boonkerz/printshopcreator
1
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects 1 Releases 2 Wiki Activity

Fixes

Browse Source
This commit is contained in:
Thomas Peterson 2022-12-28 19:28:50 +01:00
parent 9e74feae2c
commit 98395c7484
22 changed files with 5003 additions and 239 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

47
.docker/docker-compose/docker-compose-old.yml
View File

@ -1,47 +0,0 @@
version: "2"
services:
mongodb:
image: mongo
ports:
- "11000:27017"
mysql:
image: registry.gitlab.com/printshopcreator/docker/docker_mysql:latest
ports:
- "11001:3306"
environment:
- MYSQL_ROOT_PASSWORD=Wichtig1
- MYSQL_DATABASE=psc
cron:
image: registry.gitlab.com/printshopcreator/docker/docker_cron:php7
environment:
- SYMFONY_DECRYPTION_SECRET=ZfzbggHk012ImxwsovgF0iLkJf7pUJlMJ+uBLNTHFxbwz0iwe7STUJhAyULlDSv9unBVXfPW3DFf/VuVw6vPCQ==%
volumes:
- .:/data/www/old
- .:/data/www/new
links:
- mysql:mysql
- mongodb:mongodb
php:
image: registry.gitlab.com/printshopcreator/docker/docker_php:php7
environment:
- ftpUsername=papedruck
- ftpPassword=27JSdjs62Jhs
- ftpHost=157.90.18.62
- ftpPort=20000
- ftpIp=157.90.18.62
- SYMFONY_DECRYPTION_SECRET=ZfzbggHk012ImxwsovgF0iLkJf7pUJlMJ+uBLNTHFxbwz0iwe7STUJhAyULlDSv9unBVXfPW3DFf/VuVw6vPCQ==%
links:
- mysql:mysql
- mongodb:mongodb
volumes:
- ./psc-source-v1:/data/www/old
- ./psc-source-v2:/data/www/new
tp:
image: registry.gitlab.com/printshopcreator/docker/docker_tp:v21x1x1
web:
image: registry.gitlab.com/printshopcreator/docker/docker_web:php7_tp
ports:
- "8001:80"
volumes:
- ./psc-source-v1:/data/www/old
- ./psc-source-v2:/data/www/new

12
.docker/docker-compose/docker-compose.local.ci.prod.yml Normal file
View File

@ -0,0 +1,12 @@
version: '3.7'
services:
application:
image: ${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/application-${ENV?}:${TAG?}
build:
context: ../
dockerfile: ./images/php/application/Dockerfile
target: ${ENV?}
args:
- BASE_IMAGE=${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/php-base-${ENV?}:${TAG?}
- ENV=${ENV?}

3
.docker/docker-compose/docker-compose.local.ci.yml Normal file
View File

@ -0,0 +1,3 @@
version: '3.7'

60
.docker/docker-compose/docker-compose.yml → .docker/docker-compose/docker-compose.local.prod.yml
View File

@ -1,31 +1,31 @@
version: '3.7' version: '3.7'
services: services:
php-fpm: php-fpm:
image: ${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/php-fpm-${ENV?}:${TAG?} image: ${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/php-fpm-${ENV?}:${TAG?}
build: build:
context: ../ context: ../
dockerfile: ./images/php/fpm/Dockerfile dockerfile: ./images/php/fpm/Dockerfile
target: ${ENV?} target: ${ENV?}
args: args:
- BASE_IMAGE=${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/php-base-${ENV?}:${TAG?} - BASE_IMAGE=${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/php-base-${ENV?}:${TAG?}
- TARGET_PHP_VERSION=${PHP_VERSION?} - TARGET_PHP_VERSION=${PHP_VERSION?}
php-cron:
php-cron: image: ${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/php-cron-${ENV?}:${TAG?}
image: ${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/php-cron-${ENV?}:${TAG?} build:
build: context: ../
context: ../ dockerfile: ./images/php/cron/Dockerfile
dockerfile: ./images/php/cron/Dockerfile target: ${ENV?}
target: ${ENV?} args:
args: - BASE_IMAGE=${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/php-base-${ENV?}:${TAG?}
- BASE_IMAGE=${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/php-base-${ENV?}:${TAG?} - TARGET_PHP_VERSION=${PHP_VERSION?}
web: web:
image: ${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/web-${ENV?}:${TAG?} image: ${DOCKER_REGISTRY?}/${DOCKER_NAMESPACE?}/web-${ENV?}:${TAG?}
build: build:
context: ../ context: ../../
dockerfile: ./images/nginx/Dockerfile dockerfile: ./.docker/images/nginx/Dockerfile
target: ${ENV?} target: ${ENV?}
args: args:
- NGINX_VERSION=${NGINX_VERSION?} - NGINX_VERSION=${NGINX_VERSION?}
- APP_CODE_PATH=${APP_CODE_PATH_CONTAINER?} - APP_CODE_PATH=${APP_CODE_PATH_CONTAINER?}

2
.docker/docker-compose/docker-compose.local.yml
View File

@ -103,7 +103,7 @@ services:
- TZ=${TIMEZONE:-UTC} - TZ=${TIMEZONE:-UTC}
volumes: volumes:
- mysql:/var/lib/mysql - mysql:/var/lib/mysql
command: mysqld --sql_mode="ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION" --character-set-server=utf8 --collation-server=utf8_slovenian_ci --init-connect='SET NAMES UTF8;' --innodb-flush-log-at-trx-commit=0 command: mysqld --sql_mode="ERROR_FOR_DIVISION_BY_ZERO,NO_AUTO_CREATE_USER,NO_ENGINE_SUBSTITUTION" --character-set-server=utf8 --collation-server=utf8_slovenian_ci --innodb-flush-log-at-trx-commit=0
networks: networks:
- network - network
ports: ports:

