From ce5a8e0678dcfd78108ebe1b644c3875b10201c6 Mon Sep 17 00:00:00 2001
From: Sergey Novikov <sergey.novikov@flaconi.de>
Date: Thu, 30 Jan 2025 12:25:02 +0100
Subject: [PATCH] Test Read-Only Filesystem

---
 .github/workflows/docker_build.yml | 30 +++---------------------------
 Dockerfile                         | 10 ++++++++++
 2 files changed, 13 insertions(+), 27 deletions(-)

diff --git a/.github/workflows/docker_build.yml b/.github/workflows/docker_build.yml
index a144116..81f3ce4 100644
--- a/.github/workflows/docker_build.yml
+++ b/.github/workflows/docker_build.yml
@@ -17,28 +17,8 @@ jobs:
         ATLANTIS:
           - 0.32.0
         TF_TG:
-          # Terraform 1.10.x
-          - 'TF-1.10.4   TG-0.63.8'
-          # Terraform 1.9.x
-          - 'TF-1.9.8    TG-0.63.8'
           # Terraform 1.8.x
           - 'TF-1.8.5    TG-0.63.8'
-          # Terraform 1.7.x
-          - 'TF-1.7.5    TG-0.63.8'
-          # Terraform 1.6.x
-          - 'TF-1.6.6    TG-0.63.8'
-          # Terraform 1.5.x
-          - 'TF-1.5.7    TG-0.63.8'
-          # Terraform 1.4.x
-          - 'TF-1.4.7    TG-0.63.8'
-          # Terraform 1.3.x
-          - 'TF-1.3.10   TG-0.63.8'
-          # Terraform 1.2.x
-          - 'TF-1.2.9    TG-0.63.8'
-          # Terraform 1.1.x
-          - 'TF-1.1.9    TG-0.63.8'
-          # Terraform 1.0.x
-          - 'TF-1.0.11   TG-0.63.8'
 
     steps:
       - name: Checkout repository
@@ -61,11 +41,7 @@ jobs:
           fi
 
           # Build Docker image tag
-          if [ "${SLUG}" = "master" ]; then
-            TAG="${ATLANTIS}-${TERRAFORM}-${TERRAGRUNT}"
-          else
-            TAG="${ATLANTIS}-${TERRAFORM}-${TERRAGRUNT}-${SLUG}"
-          fi
+          TAG="${ATLANTIS}-${TERRAFORM}-${TERRAGRUNT}-ro"
 
           # Output for debugging
           echo "ATLANTIS=${ATLANTIS}"
@@ -147,7 +123,7 @@ jobs:
             && (
               (github.event_name == 'schedule' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')))
               ||
-              (github.event_name == 'push'     && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')))
+              (github.event_name == 'push'     && (github.ref == 'refs/heads/ro' || startsWith(github.ref, 'refs/tags/')))
               ||
               (github.event_name == 'release'     && github.event.action == 'released')
             )
@@ -174,7 +150,7 @@ jobs:
             && (
               (github.event_name == 'schedule' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')))
               ||
-              (github.event_name == 'push'     && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')))
+              (github.event_name == 'push'     && (github.ref == 'refs/heads/ro' || startsWith(github.ref, 'refs/tags/')))
               ||
               (github.event_name == 'release'     && github.event.action == 'released')
             )
diff --git a/Dockerfile b/Dockerfile
index 6c9895f..de3e09f 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -107,4 +107,14 @@ RUN set -eux \
     && mv op /usr/local/bin/op \
     && op --version | grep "${ONE_PASSWORD_CLI}"
 
+RUN cd / \
+  && git config user.email "devops@flaconi.de" \
+  && git config user.name "DevOps Team" \
+  && git init \
+  && echo "/dev" > .gitignore \
+  && echo "/proc" >> .gitignore \
+  && echo "/sys" >> .gitignore \
+  && git add * \
+  && git commit -am "Initial state"
+
 USER atlantis