add container prestart script

Dockerfiles/Dockerfile_frontend

@@ -7,15 +7,25 @@ COPY Dockerfiles/frontend_build.env /home/node/app/.env
 RUN npm install
 RUN npm run build
 
+FROM golang:bookworm as gobuilder
+
+WORKDIR /usr/src/app
+COPY Dockerfiles/prestart.go ./main.go
+COPY Dockerfiles/go.mod ./
+
+RUN go  build -v -o /usr/src/app/prestart
+
 FROM registry.access.redhat.com/ubi9/nginx-120
 USER 0
 RUN dnf update -y
 RUN chown -R 1001 /var/log/nginx
 ADD Dockerfiles/nginx.conf "${NGINX_DEFAULT_CONF_PATH}"
 COPY --from=builder /home/node/app/dist /opt/app-root/src
+COPY --from=gobuilder /usr/src/app/prestart /bin/prestart
+
 RUN chgrp -R 0 /opt/app-root/src/ && chmod -R g+rwX /opt/app-root/src/
 USER 1001
-CMD sed -i "s@replaceobpapihost@$VITE_OBP_API_HOST@g" /home/app/dist/index*.js ; nginx -g "daemon off;"
+CMD /bin/prestart ; nginx -g "daemon off;"
 
 
 

Dockerfiles/frontend_build.env

@@ -1,4 +1,4 @@
-VITE_OBP_API_HOST=replaceobpapihost
-VITE_OBP_API_MANAGER_HOST=replaceobpapimanagerhost
+VITE_OBP_API_HOST=VITE_OBP_API_HOST
+VITE_OBP_API_MANAGER_HOST=VITE_OBP_API_MANAGER_HOST
 VITE_OBP_API_VERSION=v5.1.0
 

Dockerfiles/go.mod

@@ -0,0 +1,3 @@
+module GoHelpers
+
+go 1.21

Dockerfiles/prestart.go

@@ -0,0 +1,76 @@
+package main
+
+import (
+	"log"
+	"net/url"
+	"os"
+	"path/filepath"
+	"regexp"
+	"strings"
+)
+
+func main() {
+	config := []string{"VITE_OBP_API_HOST", "VITE_OBP_API_MANAGER_HOST"}
+	configMap := make(map[string]string)
+
+	for _, key := range config {
+		rawURL := os.Getenv(key)
+		if rawURL == "" {
+			continue
+		}
+		cleanURL := checkURL(rawURL)
+		configMap[key] = cleanURL
+	}
+
+	dir := "/opt/app-root/src/assets"
+	pattern := "index-.*\\.js$"
+
+	re, err := regexp.Compile(pattern)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	files, err := os.ReadDir(dir)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	for _, file := range files {
+		if re.MatchString(file.Name()) {
+			filePath := filepath.Join(dir, file.Name())
+			content, err := os.ReadFile(filePath)
+			if err != nil {
+				panic(err)
+			}
+			modifiedContent := string(content)
+			for old, new := range configMap {
+				modifiedContent = strings.Replace(modifiedContent, old, new, -1)
+			}
+			err = os.WriteFile(filePath, []byte(modifiedContent), 0644)
+			if err != nil {
+				panic(err)
+			}
+		}
+	}
+
+}
+
+func checkURL(rawURL string) string {
+
+	parsedURL, err := url.Parse(rawURL)
+	if err != nil {
+		log.Fatal(err)
+	}
+
+	validURL := regexp.MustCompile(`^https?:\/\/[^\s/$.?#].[^\s]*$`)
+	if !validURL.MatchString(rawURL) {
+		log.Fatal("Invalid URL or potential code injection detected")
+	}
+
+	cleanURL := &url.URL{
+		Scheme: parsedURL.Scheme,
+		Host:   parsedURL.Host,
+		Path:   parsedURL.Path,
+	}
+	return cleanURL.String()
+}