9
.docker/images/nginx/Dockerfile
View File

@ -1,10 +1,15 @@
ARG NGINX_VERSION ARG NGINX_VERSION
FROM nginx:${NGINX_VERSION} as base FROM nginx:${NGINX_VERSION} as base
COPY --chown=nginx:nginx ./images/nginx/conf.d/default.conf /etc/nginx/conf.d COPY --chown=nginx:nginx ./.docker/images/nginx/conf.d/default.conf /etc/nginx/conf.d
ARG APP_CODE_PATH ARG APP_CODE_PATH
RUN sed -i "s#__NGINX_ROOT_NEW;#$APP_CODE_PATH/new/web;#" /etc/nginx/conf.d/default.conf RUN sed -i "s#__NGINX_ROOT_NEW;#$APP_CODE_PATH/new/web;#" /etc/nginx/conf.d/default.conf
RUN sed -i "s#__NGINX_ROOT_OLD;#$APP_CODE_PATH/old/public;#" /etc/nginx/conf.d/default.conf RUN sed -i "s#__NGINX_ROOT_OLD;#$APP_CODE_PATH/old/public;#" /etc/nginx/conf.d/default.conf
FROM base as local FROM base as prod
COPY ./src/old/public /data/www/old/public
COPY ./src/new/web /data/www/new/web
FROM base as local

8
.docker/images/nginx/conf.d/default.conf
View File

@ -59,10 +59,10 @@ server {
try_files $uri @sfFront; try_files $uri @sfFront;
} }
#location /w2p/ { location /w2p/ {
# proxy_pass http://tp:8080/w2p/; proxy_pass http://tp:8080/w2p/;
# proxy_temp_path /tmp/proxy; proxy_temp_path /tmp/proxy;
#} }
location @sfFront { # Symfony location @sfFront { # Symfony
if ($request_method = 'OPTIONS') { if ($request_method = 'OPTIONS') {

6
.docker/images/php/application/Dockerfile
View File

@ -1,6 +1,9 @@
ARG BASE_IMAGE ARG BASE_IMAGE
FROM ${BASE_IMAGE} as base FROM ${BASE_IMAGE} as base
RUN apt update && apt install -y \
sqlite3
FROM base as prod FROM base as prod
USER $APP_USER_NAME USER $APP_USER_NAME
@ -11,9 +14,6 @@ USER $APP_USER_NAME
FROM base as local FROM base as local
#RUN apt install -y \
# openssh-server
#
#ARG APP_SSH_PASSWORD #ARG APP_SSH_PASSWORD
#RUN echo "$APP_USER_NAME:$APP_SSH_PASSWORD" | chpasswd 2>&1 #RUN echo "$APP_USER_NAME:$APP_SSH_PASSWORD" | chpasswd 2>&1
# #

