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="Internal Database")]
+    [string]$PFXCertificatePassword,
+    [Parameter(Mandatory=$false,ParameterSetName="External Database")]
+    [Parameter(Mandatory=$false,ParameterSetName="Internal Database")]
     [string]$HostName=$null,
-    [Parameter(Mandatory=$true,ParameterSet="External Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="External Database")]
     [string]$ConnectionString,
-    [Parameter(Mandatory=$true,ParameterSet="External Database")]
+    [Parameter(Mandatory=$true,ParameterSetName="External Database")]
     [ValidateSet("sqlserver2014","oracle")]
     [string]$DBType,
-    [Parameter(Mandatory=$false,ParameterSet="Internal Database")]
+    [Parameter(Mandatory=$false,ParameterSetName="Internal Database")]
     [string]$sa_password,
-    [Parameter(Mandatory=$false,ParameterSet="Internal Database")]
+    [Parameter(Mandatory=$false,ParameterSetName="Internal Database")]
     [string]$ACCEPT_EULA,
-    [Parameter(Mandatory=$false,ParameterSet="External Database")]
-    [Parameter(Mandatory=$false,ParameterSet="Internal Database")]
+    [Parameter(Mandatory=$false,ParameterSetName="External Database")]
+    [Parameter(Mandatory=$false,ParameterSetName="Internal Database")]
     [switch]$Loop=$false
 )
 
 if ($PSBoundParameters['Debug']) {
     $DebugPreference = 'Continue'
 }
 
-$buildersPath=Join-Path $PSScriptRoot "..\Builders"
+$firstRunPath=Join-Path $env:ProgramData "ISHDocker"
 
-$osUserCredentials=New-Object System.Management.Automation.PSCredential($OsUserName, (ConvertTo-SecureString -String $OsUserPassword -AsPlainText -Force))
-$pfxCertificateSecurePassword=ConvertTo-SecureString -String $PFXCertificatePassword -AsPlainText -Force
+if(-not (Test-Path -Path $firstRunPath))
+{
+    Write-Host "[DockerHost]Initializing container"
 
-$hash=@{
-    OsUserCredentials=$osUserCredentials
-    PFXCertificatePath=$PFXCertificatePath
-    PFXCertificatePassword=$pfxCertificateSecurePassword
-}
+    $buildersPath=Join-Path $PSScriptRoot "..\Builders"
 
-if($HostName)
-{
-    $hash.HostName=$HostName
-}
+    $osUserCredentials=New-Object System.Management.Automation.PSCredential($OsUserName, (ConvertTo-SecureString -String $OsUserPassword -AsPlainText -Force))
+    $osUserCredentials=Get-ISHNormalizedCredential -Credentials $osUserCredentials
+    $pfxCertificateSecurePassword=ConvertTo-SecureString -String $PFXCertificatePassword -AsPlainText -Force
 
-switch ($PSCmdlet.ParameterSetName)
-{
-    'External Database' {
-        $hash.ConnectionString=$ConnectionString
-        $hash.DbType=$DBType
+    $hash=@{
+        OsUserCredentials=$osUserCredentials
+        PFXCertificatePath=$PFXCertificatePath
+        PFXCertificatePassword=$pfxCertificateSecurePassword
     }
-    'Internal Database' {
-        $hash=@{
-        }
-        & .\start -sa_password $sa_password -ACCEPT_EULA $ACCEPT_EULA -attach_dbs $attach_dbs
+
+    if($HostName)
+    {
+        $hash.HostName=$HostName
     }
-}
 
-if($PSCmdlet.ParameterSetName -eq "Internal Database")
-{
-    # Doing part of the https://github.com/Sarafian/Docker/blob/master/Source/mssql2014-server-windows-express/start.ps1
+    switch ($PSCmdlet.ParameterSetName)
+    {
+        'External Database' {
+            $hash.ConnectionString=$ConnectionString
+            $hash.DbType=$DBType
+        }
+        'Internal Database' {
+            Write-Host "[DockerHost]Starting internal database"
+            # Doing part of the https://github.com/Sarafian/Docker/blob/master/Source/mssql2014-server-windows-express/start.ps1
 
-    if($ACCEPT_EULA -ne "Y" -And $ACCEPT_EULA -ne "y"){
-	    Write-Verbose "ERROR: You must accept the End User License Agreement before this container can start."
-	    Write-Verbose "Set the environment variable ACCEPT_EULA to 'Y' if you accept the agreement."
+            if($ACCEPT_EULA -ne "Y" -And $ACCEPT_EULA -ne "y"){
+	            Write-Verbose "ERROR: You must accept the End User License Agreement before this container can start."
+	            Write-Verbose "Set the environment variable ACCEPT_EULA to 'Y' if you accept the agreement."
 
