@stephen-dexda pointed out in #341 that our update in #330 changed
the `chown` operation to apply to the entire `/data` directory,
rather than just `/data/packages`. For anyone who was previously
relying on a workflow like mounting a read-only secrets directory
into `/data` to host authentication information, this broke their
workflow.
This fix sets `entrypoint.sh` to only `chown` `/data/packages`, which
should ensure that the permissions issues resolved by #330 (e.g. #309)
remain fixed, while also fixing the issue in #341.
Resolves#264
Generally, pip doesn't need to be available for `pypiserver` to work
correctly, but the `-U` command to update packages requires it to be
importable. This ensures the `pip` module will be available in the final
image.
Thanks for your PR! I was wondering why everyone kept complaining about
`bcrypt`, when my local tests were succeeding just fine, so I spent
some time making the docker test script replicate the error.
Turns out the `.htpasswd` files I was generating were using md5, so they
were not triggering the error. The htpasswd file in this update does
use bcrypt encryption, so it triggers a 500 error on the previous
version of the Dockerfile.
I also updated the test to be a bit more thorough, validating an
authenticated upload in addition to just making sure the server is
running.
The only other change I made was to move `requirements.txt` into a more
specific `docker-requirements.txt` file, just to make it clear that its
intention is to be a part of the docker build and not the normal install
process.