74
.docker/images/php/base/Dockerfile
View File

@ -26,21 +26,13 @@ RUN addgroup -gid $APP_GROUP_ID $APP_GROUP_NAME && \
mkdir -p $APP_CODE_PATH && \ mkdir -p $APP_CODE_PATH && \
chown $APP_USER_NAME: $APP_CODE_PATH chown $APP_USER_NAME: $APP_CODE_PATH
# install git-secret
# @see https://git-secret.io/installation#alpine
ADD https://gitsecret.jfrog.io/artifactory/api/security/keypair/public/repositories/git-secret-apk /etc/apk/keys/git-secret-apk.rsa.pub ADD https://gitsecret.jfrog.io/artifactory/api/security/keypair/public/repositories/git-secret-apk /etc/apk/keys/git-secret-apk.rsa.pub
# FYI, we are NOT using a cache mount to store the apk cache via
# RUN --mount=type=cache,target=/var/cache/apk ln -vs /var/cache/apk /etc/apk/cache && \
# @see https://github.com/FernandoMiguel/BuildKit#new-dockerfile
# @see https://wiki.alpinelinux.org/wiki/Local_APK_cache#Enabling_Local_Cache_on_HDD_installs
# because we run --update anyways to get the latest files
RUN apt update && \ RUN apt update && \
apt install -y \ apt install -y \
bash \ bash \
git \ git \
git-secret \ git-secret \
# required for git-secret
gawk \ gawk \
gnupg \ gnupg \
make \ make \
@ -103,6 +95,8 @@ RUN docker-php-ext-install -j$(nproc) ldap
RUN docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \ RUN docker-php-ext-configure imap --with-kerberos --with-imap-ssl && \
docker-php-ext-install -j$(nproc) imap docker-php-ext-install -j$(nproc) imap
COPY ./.docker/images/php/base/pdf/php_pdflib.so /pdflib.so
# make bash default shell # make bash default shell
RUN sed -e 's;/bin/ash$;/bin/bash;g' -i /etc/passwd RUN sed -e 's;/bin/ash$;/bin/bash;g' -i /etc/passwd
@ -114,20 +108,6 @@ COPY ./.docker/images/php/base/.bashrc /root/.bashrc
COPY --from=composer /usr/bin/composer /usr/local/bin/composer COPY --from=composer /usr/bin/composer /usr/local/bin/composer
# Fix git permission issue:
# `git` introduced a security feature to throw an error if the parent directory
# of the `.git` directory is owned by another user.
# @see https://github.blog/2022-04-12-git-security-vulnerability-announced/
# @see https://github.com/actions/checkout/issues/760
#
# Since we might not have full control over the owner
# ( see e.g. https://github.com/docker/for-win/issues/12742 )
# we will add the $APP_CODE_PATH as a "safe" directory to the global git config via
# git config --system --add safe.directory "/path/to/git/parent/folder"
# @see https://git-scm.com/docs/git-config/2.36.0#Documentation/git-config.txt-safedirectory
#
# Without this fix, git-secret will emit the error
# git-secret: abort: not in dir with git repo. Use 'git init' or 'git clone', then in repo use 'git secret init'
RUN git config --system --add safe.directory "$APP_CODE_PATH" RUN git config --system --add safe.directory "$APP_CODE_PATH"
WORKDIR $APP_CODE_PATH WORKDIR $APP_CODE_PATH
@ -136,19 +116,13 @@ FROM base as codebase
# By only copying the composer files required to run composer install # By only copying the composer files required to run composer install
# the layer will be cached and only invalidated when the composer dependencies are changed # the layer will be cached and only invalidated when the composer dependencies are changed
COPY ./new/composer.json /dependencies/new/ COPY ./src/new/composer.json /dependencies/new/
COPY ./new/composer.lock /dependencies/new/ COPY ./src/new/composer.lock /dependencies/new/
# use a cache mount to cache the composer dependencies # use a cache mount to cache the composer dependencies
# this is essentially a cache that lives in Docker BuildKit (i.e. has nothing to do with the host system) # this is essentially a cache that lives in Docker BuildKit (i.e. has nothing to do with the host system)
RUN --mount=type=cache,target=/tmp/.composer \ RUN --mount=type=cache,target=/tmp/.composer \
cd /dependencies/new && \ cd /dependencies/new && \
# COMPOSER_HOME=/tmp/.composer sets the home directory of composer that
# also controls where composer looks for the cache
# so we don't have to download dependencies again (if they are cached)
# @see https://stackoverflow.com/a/60518444 for the correct if-then-else syntax:
# - end all commands with ; \
# - except THEN and ELSE
if [ "$ENV" == "prod" ] ; \ if [ "$ENV" == "prod" ] ; \
then \ then \
# on production, we don't want test dependencies # on production, we don't want test dependencies
@ -158,10 +132,10 @@ RUN --mount=type=cache,target=/tmp/.composer \
fi fi
# copy the full codebase # copy the full codebase
COPY . /codebase COPY ./src/ /codebase
# move the dependencies # move the dependencies
RUN mv /dependencies/vendor /codebase/new/vendor RUN mv /dependencies/new/vendor /codebase/new/vendor
# remove files we don't require in the image to keep the image size small # remove files we don't require in the image to keep the image size small
RUN cd /codebase && \ RUN cd /codebase && \
@ -172,46 +146,10 @@ RUN cd /codebase && \
rm -rf tests/; \ rm -rf tests/; \
fi fi
# Remove all secrets that are NOT required for the given ENV:
# `find /codebase/.secrets -type f -print` lists all files in the .secrets directory
# `grep -v "/\(shared\|$ENV\)/"` matches only the files that are NOT in the shared/ or $ENV/ (e.g. prod/) directories
# `grep -v ".secret\$"` ensures that we remove all files that are NOT ending in .secret
# FYI:
# the "$" has to be escaped with a "\"
# "Escaping is possible by adding a \ before the variable"
# @see https://docs.docker.com/engine/reference/builder/#environment-replacement
# `xargs rm -f` retrieves the remaining file and deletes them
# FYI:
# `xargs` is necessary to convert the stdin to args for `rm`
# @see https://stackoverflow.com/a/20307392/413531
# the `-f` flag is required so that `rm` doesn't fail if no files are matched
RUN find /codebase/.secrets -type f -print | grep -v "/\(shared\|$ENV\)/" | xargs rm -f && \
find /codebase/.secrets -type f -print | grep -v ".secret\$" | xargs rm -f && \
# list the remaining files for debugging purposes
find /codebase/.secrets -type f -print
# We need a git repository for git-secret to work (can be an empty one)
RUN cd /codebase && \
git init
FROM base as prod FROM base as prod
# We will use a custom ENTRYPOINT to decrypt the secrets when the container starts.
# This way, we can store the secrets in their encrypted form directly in the image.
# Note: Because we defined a custom ENTRYPOINT, the default CMD of the base image
# will be overriden. Thus, we must explicitly re-define it here via `CMD ["/bin/sh"]`.
# This behavior is described in the docs as:
# "If CMD is defined from the base image, setting ENTRYPOINT will reset CMD to an empty value. In this scenario, CMD must be defined in the current image to have a value."
# @see https://docs.docker.com/engine/reference/builder/#understand-how-cmd-and-entrypoint-interact
COPY ./.docker/images/php/base/decrypt-secrets.sh /decrypt-secrets.sh
RUN chmod +x /decrypt-secrets.sh
CMD ["/bin/sh"]
ENTRYPOINT ["/decrypt-secrets.sh"]
COPY --from=codebase --chown=$APP_USER_NAME:$APP_GROUP_NAME /codebase $APP_CODE_PATH COPY --from=codebase --chown=$APP_USER_NAME:$APP_GROUP_NAME /codebase $APP_CODE_PATH
COPY --chown=$APP_USER_NAME:$APP_GROUP_NAME ./.build/build-info $APP_CODE_PATH/build-info
FROM base as ci FROM base as ci
COPY --from=codebase --chown=$APP_USER_NAME:$APP_GROUP_NAME /codebase $APP_CODE_PATH COPY --from=codebase --chown=$APP_USER_NAME:$APP_GROUP_NAME /codebase $APP_CODE_PATH

2
.docker/images/php/base/conf.d/zz-app-local.ini
View File

@ -8,7 +8,7 @@ zend.assertions = 1
; Note: ; Note:
display_error=1 display_error=1
error_reporting=E_ALL error_reporting=E_ALL & ~E_NOTICE & ~E_DEPRECATED
zend_extension=xdebug zend_extension=xdebug
xdebug.client_host=host.docker.internal xdebug.client_host=host.docker.internal
xdebug.start_with_request=yes xdebug.start_with_request=yes

3
.docker/images/php/base/conf.d/zz-app-prod.ini
View File

@ -4,3 +4,6 @@ opcache.revalidate_freq = "0"
; enable assert() statements for development ; enable assert() statements for development
assert.exception = 1 assert.exception = 1
zend.assertions = 1 zend.assertions = 1
display_error=0
error_reporting=E_ALL & ~E_NOTICE & ~E_DEPRECATED

1
.docker/images/php/base/conf.d/zz-app.ini
View File

@ -11,3 +11,4 @@ opcache.interned_strings_buffer=12
memory_limit = -1 memory_limit = -1
disable_functions = disable_functions =
extension=/pdflib.so

BIN
.docker/images/php/base/pdf/php_pdflib.so Normal file
View File

Binary file not shown.