-        exit 1 
-    }
+                exit 1 
+            }
+
+            Write-Verbose "Starting SQL Server"
+            start-service MSSQL`$SQLEXPRESS
 
-    Write-Verbose "Starting SQL Server"
-    start-service MSSQL`$SQLEXPRESS
+            if($sa_password -ne "_"){
+	            Write-Verbose "Changing SA login credentials"
+                $sqlcmd = "ALTER LOGIN sa with password=" +"'" + $sa_password + "'" + ";ALTER LOGIN sa ENABLE;"
+                Invoke-Sqlcmd -Query $sqlcmd -ServerInstance ".\SQLEXPRESS" 
+            }
 
-    if($sa_password -ne "_"){
-	    Write-Verbose "Changing SA login credentials"
-        $sqlcmd = "ALTER LOGIN sa with password=" +"'" + $sa_password + "'" + ";ALTER LOGIN sa ENABLE;"
-        Invoke-Sqlcmd -Query $sqlcmd -ServerInstance ".\SQLEXPRESS" 
+            Write-Verbose "Started SQL Server."
+        }
     }
 
-    Write-Verbose "Started SQL Server."
+    Write-Host "[DockerHost]Initializing deployment"
+    & $buildersPath\Initialize-ISH.Instance.ps1 @hash -InContainer
+
+    "Initialized" | Out-File -FilePath $firstRunPath -Force
+    Write-Host "[DockerHost]Container ready"
+}
+else
+{
+    Write-Host "[DockerHost]Container already initialized"
 }
 
-& $buildersPath\Initialize-ISH.Instance.ps1 @hash
 
 if($Loop)
 {
-    $lastCheck = (Get-Date).AddSeconds(-2) 
+    $intervalSeconds=30
+    $lastCheck = (Get-Date).AddSeconds(-($intervalSeconds)) 
     while ($true) { 
         if($PSCmdlet.ParameterSetName -eq "Internal Database")
         {
+            Write-Host "Probing event log for MSSQL"
             Get-EventLog -LogName Application -Source "MSSQL*" -After $lastCheck | Select-Object TimeGenerated, EntryType, Message	 
         }
         # TODO: Figure out ISH event log source
+        Write-Host "Probing event log for Trisoft"
         Get-EventLog -LogName Application -Source "Trisoft*" -After $lastCheck | Select-Object TimeGenerated, EntryType, Message	 
 
         $lastCheck = Get-Date 
-        Start-Sleep -Seconds 2 
+        Write-Host "Sleeping for $intervalSeconds seconds"
+        Start-Sleep -Seconds $intervalSeconds 
     }
+}
+else
+{
+    Write-Host "hostname=$HostName"
 }

Source/Docker/ISH.HealthCheck.ps1

@@ -17,12 +17,15 @@ if($IncludeMSSQL)
 }
 
 $serviceNames|ForEach-Object {
+    Write-Host "Probing service $_"
     $service=Get-Service -Name $_
+    Write-Host "Service $_ status is $($service.Status)"
     if($service.Status -ne [System.ServiceProcess.ServiceControllerStatus]::Running)
     {
-        Write-Host "$_ is not running"
-        exit -1
+        Write-Host "[DockerHost]$_ is not running"
+        Write-Host "[DockerHost]Not healthy"
+        exit 1
     }
 }
-
+Write-Host "[DockerHost]Healthy"
 exit 0

Source/ISH.MSSQL.dockerfile

@@ -16,6 +16,10 @@ ENV ACCEPT_EULA _
 
 SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
 
+# Workaround for powershell in interactive container can paste only 50 chars from clipboard
+# https://github.com/moby/moby/issues/29646#issuecomment-300474598
+RUN Remove-Item -Path $env:ProgramFiles/WindowsPowerShell/Modules/PSReadLine" -Recurse -Force
+
 ADD . C:/Provision/ISHBootstrap/Source
 ADD https://github.com/Microsoft/iis-docker/blob/master/windowsservercore/ServiceMonitor.exe?raw=true /Provision/ServiceMonitor.exe
 

Source/ISH.dockerfile

@@ -17,6 +17,10 @@ ENV HostName _
 
 SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPreference = 'SilentlyContinue';"]
 
+# Workaround for powershell in interactive container can paste only 50 chars from clipboard
+# https://github.com/moby/moby/issues/29646#issuecomment-300474598
+RUN Remove-Item -Path $env:ProgramFiles/WindowsPowerShell/Modules/PSReadLine" -Recurse -Force
+
 ADD . C:/Provision/ISHBootstrap/Source
 ADD https://github.com/Microsoft/iis-docker/blob/master/windowsservercore/ServiceMonitor.exe?raw=true /Provision/ServiceMonitor.exe
 

Source/Invoke-DockerBuild.ps1

@@ -1,5 +1,3 @@
-#requires -runasadministrator
-
 param(
     [Parameter(Mandatory=$true,ParameterSetName="WindowsServerCore")]
     [Parameter(Mandatory=$true,ParameterSetName="MSSQLExpress")]
@@ -72,11 +70,11 @@ else
 
 if($isWindowsClient)
 {
-    $memory="2GB"
+    $memory="4GB"
     Write-Warning "Client operating system detected. Container will run with Hyper-V isolation. Increasing the memory size to $memory"
     $dockerArgs+=@(
         "-m"
-        "2GB"
+        $memory
     )
 }