Replace php docker image with one from TCM

ArmaForces · Aug 6, 2023 · a3c7119 · a3c7119
1 parent 479f833
commit a3c7119
Show file tree

Hide file tree

Showing 13 changed files with 103 additions and 206 deletions.
diff --git a/.docker/Dockerfile b/.docker/Dockerfile
@@ -1,148 +1,118 @@
-# the different stages of this Dockerfile are meant to be built into separate images
-# https://docs.docker.com/compose/compose-file/#target
-
-ARG PHP_VERSION=8.0
 ARG NGINX_VERSION=1.17
 
-# Build assets in disposable node image
-FROM node:11-alpine as armaforces_web_assets
-
-WORKDIR /tmp/app_build
-
-COPY package.json package-lock.json webpack.config.js ./
-RUN npm install
-
-WORKDIR /tmp/app_build/assets/
-
-COPY assets ./
-RUN npm run build:ci
-
+# -----------------------------------------------------------------------------
+# PHP - Commonm
+# -----------------------------------------------------------------------------
 
 # Build PHP application image
-FROM php:${PHP_VERSION}-fpm-alpine AS armaforces_web_php
-
-RUN apk add --no-cache \
-        acl \
-        fcgi \
-        file \
-        gettext \
-        git \
-    ;
-
-ARG APCU_VERSION=5.1.18
-RUN set -eux; \
-    apk add --no-cache --virtual .build-deps \
-        $PHPIZE_DEPS \
-        icu-dev \
-        libzip-dev \
-        zlib-dev \
-    ; \
-    \
-    docker-php-ext-configure zip; \
-    docker-php-ext-install -j$(nproc) \
-        intl \
-        zip \
-        pdo_mysql \
-    ; \
-    pecl install \
-        apcu-${APCU_VERSION} \
-    ; \
-    pecl clear-cache; \
-    docker-php-ext-enable \
-        apcu \
-        opcache \
-    ; \
-    \
-    runDeps="$( \
-        scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
-            | tr ',' '\n' \
-            | sort -u \
-            | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
-    )"; \
-    apk add --no-cache --virtual .api-phpexts-rundeps $runDeps; \
-    \
-    apk del .build-deps \
-;
-
-COPY --from=composer/composer:2-bin /composer /usr/bin/composer
-RUN ln -s $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
-COPY .docker/php/conf.d/armaforces-web.ini $PHP_INI_DIR/conf.d/armaforces-web.ini
+FROM thecodingmachine/php:8.1-v4-fpm-node12 AS armaforces_web_php
 
-# https://getcomposer.org/doc/03-cli.md#composer-allow-superuser
-ENV COMPOSER_ALLOW_SUPERUSER=1
-ENV PATH="${PATH}:/root/.composer/vendor/bin"
+# PHP Extensions
+ENV \
+    PHP_EXTENSION_INTL=1
 
-WORKDIR /www/app
+# PHP ini configuration
+# https://github.com/dunglas/symfony-docker/blob/380dc902595e0575c07f68f84e3266745e8f8100/docker/php/conf.d/symfony.prod.ini
+ENV \
+    PHP_INI_MEMORY_LIMIT=256M \
+    PHP_INI_APC__ENABLE_CLI=1 \
+    PHP_INI_DATE__TIMEZONE=Europe/Warsaw \
+    PHP_INI_SESSION__AUTO_START=Off \
+    PHP_INI_SHORT_OPEN_TAG=Off \
+    PHP_INI_EXPOSE_PHP=Off
 
-# build for production
-ARG APP_ENV=prod
+USER root
 
-# prevent the reinstallation of vendors at every changes in the source code
-COPY composer.json composer.lock symfony.lock .env ./
-RUN set -eux; \
-    composer install --prefer-dist --no-dev --no-scripts --no-progress --no-suggest; \
-    composer clear-cache
+WORKDIR /application
 
-# copy only specifically what we need
 COPY bin bin/
 COPY config config/
 COPY migrations migrations/
 COPY public public/
 COPY src src/
 COPY templates templates/
 COPY translations translations/
+COPY composer.json composer.lock symfony.lock .env ./
 
-RUN set -eux; \
-    mkdir -p var/cache var/log; \
-    composer dump-autoload --classmap-authoritative --no-dev; \
-    composer run-script --no-dev post-install-cmd; \
-    chmod +x bin/console; sync
-VOLUME /www/app/var
+COPY assets assets/
+COPY package.json package-lock.json webpack.config.js ./
 
