make first_time.rb init script safe to run multiple times

[schrnz]

Bug/Feature Request

The file first_time.rb is used for first time setup like creating the first (administrator) user or importing issue templates.

For the above mentioned cases, the scripts actually checks if this has been done before and skips the corresponding init code accordingly. However, for creating a self-signed certificate and copying over the default config, no such checks exist.

From a design perspective, this is a bug b/c half of the measures are safe to redo and the other half is not. One could argue that a one time init scripts does not have to be save, but why have the checks for half of the code then?

Of course this is only important in cases where we invoke the script multiple times, so let me give you the use case where I encountered this problem: docker

Why this is interesting for using Serpico with docker

In my understanding of docker and best practices, we should not have the initialization of data at build time (possible problems with volumes or folder mounts and data loss) but at runtime, hence it must be placed somehow in the CMD or ENTRYPOINT. In this case, it is executed everytime a container is (re)started and therefore a safe init command would solve the problem. This can also be solved by implementing a script wrapper that does those checks, but why then not directly implementing it where it belongs? In addition, just requiring a user to execute it once by hand seems to be not docker'ish, b/c then it does not work out of the box.

I would assume the required changes are minimal, but I am new to Serpico so this is just an estimation. Maybe there are hidden dependencies =)

[BuffaloWill]

Thanks @schrnz. The easiest solution and one that will not impact our build process would be to add user confirmation for the unsafe modifications in first_time.rb. This would be:

• Verify before overwriting cert data
• Verify before overwriting configuration data

Also, if you have a working configuration for Docker or more efficient design recommendations, we are looking for help on this #388.

[schrnz]

Thanks for the quick reply. As I am working on a docker environment anyway, I will happily share the results.
Concerning user confirmation: this might again be a bit inconvenient for automation. Is there any reason why we could not simply implement checks for cert and json config as for the other already safe parts? I am talking about very simple checks that just probe whether certain files exist. I could create a PR "soonish"...