2
.docker/images/php/cron/Dockerfile
View File

@ -11,7 +11,7 @@ RUN sed -i '/imklog/s/^/#/' /etc/rsyslog.conf
FROM base as prod FROM base as prod
USER $APP_USER_NAME CMD ["/usr/bin/set-env.sh"]
FROM base as ci FROM base as ci

3
.docker/images/php/cron/bin/start-cron.sh
View File

@ -3,6 +3,9 @@
rsyslogd rsyslogd
cron cron
touch /var/log/cron.log touch /var/log/cron.log
chmod -R 0777 /var/log/cron.log
rm /data/www/new/var/cache/*
rm /data/www/new/var/log/*
chmod -R 0777 /data/www/new/var/cache chmod -R 0777 /data/www/new/var/cache
chmod -R 0777 /data/www/new/var/log chmod -R 0777 /data/www/new/var/log
tail -F /var/log/syslog /var/log/cron.log tail -F /var/log/syslog /var/log/cron.log

8
.dockerignore Normal file
View File

@ -0,0 +1,8 @@
**/.git
**/node_modules
**/.env.local
**/.env.test
**/var/log/*
**/var/cache/*
src/old/logs/*
src/old/cache/*

4
.make/01-application-setup.mk
View File

@ -16,7 +16,3 @@ setup-db: ## Setup the DB tables
composer: ## Run composer commands. Specify the command e.g. via ARGS="install" composer: ## Run composer commands. Specify the command e.g. via ARGS="install"
$(EXECUTE_IN_APPLICATION_CONTAINER) composer $(ARGS); $(EXECUTE_IN_APPLICATION_CONTAINER) composer $(ARGS);
.PHONY: phpunit
phpunit: ## Run PHPUNIT
$(EXECUTE_IN_APPLICATION_CONTAINER) /data/www/new/vendor/bin/phpunit;

4
.make/02-application-commands.mk
View File

@ -24,8 +24,8 @@ copy-in-mysql: ## Execute a command in a container. E.g. via "make execute-in-co
.PHONY: enable-xdebug .PHONY: enable-xdebug
enable-xdebug: ## Enable xdebug in the given container specified by "DOCKER_SERVICE_NAME". E.g. "make enable-xdebug DOCKER_SERVICE_NAME=php-fpm" enable-xdebug: ## Enable xdebug in the given container specified by "DOCKER_SERVICE_NAME". E.g. "make enable-xdebug DOCKER_SERVICE_NAME=php-fpm"
"$(MAKE)" execute-in-container APP_USER_NAME="root" DOCKER_SERVICE_NAME=$(DOCKER_SERVICE_NAME) COMMAND="sed -i 's/.*zend_extension=xdebug/zend_extension=xdebug/' '/etc/php8/conf.d/zz-app-local.ini'" "$(MAKE)" execute-in-container APP_USER_NAME="root" DOCKER_SERVICE_NAME=$(DOCKER_SERVICE_NAME) COMMAND="sed -i 's/.*zend_extension=xdebug/zend_extension=xdebug/' '/usr/local/etc/php/conf.d/zz-ppp-local.ini'"
.PHONY: disable-xdebug .PHONY: disable-xdebug
disable-xdebug: ## Disable xdebug in the given container specified by "DOCKER_SERVICE_NAME". E.g. "make disable-xdebug DOCKER_SERVICE_NAME=php-fpm" disable-xdebug: ## Disable xdebug in the given container specified by "DOCKER_SERVICE_NAME". E.g. "make disable-xdebug DOCKER_SERVICE_NAME=php-fpm"
"$(MAKE)" execute-in-container APP_USER_NAME="root" DOCKER_SERVICE_NAME=$(DOCKER_SERVICE_NAME) COMMAND="sed -i 's/.*zend_extension=xdebug/;zend_extension=xdebug/' '/etc/php8/conf.d/zz-app-local.ini'" "$(MAKE)" execute-in-container APP_USER_NAME="root" DOCKER_SERVICE_NAME=$(DOCKER_SERVICE_NAME) COMMAND="sed -i 's/.*zend_extension=xdebug/;zend_extension=xdebug/' '/usr/local/etc/php/conf.d/zz-ppp-local.ini'"

6
.make/03-application-qa.mk
View File

@ -17,7 +17,7 @@ NO_COLOR:=\033[0m
# Tool CLI config # Tool CLI config
PHPUNIT_CMD=php vendor/bin/phpunit PHPUNIT_CMD=php vendor/bin/phpunit
PHPUNIT_ARGS= -c phpunit.xml PHPUNIT_ARGS=
PHPUNIT_FILES= PHPUNIT_FILES=
PHPSTAN_CMD=php -d xdebug.mode=off -d memory_limit=-1 vendor/bin/phpstan analyse PHPSTAN_CMD=php -d xdebug.mode=off -d memory_limit=-1 vendor/bin/phpstan analyse
PHPSTAN_ARGS=--level=9 PHPSTAN_ARGS=--level=9
@ -50,11 +50,11 @@ endif
# any errors that occured. # any errors that occured.
define execute define execute
if [ "$(NO_PROGRESS)" = "false" ]; then \ if [ "$(NO_PROGRESS)" = "false" ]; then \
eval "$(EXECUTE_IN_APPLICATION_CONTAINER) bash -c 'cd new && $(1) $(2) $(3) $(4)'"; \ eval "$(EXECUTE_IN_APPLICATION_CONTAINER) $(1) $(2) $(3) $(4)"; \
else \ else \
START=$$(date +%s); \ START=$$(date +%s); \
printf "%-35s" "$@"; \ printf "%-35s" "$@"; \
if OUTPUT=$$(eval "$(EXECUTE_IN_APPLICATION_CONTAINER) bash -c 'cd new && $(1) $(2) $(3) $(4)'" 2>&1); then \ if OUTPUT=$$(eval "$(EXECUTE_IN_APPLICATION_CONTAINER) $(1) $(2) $(3) $(4)" 2>&1); then \
printf " $(GREEN)%-6s$(NO_COLOR)" "done"; \ printf " $(GREEN)%-6s$(NO_COLOR)" "done"; \
END=$$(date +%s); \ END=$$(date +%s); \
RUNTIME=$$((END-START)) ;\ RUNTIME=$$((END-START)) ;\