-# copy assets manifests
-COPY --from=armaforces_web_assets /tmp/app_build/public/build/ public/build/
+RUN mkdir -p var/cache var/log
 
-COPY .docker/php/docker-entrypoint.sh /usr/local/bin/docker-entrypoint
-RUN chmod +x /usr/local/bin/docker-entrypoint
+RUN chown docker:docker -R /application
+RUN chmod +x bin/console
 
-# .env is copied again as COPY needs to copy at least one file
-COPY .env VERSIO[N] ./
+USER docker
 
-ENTRYPOINT ["docker-entrypoint"]
-CMD ["php-fpm"]
 
+# -----------------------------------------------------------------------------
+# PHP - Prod
+# -----------------------------------------------------------------------------
+FROM armaforces_web_php AS armaforces_web_php_prod
 
-FROM nginx:${NGINX_VERSION}-alpine AS armaforces_web_nginx
+USER root
 
-COPY .docker/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.template
+ENV \
+    TEMPLATE_PHP_INI=production \
+    \
+    PHP_INI_OPCACHE__INTERNED_STRINGS_BUFFER=16 \
+    PHP_INI_OPCACHE__MAX_ACCELERATED_FILES=20000 \
+    PHP_INI_OPCACHE__MEMORY_CONSUMPTION=256 \
+    PHP_INI_OPCACHE__VALIDATE_TIMESTAMPS=0 \
+    PHP_INI_REALPATH_CACHE_SIZE=4096K \
+    PHP_INI_REALPATH_CACHE_TTL=600 \
+    PHP_INI_OPCACHE__PRELOAD_USER=www-data \
+    PHP_INI_OPCACHE__PRELOAD=/application/config/preload.php
 
-WORKDIR /www/app
+COPY .docker/php/startup.sh /etc/container/startup.sh
+RUN chmod +x /etc/container/startup.sh
 
-COPY --from=armaforces_web_php /www/app/public public/
+USER docker
 
-COPY .docker/nginx/docker-entrypoint.sh /usr/local/bin/docker-entrypoint
-RUN chmod +x /usr/local/bin/docker-entrypoint
+RUN composer install --no-dev --no-progress --no-interaction --classmap-authoritative
+RUN composer dump-env prod
 
-ENTRYPOINT ["docker-entrypoint"]
-CMD ["nginx", "-g", "daemon off;"]
+RUN npm install
+RUN npm run build
 
 
+# -----------------------------------------------------------------------------
+# PHP - Dev
+# -----------------------------------------------------------------------------
 FROM armaforces_web_php AS armaforces_web_php_dev
 
-ARG XDEBUG_VERSION=3.1.1
-RUN set -eux; \
-    apk add --no-cache --virtual .build-deps $PHPIZE_DEPS; \
-    pecl install xdebug-$XDEBUG_VERSION; \
-    docker-php-ext-enable xdebug; \
-    apk del .build-deps
+USER root
+
+ENV \
+    PHP_EXTENSION_XDEBUG=1 \
+    PHP_INI_XDEBUG__MODE=debug,coverage \
+    PHP_INI_XDEBUG__CLIENT_HOST=host.docker.internal \
+    PHP_INI_XDEBUG__CLIENT_PORT=9003 \
+    PHP_INI_XDEBUG__START_WITH_REQUEST=yes \
+    PHP_INI_XDEBUG__IDEKEY=armaforces-web \
+    PHP_INI_XDEBUG__LOG_LEVEL=0
 
-RUN apk add --no-cache \
-        nodejs \
-        npm
+USER docker
 
-ENV XDEBUG_INI_PATH=$PHP_INI_DIR/conf.d/docker-php-ext-xdebug.ini
-COPY .docker/php/conf.d/docker-php-ext-xdebug.ini $XDEBUG_INI_PATH
+RUN composer install --no-progress --no-interaction --classmap-authoritative
 
-COPY .docker/php/scripts/xon.sh /usr/bin/xon
-COPY .docker/php/scripts/xoff.sh /usr/bin/xoff
-RUN chmod +x /usr/bin/xon /usr/bin/xoff
+RUN npm install
+RUN npm run build:ci
+
+
+# -----------------------------------------------------------------------------
+# NGINX
+# -----------------------------------------------------------------------------
+FROM nginx:${NGINX_VERSION}-alpine AS armaforces_web_nginx
+
+COPY .docker/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.template
+
+WORKDIR /application
+
+COPY --from=armaforces_web_php /application/public public/
+
+COPY .docker/nginx/docker-entrypoint.sh /usr/local/bin/docker-entrypoint
+RUN chmod +x /usr/local/bin/docker-entrypoint
+
+ENTRYPOINT ["docker-entrypoint"]
+CMD ["nginx", "-g", "daemon off;"]
diff --git a/.docker/nginx/conf.d/default.conf b/.docker/nginx/conf.d/default.conf
@@ -1,5 +1,5 @@
 server {
-    root /www/app/public;
+    root /application/public;
 
