ATLAS-5219: Docker setup update to keep containers immutable

[kumaab]

What changes were proposed in this pull request?

• Appropriate atlas-application.properties is mounted read-only according to ${ATLAS_BACKEND}
• users-credentials.properties is mounted read-only
• Significant reduction in atlas image size
• Postgres initialization is done via a separate container atlas-db-init driven from docker compose file: dev-support/atlas-docker/docker-compose.atlas-postgres.yml, thereafter Dockerfile.atlas-db is no longer required - postgres image is pulled directly.
• Updated the README with instructions

How was this patch tested?

docker compose -f docker-compose.atlas-base.yml build

export ATLAS_BACKEND=postgres
docker compose -f docker-compose.atlas.yml -f docker-compose.atlas-postgres.yml up -d --wait

• All containers come up
• atlas-db-init comes up and sets up the database and quits thereafter
• Atlas UI is working, no errors seen in /var/log/atlas/application.log

[kumaab]

Build successful: https://github.com/kumaab/atlas/actions/runs/26692464938/job/78671216653

[Copilot]

Pull request overview

Updates the dev-support Docker setup to keep the Atlas container immutable by externalizing configuration/credentials as read-only mounts and moving Postgres initialization into a dedicated one-shot init service.

Changes:

• Mount atlas-application.properties (backend-specific) and users-credentials.properties read-only into the Atlas container; simplify atlas.sh to validate prerequisites rather than mutating the image at runtime.
• Reduce Atlas image size and enforce an expanded webapp by extracting atlas.war during the image build.
• Replace the custom Postgres image flow with the upstream postgres:13.21 image and a new atlas-db-init one-shot initializer driven by docker-compose.atlas-postgres.yml.

Reviewed changes

Copilot reviewed 10 out of 10 changed files in this pull request and generated 5 comments.

Show a summary per file

File	Description
dev-support/atlas-docker/scripts/atlas.sh	Removes first-run mutation logic; validates mounted config/credentials and expanded webapp before starting Atlas.
dev-support/atlas-docker/README.md	Updates docker-compose instructions and documents the new Postgres overlay/init flow.
dev-support/atlas-docker/Dockerfile.atlas	Extracts atlas.war at build time and removes the WAR to support immutable runtime behavior and reduce size.
dev-support/atlas-docker/docker-compose.atlas.yml	Adds read-only mounts for backend-specific config and user credentials into /opt/atlas/conf.
dev-support/atlas-docker/docker-compose.atlas-postgres.yml	Introduces atlas-db-init one-shot init container to create roles/db/schema before Atlas starts.
dev-support/atlas-docker/docker-compose.atlas-common.yml	Switches atlas-db to upstream postgres:13.21 and sets required env.
dev-support/atlas-docker/config/init_postgres.sh	Reworks Postgres init to be idempotent and parameterized for use from the init container.
dev-support/atlas-docker/config/atlas/users-credentials.properties	Adds a static file-auth credentials file for the dev docker setup.
dev-support/atlas-docker/config/atlas/postgres/atlas-application.properties	Adds a Postgres-backed Atlas configuration suitable for docker-compose deployment.
dev-support/atlas-docker/config/atlas/hbase/atlas-application.properties	Adds an HBase-backed Atlas configuration suitable for docker-compose deployment.

Comments suppressed due to low confidence (1)

dev-support/atlas-docker/config/atlas/users-credentials.properties:19

• This file includes the plaintext password in a comment. Even for dev-support assets, committing plaintext credentials makes it easier to accidentally reuse them elsewhere. Consider removing the password comment (the README already documents the default login) and keep only the hash.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.