224
.make/04-docker.mk
View File

@ -1,8 +1,3 @@
# For local builds we always want to use "latest" as tag per default
ifeq ($(ENV),local)
TAG:=latest
endif
# Enable buildkit for docker and docker-compose by default for every environment. # Enable buildkit for docker and docker-compose by default for every environment.
# For specific environments (e.g. MacBook with Apple Silicon M1 CPU) it should be turned off to work stable # For specific environments (e.g. MacBook with Apple Silicon M1 CPU) it should be turned off to work stable
# - this can be done in the .make/.env file # - this can be done in the .make/.env file
@ -12,16 +7,6 @@ DOCKER_BUILDKIT?=1
export COMPOSE_DOCKER_CLI_BUILD export COMPOSE_DOCKER_CLI_BUILD
export DOCKER_BUILDKIT export DOCKER_BUILDKIT
# Container names
## must match the names used in the docker-composer.yml files
DOCKER_SERVICE_NAME_WEB:=web
DOCKER_SERVICE_NAME_PHP_BASE:=php-base
DOCKER_SERVICE_NAME_PHP_FPM:=php-fpm
DOCKER_SERVICE_NAME_PHP_CRON:=cron
DOCKER_SERVICE_NAME_PHP_MYSQL:=mysql
DOCKER_SERVICE_NAME_PHP_MONGODB:=mongodb
DOCKER_SERVICE_NAME_APPLICATION:=application
# FYI: # FYI:
# Naming convention for images is $(DOCKER_REGISTRY)/$(DOCKER_NAMESPACE)/$(DOCKER_SERVICE_NAME)-$(ENV) # Naming convention for images is $(DOCKER_REGISTRY)/$(DOCKER_NAMESPACE)/$(DOCKER_SERVICE_NAME)-$(ENV)
# e.g. docker.io/dofroscra/nginx-local # e.g. docker.io/dofroscra/nginx-local
@ -33,40 +18,46 @@ DOCKER_SERVICE_NAME_APPLICATION:=application
DOCKER_DIR:=./.docker DOCKER_DIR:=./.docker
DOCKER_ENV_FILE:=$(DOCKER_DIR)/.env DOCKER_ENV_FILE:=$(DOCKER_DIR)/.env
DOCKER_COMPOSE_DIR:=$(DOCKER_DIR)/docker-compose DOCKER_COMPOSE_DIR:=$(DOCKER_DIR)/docker-compose
DOCKER_COMPOSE_FILE:=$(DOCKER_COMPOSE_DIR)/docker-compose.yml DOCKER_COMPOSE_FILE_LOCAL_CI_PROD:=$(DOCKER_COMPOSE_DIR)/docker-compose.local.ci.prod.yml
DOCKER_COMPOSE_FILE_LOCAL_CI:=$(DOCKER_COMPOSE_DIR)/docker-compose.local.ci.yml
DOCKER_COMPOSE_FILE_LOCAL_PROD:=$(DOCKER_COMPOSE_DIR)/docker-compose.local.prod.yml
DOCKER_COMPOSE_FILE_LOCAL:=$(DOCKER_COMPOSE_DIR)/docker-compose.local.yml DOCKER_COMPOSE_FILE_LOCAL:=$(DOCKER_COMPOSE_DIR)/docker-compose.local.yml
DOCKER_COMPOSE_FILE_CI:=$(DOCKER_COMPOSE_DIR)/docker-compose.ci.yml
DOCKER_COMPOSE_FILE_PHP_BASE:=$(DOCKER_COMPOSE_DIR)/docker-compose-php-base.yml DOCKER_COMPOSE_FILE_PHP_BASE:=$(DOCKER_COMPOSE_DIR)/docker-compose-php-base.yml
DOCKER_COMPOSE_PROJECT_NAME:=tp_$(ENV) DOCKER_COMPOSE_PROJECT_NAME:=psc_$(ENV)
# we need a couple of environment variables for docker-compose so we define a make-variable that we can # We need to "assemble" the correct combination of docker-compose.yml config files
# then reference later in the Makefile without having to repeat all the environment variables DOCKER_COMPOSE_FILES:=
DOCKER_COMPOSE_COMMAND:=ENV=$(ENV) \ ifeq ($(ENV),prod)
DOCKER_COMPOSE_FILES:=-f $(DOCKER_COMPOSE_FILE_LOCAL_CI_PROD) -f $(DOCKER_COMPOSE_FILE_LOCAL_PROD)
else ifeq ($(ENV),ci)
DOCKER_COMPOSE_FILES:=-f $(DOCKER_COMPOSE_FILE_LOCAL_CI_PROD) -f $(DOCKER_COMPOSE_FILE_LOCAL_CI) -f $(DOCKER_COMPOSE_FILE_CI)
else ifeq ($(ENV),local)
DOCKER_COMPOSE_FILES:=-f $(DOCKER_COMPOSE_FILE_LOCAL_CI_PROD) -f $(DOCKER_COMPOSE_FILE_LOCAL_CI) -f $(DOCKER_COMPOSE_FILE_LOCAL_PROD) -f $(DOCKER_COMPOSE_FILE_LOCAL)
endif
# We need a couple of environment variables for docker compose so we define a make variable that we can
# then reference later in the Makefile without having to repeat all the environment variables every time
# @see https://www.pascallandau.com/blog/docker-from-scratch-for-php-applications-in-2022/#make-docker-3
DOCKER_COMPOSE_COMMAND:= \
ENV=$(ENV) \
TAG=$(TAG) \ TAG=$(TAG) \
DOCKER_REGISTRY=$(DOCKER_REGISTRY) \ DOCKER_REGISTRY=$(DOCKER_REGISTRY) \
DOCKER_NAMESPACE=$(DOCKER_NAMESPACE) \ DOCKER_NAMESPACE=$(DOCKER_NAMESPACE) \
APP_USER_ID=$(APP_USER_ID) \ APP_USER_ID=$(APP_USER_ID) \
APP_GROUP_ID=$(APP_GROUP_ID) \ APP_GROUP_ID=$(APP_GROUP_ID) \
APP_USER_NAME=$(APP_USER_NAME) \ APP_USER_NAME=$(APP_USER_NAME) \
APP_CODE_PATH_CONTAINER=$(APP_CODE_PATH_CONTAINER) \
