Replace php docker image with one from TCM

.docker/Dockerfile

@@ -1,117 +1,106 @@
-# the different stages of this Dockerfile are meant to be built into separate images
-# https://docs.docker.com/compose/compose-file/#target
-
-ARG PHP_VERSION=8.0
 ARG NGINX_VERSION=1.17
 
-# Build assets in disposable node image
-FROM node:11-alpine as armaforces_web_assets
-
-WORKDIR /tmp/app_build
-
-COPY package.json package-lock.json webpack.config.js ./
-RUN npm install
-
-WORKDIR /tmp/app_build/assets/
-
-COPY assets ./
-RUN npm run build:ci
-
+# -----------------------------------------------------------------------------
+# PHP - Common
+# -----------------------------------------------------------------------------
 
 # Build PHP application image
-FROM php:${PHP_VERSION}-fpm-alpine AS armaforces_web_php
+FROM thecodingmachine/php:8.1-v4-fpm-node12 AS armaforces_web_php
 
-RUN apk add --no-cache \
-        acl \
-        fcgi \
-        file \
-        gettext \
-        git \
-    ;
+USER root
 
-ARG APCU_VERSION=5.1.18
-RUN set -eux; \
-    apk add --no-cache --virtual .build-deps \
-        $PHPIZE_DEPS \
-        icu-dev \
-        libzip-dev \
-        zlib-dev \
-    ; \
-    \
-    docker-php-ext-configure zip; \
-    docker-php-ext-install -j$(nproc) \
-        intl \
-        zip \
-        pdo_mysql \
-    ; \
-    pecl install \
-        apcu-${APCU_VERSION} \
-    ; \
-    pecl clear-cache; \
-    docker-php-ext-enable \
-        apcu \
-        opcache \
-    ; \
-    \
-    runDeps="$( \
-        scanelf --needed --nobanner --format '%n#p' --recursive /usr/local/lib/php/extensions \
-            | tr ',' '\n' \
-            | sort -u \
-            | awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
-    )"; \
-    apk add --no-cache --virtual .api-phpexts-rundeps $runDeps; \
-    \
-    apk del .build-deps \
-;
+# PHP Extensions
+ENV \
+    PHP_EXTENSION_INTL=1
 
-COPY --from=composer/composer:2-bin /composer /usr/bin/composer
-RUN ln -s $PHP_INI_DIR/php.ini-production $PHP_INI_DIR/php.ini
-COPY .docker/php/conf.d/armaforces-web.ini $PHP_INI_DIR/conf.d/armaforces-web.ini
-
-# https://getcomposer.org/doc/03-cli.md#composer-allow-superuser
-ENV COMPOSER_ALLOW_SUPERUSER=1
-ENV PATH="${PATH}:/root/.composer/vendor/bin"
+# PHP ini configuration
+# https://github.com/dunglas/symfony-docker/blob/380dc902595e0575c07f68f84e3266745e8f8100/docker/php/conf.d/symfony.prod.ini
+ENV \
+    PHP_INI_MEMORY_LIMIT=256M \
+    PHP_INI_APC__ENABLE_CLI=1 \
+    PHP_INI_DATE__TIMEZONE=Europe/Warsaw \
+    PHP_INI_SESSION__AUTO_START=Off \
+    PHP_INI_SHORT_OPEN_TAG=Off \
+    PHP_INI_EXPOSE_PHP=Off
 
 WORKDIR /www/app
+RUN mkdir -p var/cache var/log public/build
+RUN chown docker:docker -R /www/app
+USER docker
 
-# build for production
-ARG APP_ENV=prod
+COPY --link package.json package-lock.json ./
+RUN npm install
 
 # prevent the reinstallation of vendors at every changes in the source code
-COPY composer.json composer.lock symfony.lock .env ./
+COPY --link composer.* symfony.* ./
 RUN set -eux; \
-    composer install --prefer-dist --no-dev --no-scripts --no-progress --no-suggest; \
-    composer clear-cache
+	composer install --no-cache --prefer-dist --no-dev --no-autoloader --no-scripts --no-progress
 
-# copy only specifically what we need
-COPY bin bin/
+# copy sources
+COPY --link bin bin/
 COPY config config/
 COPY migrations migrations/
 COPY public public/
 COPY src src/
 COPY templates templates/
 COPY translations translations/
+COPY .env ./
 
-RUN set -eux; \
-    mkdir -p var/cache var/log; \
-    composer dump-autoload --classmap-authoritative --no-dev; \
-    composer run-script --no-dev post-install-cmd; \
-    chmod +x bin/console; sync
-VOLUME /www/app/var
+COPY --link assets assets/
+COPY webpack.config.js ./
 