     client_max_body_size 8M;
 

diff --git a/.docker/php/conf.d/armaforces-web.ini b/.docker/php/conf.d/armaforces-web.ini
diff --git a/.docker/php/conf.d/docker-php-ext-xdebug.ini b/.docker/php/conf.d/docker-php-ext-xdebug.ini
diff --git a/.docker/php/docker-entrypoint.sh b/.docker/php/docker-entrypoint.sh
diff --git a/.docker/php/scripts/xoff.sh b/.docker/php/scripts/xoff.sh
diff --git a/.docker/php/scripts/xon.sh b/.docker/php/scripts/xon.sh
diff --git a/.docker/php/startup.sh b/.docker/php/startup.sh
@@ -0,0 +1,5 @@
+#!/bin/bash
+
+set -e
+
+bin/console doctrine:migrations:migrate --no-interaction --allow-no-migration
diff --git a/.env b/.env
@@ -9,6 +9,7 @@
 # Real environment variables win over .env files.
 #
 # DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
+# https://symfony.com/doc/current/configuration/secrets.html
 #
 # Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
 # https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
@@ -44,7 +45,7 @@ DATABASE_URL=mysql://root@mysql:3306/af_website?serverVersion=5.7
 ###< doctrine/doctrine-bundle ###
 
 ###> symfony/mailer ###
-# MAILER_DSN=smtp://localhost
+# MAILER_DSN=null://null
 ###< symfony/mailer ###
 
 ###> nelmio/cors-bundle ###

diff --git a/.github/workflows/application.yml b/.github/workflows/application.yml
@@ -21,7 +21,6 @@ jobs:
             -   name: Pull app image
                 run: |
                     echo ${{ secrets.GITHUB_TOKEN }} | docker login -u ${{ github.actor }} --password-stdin docker.pkg.github.com
-                    docker pull docker.pkg.github.com/${REPO_LOWERCASE}/app_assets:dev
                     docker pull docker.pkg.github.com/${REPO_LOWERCASE}/app_php:dev
 
             -   name: Start stack
@@ -60,27 +59,16 @@ jobs:
             -   name: Create VERSION
                 run: echo $GITHUB_SHA > VERSION
 
-            -   name: Build Assets
-                if: github.ref == 'refs/heads/dev'
-                run: docker build -t docker.pkg.github.com/${REPO_LOWERCASE}/app_assets:${IMAGE_TAG}
-                    --target armaforces_web_assets -f .docker/Dockerfile .
-
             -   name: Build PHP
                 if: success()
                 run: docker build -t docker.pkg.github.com/${REPO_LOWERCASE}/app_php:${IMAGE_TAG}
-                    --target armaforces_web_php -f .docker/Dockerfile .
+                    --target armaforces_web_php_prod -f .docker/Dockerfile .
 
             -   name: Build Nginx
                 if: success()
                 run: docker build -t docker.pkg.github.com/${REPO_LOWERCASE}/app_nginx:${IMAGE_TAG}
                     --target armaforces_web_nginx -f .docker/Dockerfile .
 
-            -   name: Push Assets
-                if: github.ref == 'refs/heads/dev'
-                uses: actions-hub/docker@master
-                with:
-                    args: push docker.pkg.github.com/${REPO_LOWERCASE}/app_assets:${IMAGE_TAG}
-
             -   name: Push PHP
                 if: success()
                 uses: actions-hub/docker@master

diff --git a/docker-compose.override.yml b/docker-compose.override.yml
@@ -6,18 +6,15 @@ services:
         build:
             target: armaforces_web_php_dev
         volumes:
-            - './:/www/app:rw'
-            - './var/import:/www/app/var/import:ro'
-            - './var/cache:/www/app/var/cache:rw'
-            - './var/log:/www/app/var/log:rw'
+            - './:/application:rw'
         environment:
             PHP_IDE_CONFIG: serverName=armaforces-web
         extra_hosts:
             - "host.docker.internal:host-gateway"
 
     nginx:
         volumes:
-            - './public:/www/app/public:ro'
+            - './public:/application/public:ro'
 
     mysql:
         image: mysql:5.7