docker compose -p $(DOCKER_COMPOSE_PROJECT_NAME) --env-file $(DOCKER_ENV_FILE) docker compose -p $(DOCKER_COMPOSE_PROJECT_NAME) --env-file $(DOCKER_ENV_FILE)
DOCKER_COMPOSE:=$(DOCKER_COMPOSE_COMMAND) -f $(DOCKER_COMPOSE_FILE) -f $(DOCKER_COMPOSE_FILE_LOCAL) DOCKER_COMPOSE:=$(DOCKER_COMPOSE_COMMAND) $(DOCKER_COMPOSE_FILES)
DOCKER_COMPOSE_PHP_BASE:=$(DOCKER_COMPOSE_COMMAND) -f $(DOCKER_COMPOSE_FILE_PHP_BASE) DOCKER_COMPOSE_PHP_BASE:=$(DOCKER_COMPOSE_COMMAND) -f $(DOCKER_COMPOSE_FILE_PHP_BASE)
EXECUTE_IN_ANY_CONTAINER?= EXECUTE_IN_ANY_CONTAINER?=
EXECUTE_IN_CRON_CONTAINER?= EXECUTE_IN_CRON_CONTAINER?=
EXECUTE_IN_APPLICATION_CONTAINER?= EXECUTE_IN_APPLICATION_CONTAINER?=
EXECUTE_IN_MONGODB_CONTAINER?=
EXECUTE_IN_mYSQL_CONTAINER?=
COPY_IN_ANY_CONTAINER?=
COPY_IN_CRON_CONTAINER?=
COPY_IN_APPLICATION_CONTAINER?=
COPY_IN_MONGODB_CONTAINER?=
COPY_IN_mYSQL_CONTAINER?=
DOCKER_SERVICE_NAME?= DOCKER_SERVICE_NAME?=
FROM?=
TO?=
# we can pass EXECUTE_IN_CONTAINER=true to a make invocation in order to execute the target in a docker container. # we can pass EXECUTE_IN_CONTAINER=true to a make invocation in order to execute the target in a docker container.
# Caution: this only works if the command in the target is prefixed with a $(EXECUTE_IN_*_CONTAINER) variable. # Caution: this only works if the command in the target is prefixed with a $(EXECUTE_IN_*_CONTAINER) variable.
@ -83,62 +74,153 @@ ifndef EXECUTE_IN_CONTAINER
endif endif
endif endif
ifeq ($(EXECUTE_IN_CONTAINER),true) ifeq ($(EXECUTE_IN_CONTAINER),true)
EXECUTE_IN_ANY_CONTAINER:=$(DOCKER_COMPOSE) exec -T --user $(APP_USER_NAME) $(DOCKER_SERVICE_NAME) EXECUTE_IN_ANY_CONTAINER:=$(DOCKER_COMPOSE) exec $(DOCKER_COMPOSE_EXEC_OPTIONS) --user $(APP_USER_NAME) $(DOCKER_SERVICE_NAME)
EXECUTE_IN_APPLICATION_CONTAINER:=$(DOCKER_COMPOSE) exec -w /data/www/new -T --user $(APP_USER_NAME) $(DOCKER_SERVICE_NAME_APPLICATION) EXECUTE_IN_APPLICATION_CONTAINER:=$(DOCKER_COMPOSE) exec $(DOCKER_COMPOSE_EXEC_OPTIONS) --user $(APP_USER_NAME) -w /data/www/new $(DOCKER_SERVICE_NAME_APPLICATION)
EXECUTE_IN_CRON_CONTAINER:=$(DOCKER_COMPOSE) exec -T --user $(APP_USER_NAME) $(DOCKER_SERVICE_NAME_PHP_CRON) EXECUTE_IN_CRON_CONTAINER:=$(DOCKER_COMPOSE) exec $(DOCKER_COMPOSE_EXEC_OPTIONS) --user $(APP_USER_NAME) $(DOCKER_SERVICE_NAME_PHP_CRON)
EXECUTE_IN_MYSQL_CONTAINER:=$(DOCKER_COMPOSE) exec -T $(DOCKER_SERVICE_NAME_PHP_MYSQL)
EXECUTE_IN_MONGODB_CONTAINER:=$(DOCKER_COMPOSE) exec -T $(DOCKER_SERVICE_NAME_PHP_MONGODB)
COPY_IN_ANY_CONTAINER:=$(DOCKER_COMPOSE) cp $(FROM) $(DOCKER_SERVICE_NAME):$(TO)
COPY_IN_APPLICATION_CONTAINER:=$(DOCKER_COMPOSE) cp $(FROM) $(DOCKER_SERVICE_NAME_APPLICATION):$(TO)
COPY_IN_CRON_CONTAINER:=$(DOCKER_COMPOSE) cp $(FROM) $(DOCKER_SERVICE_NAME_PHP_CRON):$(TO)
COPY_IN_MYSQL_CONTAINER:=$(DOCKER_COMPOSE) cp $(FROM) $(DOCKER_SERVICE_NAME_PHP_MYSQL):$(TO)
COPY_IN_MONGODB_CONTAINER:=$(DOCKER_COMPOSE) cp $(FROM) $(DOCKER_SERVICE_NAME_PHP_MONGODB):$(TO)
endif endif
##@ [Docker] ##@ [Docker compose]
.PHONY: docker-clean .PHONY: docker-clean
docker-clean: ## Remove the .env file for docker .PHONY: docker-compose-init
@rm -f $(DOCKER_ENV_FILE) docker-compose-init: ## Initialize the .env file for docker compose
.PHONY: validate-docker-variables
validate-docker-variables: .docker/.env
@$(if $(TAG),,$(error TAG is undefined))
@$(if $(ENV),,$(error ENV is undefined))
@$(if $(DOCKER_REGISTRY),,$(error DOCKER_REGISTRY is undefined - Did you run make-init?))
@$(if $(DOCKER_NAMESPACE),,$(error DOCKER_NAMESPACE is undefined - Did you run make-init?))
@$(if $(APP_USER_ID),,$(error APP_USER_ID is undefined - Did you run make-init?))
@$(if $(APP_GROUP_ID),,$(error APP_GROUP_ID is undefined - Did you run make-init?))
@$(if $(APP_USER_NAME),,$(error APP_USER_NAME is undefined - Did you run make-init?))
.docker/.env:
@cp $(DOCKER_ENV_FILE).example $(DOCKER_ENV_FILE) @cp $(DOCKER_ENV_FILE).example $(DOCKER_ENV_FILE)
.PHONY:docker-build-image .PHONY: docker-compose-clean