-# copy assets manifests
-COPY --from=armaforces_web_assets /tmp/app_build/public/build/ public/build/
+USER root
+RUN chmod +x bin/console
+USER docker
 
-COPY .docker/php/docker-entrypoint.sh /usr/local/bin/docker-entrypoint
-RUN chmod +x /usr/local/bin/docker-entrypoint
 
-# .env is copied again as COPY needs to copy at least one file
-COPY .env VERSIO[N] ./
+# -----------------------------------------------------------------------------
+# PHP - Prod
+# -----------------------------------------------------------------------------
+FROM armaforces_web_php AS armaforces_web_php_prod
 
-ENTRYPOINT ["docker-entrypoint"]
-CMD ["php-fpm"]
+ENV \
+    TEMPLATE_PHP_INI=production \
+    \
+    PHP_INI_OPCACHE__INTERNED_STRINGS_BUFFER=16 \
+    PHP_INI_OPCACHE__MAX_ACCELERATED_FILES=20000 \
+    PHP_INI_OPCACHE__MEMORY_CONSUMPTION=256 \
+    PHP_INI_OPCACHE__VALIDATE_TIMESTAMPS=0 \
+    PHP_INI_REALPATH_CACHE_SIZE=4096K \
+    PHP_INI_REALPATH_CACHE_TTL=600 \
+    PHP_INI_OPCACHE__PRELOAD_USER=www-data \
+    PHP_INI_OPCACHE__PRELOAD=/www/app/config/preload.php
+
+COPY --chown=docker:docker .docker/php/startup.sh /etc/container/startup.sh
+RUN chmod +x /etc/container/startup.sh
+
+RUN npm run build
+RUN composer dump-autoload --classmap-authoritative --no-dev; \
+	composer run-script --no-dev post-install-cmd;
+
+# -----------------------------------------------------------------------------
+# PHP - Dev
+# -----------------------------------------------------------------------------
+FROM armaforces_web_php AS armaforces_web_php_dev
 
+ENV \
+    PHP_EXTENSION_XDEBUG=1 \
+    PHP_INI_XDEBUG__MODE=debug,coverage \
+    PHP_INI_XDEBUG__CLIENT_HOST=host.docker.internal \
+    PHP_INI_XDEBUG__CLIENT_PORT=9003 \
+    PHP_INI_XDEBUG__START_WITH_REQUEST=yes \
+    PHP_INI_XDEBUG__IDEKEY=armaforces-web \
+    PHP_INI_XDEBUG__LOG_LEVEL=0
 
+COPY --chown=docker:docker .docker/php/startup.dev.sh /etc/container/startup.sh
+RUN chmod +x /etc/container/startup.sh
+
+COPY tests tests/
+COPY .env.test phpunit.xml.dist .php-cs-fixer.dist.php phpstan.neon.dist ./
+
+# -----------------------------------------------------------------------------
+# NGINX
+# -----------------------------------------------------------------------------
 FROM nginx:${NGINX_VERSION}-alpine AS armaforces_web_nginx
 
 COPY .docker/nginx/conf.d/default.conf /etc/nginx/conf.d/default.conf.template
@@ -125,24 +114,3 @@ RUN chmod +x /usr/local/bin/docker-entrypoint
 
 ENTRYPOINT ["docker-entrypoint"]
 CMD ["nginx", "-g", "daemon off;"]
-
-
-FROM armaforces_web_php AS armaforces_web_php_dev
-
-ARG XDEBUG_VERSION=3.1.1
-RUN set -eux; \
-    apk add --no-cache --virtual .build-deps $PHPIZE_DEPS; \
-    pecl install xdebug-$XDEBUG_VERSION; \
-    docker-php-ext-enable xdebug; \
-    apk del .build-deps
-
-RUN apk add --no-cache \
-        nodejs \
-        npm
-
-ENV XDEBUG_INI_PATH=$PHP_INI_DIR/conf.d/docker-php-ext-xdebug.ini
-COPY .docker/php/conf.d/docker-php-ext-xdebug.ini $XDEBUG_INI_PATH
-
-COPY .docker/php/scripts/xon.sh /usr/bin/xon
-COPY .docker/php/scripts/xoff.sh /usr/bin/xoff
-RUN chmod +x /usr/bin/xon /usr/bin/xoff

