Skip to content

Review apps: make apps' root filesystems readonly#1439

Merged
AP-Hunt merged 3 commits intomainfrom
review_apps_root_fs_ro
May 28, 2025
Merged

Review apps: make apps' root filesystems readonly#1439
AP-Hunt merged 3 commits intomainfrom
review_apps_root_fs_ro

Conversation

@AP-Hunt
Copy link
Member

@AP-Hunt AP-Hunt commented May 27, 2025

What problem does this pull request solve?

In production they will have readonly root filesystems. Making them readonly in review will allow us to catch places where that causes a problem earlier on.

Things to consider when reviewing

  • Ensure that you consider the wider context.
  • Does it work when run on your machine?
  • Is it clear what the code is doing?
  • Do the commit messages explain why the changes were made?
  • Are there all the unit tests needed?
  • Do the end to end tests need updating before these changes will pass?
  • Has all relevant documentation been updated?

AP-Hunt added 3 commits May 28, 2025 09:58
@AP-Hunt
Review apps: make apps' root filesystems readonly
4cea806 
In production they will have readonly root filesystems. Making them readonly in
review will allow us to catch places where that causes a problem earlier on.
@AP-Hunt
Review apps: seed forms-runner using 3 separate Rake tasks instead of…
7d943ce 
… one

In production we run "db:migrate" on its own, and it has some specific
file-writing behaviours that "db:setup" doesn't.
@AP-Hunt
Make "db/" into a volume inside the Docker container
0bff082 
AWS ECS docs [1] say that a file that exists in a directory that is subsequently marked as a volume will be copied to the host and remounted into the container.

This is necessary for us to do with the "db/" directory because the
"db:migrate" Rake task writes to "db/schema.rb"

[1] https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bind-mounts.html
@AP-Hunt AP-Hunt force-pushed the review_apps_root_fs_ro branch from 3fa69e0 to 0bff082 Compare May 28, 2025 08:58
@sonarqubecloud
Copy link

sonarqubecloud bot commented May 28, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@github-actions
Copy link
Contributor

github-actions bot commented May 28, 2025

🎉 A review copy of this PR has been deployed! It is made of up two components

  1. A review copy of forms-runner
  2. A production copy of forms-admin

Important

Not all of the functionality of forms-runner is present in review apps.
Functionality such as sending emails, file upload, and S3 submission types are
deliberately disabled for the sake of simplifying review apps.

You should use the full dev environment to test the functionality which is disabled here.

It may take 5 minutes or so for the application to be fully deployed and working. If it still isn't ready
after 5 minutes, there may be something wrong with the ECS task. You will need to go to the integration AWS account
to debug, or otherwise ask an infrastructure person.

For the sign in details and more information, see the review apps wiki page.

sarahseewhy
sarahseewhy approved these changes May 28, 2025
View reviewed changes
Copy link
Contributor

@sarahseewhy sarahseewhy left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you 🪄

@AP-Hunt AP-Hunt merged commit 2e8a5c0 into main May 28, 2025
7 checks passed
@AP-Hunt AP-Hunt deleted the review_apps_root_fs_ro branch May 28, 2025 09:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sarahseewhy sarahseewhy sarahseewhy approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@AP-Hunt @sarahseewhy