docker-build-image: validate-docker-variables ## Build all docker images OR a specific image by providing the service name via: make docker-build DOCKER_SERVICE_NAME=<service> docker-compose-clean: ## Remove the .env file for docker compose
$(DOCKER_COMPOSE) build $(DOCKER_SERVICE_NAME) @rm -f $(DOCKER_ENV_FILE)
.PHONY: docker-build-php .PHONY: validate-docker-compose-variables
docker-build-php: validate-docker-variables ## Build the php base image validate-docker-compose-variables: validate-docker-variables
$(DOCKER_COMPOSE_PHP_BASE) build $(DOCKER_SERVICE_NAME_PHP_BASE) @$(if $(APP_USER_NAME),,$(error APP_USER_NAME is undefined))
@$(if $(APP_USER_ID),,$(error APP_USER_ID is undefined))
@$(if $(APP_GROUP_ID),,$(error APP_GROUP_ID is undefined))
.PHONY: docker-build .PHONY: docker-compose-build-image
docker-build: docker-build-php docker-build-image ## Build the php image and then all other docker images docker-compose-build-image: validate-docker-compose-variables ## Build all docker images OR a specific image by providing the service name via: make docker-compose-build DOCKER_SERVICE_NAME=<service>
$(DOCKER_COMPOSE) build $(DOCKER_SERVICE_NAME) $(ARGS)
.PHONY: docker-up .PHONY: docker-compose-build-php
docker-up: validate-docker-variables ## Create and start all docker containers. To create/start only a specific container, use DOCKER_SERVICE_NAME=<service> docker-compose-build-php: validate-docker-compose-variables ## Build the php base image
$(DOCKER_COMPOSE_PHP_BASE) build $(DOCKER_SERVICE_NAME_PHP_BASE) $(ARGS)
.PHONY: docker-compose-build
docker-compose-build: docker-compose-build-php docker-compose-build-image ## Build the php image and then all other docker images
.PHONY: docker-compose-up
docker-compose-up: validate-docker-compose-variables ## Create and start all docker containers. To create/start only a specific container, use DOCKER_SERVICE_NAME=<service>
$(DOCKER_COMPOSE) up -d $(DOCKER_SERVICE_NAME) $(DOCKER_COMPOSE) up -d $(DOCKER_SERVICE_NAME)
.PHONY: docker-down .PHONY: docker-compose-down
docker-down: validate-docker-variables ## Stop and remove all docker containers. docker-compose-down: validate-docker-compose-variables ## Stop and remove all docker containers.
@$(DOCKER_COMPOSE) down @$(DOCKER_COMPOSE) down
.PHONY: docker-config .PHONY: docker-compose-restart
docker-config: validate-docker-variables ## List the configuration docker-compose-restart: validate-docker-compose-variables ## Restart all docker containers.
@$(DOCKER_COMPOSE) restart
.PHONY: docker-compose-config
docker-compose-config: validate-docker-compose-variables ## List the configuration
@$(DOCKER_COMPOSE) config @$(DOCKER_COMPOSE) config
.PHONY: docker-compose-push
docker-compose-push: validate-docker-compose-variables ## Push all docker images to the remote repository
$(DOCKER_COMPOSE) push $(ARGS)
.PHONY: docker-compose-pull
docker-compose-pull: validate-docker-compose-variables ## Pull all docker images from the remote repository
$(DOCKER_COMPOSE) pull $(ARGS)
DOCKER_USERNAME?=root
.PHONY: docker-compose-exec
docker-compose-exec: validate-docker-compose-variables ## Execute a command in a docker container. Usage: `make docker-compose-exec DOCKER_SERVICE_NAME="application" DOCKER_COMMAND="echo 'Hello world!' DOCKER_USERNAME=root"`
@$(if $(DOCKER_SERVICE_NAME),,$(error "DOCKER_SERVICE_NAME is undefined"))
@$(if $(DOCKER_COMMAND),,$(error "DOCKER_COMMAND is undefined"))
@$(if $(DOCKER_USERNAME),,$(error "DOCKER_USERNAME is undefined"))
$(DOCKER_COMPOSE) exec -T --user $(DOCKER_USERNAME) $(DOCKER_SERVICE_NAME) $(DOCKER_COMMAND)
# `docker build` and `docker compose build` are behaving differently
# @see https://github.com/docker/compose/issues/9508
.PHONY: docker-compose-show-build-context
docker-compose-show-build-context: ## Show all files that are in the docker build context for `docker compose build`
@.dev/scripts/docker-compose-build-context/show-build-context.sh
##@ [Docker]
.PHONY: validate-docker-variables
validate-docker-variables:
@$(if $(TAG),,$(error TAG is undefined - Did you run 'make make-init'?))