.docker/php/startup.dev.sh

@@ -0,0 +1,7 @@
+#!/bin/bash
+
+set -e
+
+composer install --no-cache --prefer-dist --no-scripts --no-progress
+
+npm run dev

.docker/php/startup.sh

@@ -0,0 +1,5 @@
+#!/bin/bash
+
+set -e
+
+bin/console doctrine:migrations:migrate --no-interaction --allow-no-migration

.env

@@ -9,6 +9,7 @@
 # Real environment variables win over .env files.
 #
 # DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
+# https://symfony.com/doc/current/configuration/secrets.html
 #
 # Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
 # https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
@@ -44,7 +45,7 @@ DATABASE_URL=mysql://root@mysql:3306/af_website?serverVersion=5.7
 ###< doctrine/doctrine-bundle ###
 
 ###> symfony/mailer ###
-# MAILER_DSN=smtp://localhost
+# MAILER_DSN=null://null
 ###< symfony/mailer ###
 
 ###> nelmio/cors-bundle ###

.github/workflows/application.yml

@@ -21,7 +21,6 @@ jobs:
             -   name: Pull app image
                 run: |
                     echo ${{ secrets.GITHUB_TOKEN }} | docker login -u ${{ github.actor }} --password-stdin docker.pkg.github.com
-                    docker pull docker.pkg.github.com/${REPO_LOWERCASE}/app_assets:dev
                     docker pull docker.pkg.github.com/${REPO_LOWERCASE}/app_php:dev
 
             -   name: Start stack
@@ -60,27 +59,16 @@ jobs:
             -   name: Create VERSION
                 run: echo $GITHUB_SHA > VERSION
 
-            -   name: Build Assets
-                if: github.ref == 'refs/heads/dev'
-                run: docker build -t docker.pkg.github.com/${REPO_LOWERCASE}/app_assets:${IMAGE_TAG}
-                    --target armaforces_web_assets -f .docker/Dockerfile .
-
             -   name: Build PHP
                 if: success()
                 run: docker build -t docker.pkg.github.com/${REPO_LOWERCASE}/app_php:${IMAGE_TAG}
-                    --target armaforces_web_php -f .docker/Dockerfile .
+                    --target armaforces_web_php_prod -f .docker/Dockerfile .
 
             -   name: Build Nginx
                 if: success()
                 run: docker build -t docker.pkg.github.com/${REPO_LOWERCASE}/app_nginx:${IMAGE_TAG}
                     --target armaforces_web_nginx -f .docker/Dockerfile .
 
-            -   name: Push Assets
-                if: github.ref == 'refs/heads/dev'
-                uses: actions-hub/docker@master
-                with:
-                    args: push docker.pkg.github.com/${REPO_LOWERCASE}/app_assets:${IMAGE_TAG}
-
             -   name: Push PHP
                 if: success()
                 uses: actions-hub/docker@master

docker-compose.override.yml

@@ -7,9 +7,11 @@ services:
             target: armaforces_web_php_dev
         volumes:
             - './:/www/app:rw'
-            - './var/import:/www/app/var/import:ro'
-            - './var/cache:/www/app/var/cache:rw'
-            - './var/log:/www/app/var/log:rw'
+            # If you develop on Mac or Windows you can remove the vendor/, var/ and node_modules/ directories
+            #  from the bind-mount for better performance by enabling the next lines:
+            #- '/www/app/vendor'
+            #- '/www/app/var'
+            #- '/www/app/node_modules'
         environment:
             PHP_IDE_CONFIG: serverName=armaforces-web
         extra_hosts:

docker-compose.test.yml

@@ -6,21 +6,11 @@ services:
         build:
             context: ./
             dockerfile: ./.docker/Dockerfile
-            target: armaforces_web_php
+            target: armaforces_web_php_dev
             cache_from:
-                - docker.pkg.github.com/armaforces/website/app_assets:dev
                 - docker.pkg.github.com/armaforces/website/app_php:dev
-        volumes:
-            # Extract files from runtime for QA tools
-            - './var:/www/app/var'
-            - './vendor:/www/app/vendor'
-            # Copy tests into runtime
-            - './.env.test:/www/app/.env.test:ro'
-            - './tests:/www/app/tests:ro'
-            - './phpunit.xml.dist:/www/app/phpunit.xml.dist:ro'
-            - './.php-cs-fixer.dist.php:/www/app/.php-cs-fixer.dist.php:ro'
-            - './phpstan.neon.dist:/www/app/phpstan.neon.dist:ro'
-
+        environment:
+            APP_ENV: test
         depends_on:
             - mysql