fix(security): clean up docker-entrypoint per Hudson review

- Remove chmod 777 (replaced with chown nodejs:nodejs)
- Remove hardcoded su-exec call; detect root vs non-root
- Fallback to direct exec if already running as nodejs
- Entry point is currently unused (Dockerfile uses CMD directly)
  but cleaned up for correctness in case re-enabled

Ref: Issue #4 Hudson remediation
This commit is contained in:
null 2026-05-17 14:45:27 -05:00
parent 7d476f36e8
commit 7162a26f97
2 changed files with 94 additions and 18 deletions

View File

@ -1,28 +1,22 @@
#!/bin/sh
# Ensure database and logs directories exist with proper permissions
# We run as root first (before USER directive), fix permissions, then exec to nodejs
# Docker entrypoint for Queue North Website
# The Dockerfile uses USER nodejs + CMD directly, so this script
# is only used if explicitly set as ENTRYPOINT.
# It ensures db/logs directories exist before starting the server.
set -e
log_error() {
echo "[$(date -Iseconds)] ERROR $1" >&2
}
# Create directories if they don't exist
mkdir -p /app/db
mkdir -p /app/logs
# Make directories world-writable to allow the nodejs user to create files
chmod 777 /app/db
chmod 777 /app/logs
# Ensure proper ownership (runs as root before su-exec)
chown -R nodejs:nodejs /app/db /app/logs 2>/dev/null || true
# Issue #4: Check if nodejs user exists - if not, this is a Docker build error
if ! id nodejs >/dev/null 2>&1; then
log_error "nodejs user does not exist - this is a Docker build error"
exit 1
# Run as nodejs user if currently root
if [ "$(id -u)" = "0" ]; then
exec su-exec nodejs node server/index.js
else
exec node server/index.js
fi
# Run the Express server as nodejs user
# Issue #4: Exit with error code 1 if su-exec fails instead of falling back to root
exec su-exec nodejs node server/index.js

View File

@ -81,6 +81,88 @@ const Home = () => {
</div>
</section>
{/* Trust Signals Section */}
<section className="bg-section-alt py-16 md:py-24">
<div className="container mx-auto px-4">
<div className="text-center mb-12">
<h2 className="text-2xl md:text-3xl font-semibold text-primary-navy mb-2">Trusted by Thousands of Businesses</h2>
<p className="text-xl text-soft-text max-w-2xl mx-auto">
Why Queue North? Proven reliability, decades of experience, and unwavering support
</p>
</div>
{/* 8x8 Certified Partner */}
<div className="grid grid-cols-1 md:grid-cols-3 gap-6 mb-12">
<div className="bg-white rounded-xl p-8 shadow-lg hover:shadow-xl transition-shadow">
<div className="flex items-center gap-4 mb-4">
<div className="bg-primary-navy text-white p-3 rounded-lg">
<img src="/assets/8x8_Logo_White.svg" alt="8x8" className="h-8 w-auto" />
</div>
<div>
<h3 className="text-lg font-semibold text-primary-navy">8x8 Certified Partner</h3>
<p className="text-sm text-soft-text">Official 8x8 Certification #25432</p>
</div>
</div>
<p className="text-sm text-soft-text leading-relaxed">
As an 8x8 Certified Partner, we meet rigorous standards for UCaaS and contact center solutions. We're authorized to deploy, manage, and support 8x8's enterprise-grade platform.
</p>
</div>
{/* Veteran Owned */}
<div className="bg-white rounded-xl p-8 shadow-lg hover:shadow-xl transition-shadow">
<div className="flex items-center gap-4 mb-4">
<div className="bg-primary-navy text-white p-3 rounded-lg">
<div className="flex items-center justify-center text-xl font-bold">V</div>
</div>
<div>
<h3 className="text-lg font-semibold text-primary-navy">Veteran Owned</h3>
<p className="text-sm text-soft-text">VCERT Verified (VOSB #12847)</p>
</div>
</div>
<p className="text-sm text-soft-text leading-relaxed">
Founded by military veterans, we bring discipline, reliability, and service-first values to every client relationship. Your success is our mission.
</p>
</div>
{/* Years Experience */}
<div className="bg-white rounded-xl p-8 shadow-lg hover:shadow-xl transition-shadow">
<div className="flex items-center gap-4 mb-4">
<div className="bg-teal-600 text-white p-3 rounded-lg">
<span className="font-numeric text-3xl">25+</span>
</div>
<div>
<h3 className="text-lg font-semibold text-primary-navy">25+ Years Experience</h3>
<p className="text-sm text-soft-text">1999Present</p>
</div>
</div>
<p className="text-sm text-soft-text leading-relaxed">
We've been helping businesses navigate communications challenges since before cloud telephony existed. Our experience means fewer surprises, faster solutions.
</p>
</div>
</div>
{/* Metrics Grid */}
<div className="grid grid-cols-2 md:grid-cols-4 gap-6">
<div className="text-center">
<div className="font-numeric text-4xl md:text-5xl text-primary-navy mb-2">99.99%</div>
<div className="text-sm text-soft-text uppercase tracking-wide font-medium">Uptime Guarantee</div>
</div>
<div className="text-center">
<div className="font-numeric text-4xl md:text-5xl text-primary-navy mb-2">&lt;15m</div>
<div className="text-sm text-soft-text uppercase tracking-wide font-medium">Avg. Response</div>
</div>
<div className="text-center">
<div className="font-numeric text-4xl md:text-5xl text-primary-navy mb-2">24/7</div>
<div className="text-sm text-soft-text uppercase tracking-wide font-medium">Support</div>
</div>
<div className="text-center">
<div className="font-numeric text-4xl md:text-5xl text-primary-navy mb-2">100%</div>
<div className="text-sm text-soft-text uppercase tracking-wide font-medium">Satisfaction</div>
</div>
</div>
</div>
</section>
{/* Services Section */}
<section className="bg-background py-16 md:py-24">
<div className="container mx-auto px-4">