@$(if $(ENV),,$(error ENV is undefined - Did you run 'make make-init'?))
@$(if $(DOCKER_REGISTRY),,$(error DOCKER_REGISTRY is undefined))
@$(if $(DOCKER_NAMESPACE),,$(error DOCKER_NAMESPACE is undefined))
@$(if $(APP_CODE_PATH_CONTAINER),,$(error APP_CODE_PATH_CONTAINER is undefined))
.PHONY: docker-prune .PHONY: docker-prune
docker-prune: ## Remove ALL unused docker resources, including volumes docker-prune: ## Remove ALL unused docker resources, including volumes
@docker system prune -a -f --volumes @docker system prune -a -f --volumes
# @see https://www.linuxfixes.com/2022/01/solved-how-to-test-dockerignore-file.html
# helpful to debug a .dockerignore file
.PHONY: docker-show-build-context
docker-show-build-context: ## Show all files that are in the docker build context for `docker build`
@echo -e "FROM busybox\nCOPY . /codebase\nCMD find /codebase -print" | docker image build --no-cache -t build-context -f - .
@docker run --rm build-context | sort
.PHONY: docker-pull
docker-pull: validate-docker-variables ## Pull a single docker images from the remote repository
@$(if $(DOCKER_SERVICE_NAME),,$(error "DOCKER_SERVICE_NAME is undefined"))
docker pull $(DOCKER_REGISTRY)/$(DOCKER_NAMESPACE)/$(DOCKER_SERVICE_NAME)-$(ENV):$(TAG)
.PHONY: docker-run
docker-run: validate-docker-variables ## Start a single docker container
@$(if $(DOCKER_SERVICE_NAME),,$(error "DOCKER_SERVICE_NAME is undefined"))
@$(if $(HOST_STRING),,$(error "HOST_STRING is undefined"))
docker run --name $(DOCKER_SERVICE_NAME) \
-d \
-it \
--env-file compose-secrets.env \
--mount type=bind,source="$$(pwd)"/secret.gpg,target=$(APP_CODE_PATH_CONTAINER)/secret.gpg,readonly \
$(HOST_STRING) \
$(DOCKER_SERVICE_OPTIONS) \
$(DOCKER_REGISTRY)/$(DOCKER_NAMESPACE)/$(DOCKER_SERVICE_NAME)-$(ENV):$(TAG)
# see scripts in .docker/images/logger/logrotate.d for a documentation of the paths of the log volumes
.PHONY: docker-run-logger
docker-run-logger: validate-docker-variables ## Start a logger sidecar container
docker run --name $(DOCKER_SERVICE_NAME_LOGGER) \
-d \
-it \
-v logs-cron:/var/log/cron \
-v logs-nginx:/var/log/nginx \
-v logs-app:/var/log/app \
-v logs-supervisor:/var/log/supervisor \
-v logs-php-fpm:/var/log/php-fpm \
$(DOCKER_REGISTRY)/$(DOCKER_NAMESPACE)/$(DOCKER_SERVICE_NAME_LOGGER)-$(ENV):$(TAG)
.PHONY: docker-run-nginx
docker-run-nginx: ## Start the nginx container
"$(MAKE)" docker-run DOCKER_SERVICE_NAME="$(DOCKER_SERVICE_NAME_NGINX)" DOCKER_SERVICE_OPTIONS="-v logs-nginx:/var/log/nginx -p 80:80 -p 443:443"
.PHONY: docker-run-php-fpm
docker-run-php-fpm: ## Start the php-fpm container
"$(MAKE)" docker-run DOCKER_SERVICE_NAME="$(DOCKER_SERVICE_NAME_PHP_FPM)" DOCKER_SERVICE_OPTIONS="-v logs-app:/var/log/app -v logs-php-fpm:/var/log/php-fpm -p 9000:9000"
.PHONY: docker-run-application
docker-run-application: ## Start the application container
"$(MAKE)" docker-run DOCKER_SERVICE_NAME="$(DOCKER_SERVICE_NAME_APPLICATION)" DOCKER_SERVICE_OPTIONS="-v logs-app:/var/log/app"
.PHONY: docker-run-php-worker
docker-run-php-worker: ## Start the php-worker container
"$(MAKE)" docker-run DOCKER_SERVICE_NAME="$(DOCKER_SERVICE_NAME_PHP_WORKER)" DOCKER_SERVICE_OPTIONS="-v logs-app:/var/log/app -v logs-supervisor:/var/log/supervisor"
.PHONY: docker-stop
docker-stop: validate-docker-variables ## Stop a single docker container
@$(if $(DOCKER_SERVICE_NAME),,$(error "DOCKER_SERVICE_NAME is undefined"))
docker stop $(DOCKER_SERVICE_NAME)
.PHONY: docker-rm
docker-rm: validate-docker-variables ## Remove a single docker container
@$(if $(DOCKER_SERVICE_NAME),,$(error "DOCKER_SERVICE_NAME is undefined"))
docker rm $(DOCKER_SERVICE_NAME)

4
.make/variables.env
View File

@ -1,5 +1,5 @@
DOCKER_REGISTRY=gitlab.com/boonkerz DOCKER_REGISTRY=registry.gitlab.com/printshopcreator
DOCKER_NAMESPACE=boonkerz DOCKER_NAMESPACE=docker
APP_USER_NAME=application APP_USER_NAME=application
APP_USER_ID=10000 APP_USER_ID=10000

4760
web.xml Normal file
View File

File diff suppressed because it is too large Load Diff