Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: change from php-fpm to frankenphp #5123

Merged
merged 9 commits into from
Jun 2, 2024
Merged

chore: change from php-fpm to frankenphp #5123

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
9 commits
Select commit Hold shift + click to select a range
efa0150
chore: change from php-fpm to frankenphp
usu May 4, 2024
1980743
fix API tests (revert some changes)
usu May 4, 2024
140c0ba
fix helm charts
usu May 4, 2024
1aff24a
fix Caddyfile; add compression for hal+json
usu May 5, 2024
8e4ebc8
fix Caddyfile SERVER_NAME
usu May 5, 2024
0aa3976
fix manual deployment
usu May 5, 2024
7d05b46
merge devel
usu May 25, 2024
e199874
fix docker service name
usu May 25, 2024
8b1992a
merge devel
usu Jun 1, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Empty file removed .caddy/config-cache/.gitkeep
View file
Open in desktop
Empty file.
Empty file removed .caddy/data/.gitkeep
View file
Open in desktop
Empty file.
Empty file removed .caddy/php-socket/.gitkeep
View file
Open in desktop
Empty file.
19 changes: 3 additions & 16 deletions .github/workflows/reusable-build-and-push.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -58,26 +58,13 @@ jobs:
push: true
file: api/Dockerfile
tags: |
${{ ((inputs.tag != '') && format('{0}/ecamp3-api-php:{1}', vars.DOCKER_HUB_USERNAME, inputs.tag) || '') }}
${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-api-php:${{ inputs.sha }}
${{ ((inputs.tag != '') && format('{0}/ecamp3-api:{1}', vars.DOCKER_HUB_USERNAME, inputs.tag) || '') }}
${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-api:${{ inputs.sha }}
context: './api'
target: api_platform_php
target: frankenphp_prod
cache-from: type=gha,scope=api
cache-to: type=gha,scope=api,mode=max

- name: Build and push caddy docker image
uses: docker/build-push-action@v5
with:
push: true
file: api/Dockerfile
tags: |
${{ ((inputs.tag != '') && format('{0}/ecamp3-api-caddy:{1}', vars.DOCKER_HUB_USERNAME, inputs.tag) || '') }}
${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-api-caddy:${{ inputs.sha }}
context: './api'
target: api_platform_caddy_prod
cache-from: type=gha,scope=caddy
cache-to: type=gha,scope=caddy,mode=max

- name: Build and push print docker image
uses: docker/build-push-action@v5
with:
Expand Down
15 changes: 7 additions & 8 deletions .github/workflows/reusable-dev-deployment.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -83,8 +83,7 @@ jobs:
--set imageTag=${{ inputs.sha }} \
--set frontend.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-frontend' \
--set print.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-print' \
--set php.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-api-php' \
--set caddy.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-api-caddy' \
--set api.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-api' \
--set apiCache.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-varnish' \
--set postgresql.dbBackupRestoreImage.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-db-backup-restore' \
--set termsOfServiceLinkTemplate='https://ecamp3.ch/{lang}/tos' \
Expand Down Expand Up @@ -112,12 +111,12 @@ jobs:
--set postgresql.restore.s3.accessKeyId='${{ secrets.RESTORE_S3_ACCESS_KEY_ID }}' \
--set postgresql.restore.s3.accessKey='${{ secrets.RESTORE_S3_ACCESS_KEY }}' \
--set postgresql.restore.encryptionKey=${{ secrets.RESTORE_ENCRYPTION_KEY != null && format('''{0}''', secrets.RESTORE_ENCRYPTION_KEY) || null }} \
--set php.dataMigrationsDir='${{ vars.DATA_MIGRATIONS_DIR }}' \
--set php.appSecret='${{ secrets.API_APP_SECRET }}' \
--set php.sentryDsn='${{ secrets.API_SENTRY_DSN }}' \
--set php.jwt.passphrase='${{ secrets.JWT_PASSPHRASE }}' \
--set php.jwt.publicKey='${{ secrets.JWT_PUBLIC_KEY }}' \
--set php.jwt.privateKey='${{ secrets.JWT_PRIVATE_KEY }}' \
--set api.dataMigrationsDir='${{ vars.DATA_MIGRATIONS_DIR }}' \
--set api.appSecret='${{ secrets.API_APP_SECRET }}' \
--set api.sentryDsn='${{ secrets.API_SENTRY_DSN }}' \
--set api.jwt.passphrase='${{ secrets.JWT_PASSPHRASE }}' \
--set api.jwt.publicKey='${{ secrets.JWT_PUBLIC_KEY }}' \
--set api.jwt.privateKey='${{ secrets.JWT_PRIVATE_KEY }}' \
--set frontend.sentryDsn='${{ secrets.FRONTEND_SENTRY_DSN }}' \
--set print.sentryDsn='${{ secrets.PRINT_SENTRY_DSN }}' \
--set print.browserWsEndpoint='${{ secrets.BROWSER_WS_ENDPOINT }}' \
Expand Down
21 changes: 3 additions & 18 deletions .github/workflows/reusable-e2e-tests-build.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,27 +23,12 @@ jobs:
context: './api'
push: false
load: true
target: api_platform_php_dev
target: frankenphp_dev
builder: ${{ steps.buildx.outputs.name }}
tags: ecamp/ecamp3-dev-api-php
tags: ecamp/ecamp3-dev-api
cache-from: type=gha,scope=api
cache-to: type=gha,scope=api,mode=max
outputs: type=docker,dest=/tmp/ecamp3-dev-api-php.tar

# build caddy (using cache; provide image to docker compose)
- name: Build docker image (Caddy)
uses: docker/build-push-action@v5
with:
file: api/Dockerfile
context: './api'
push: false
load: true
target: api_platform_caddy
builder: ${{ steps.buildx.outputs.name }}
tags: ecamp/ecamp3-dev-api-caddy
cache-from: type=gha,scope=caddy
cache-to: type=gha,scope=caddy,mode=max
outputs: type=docker,dest=/tmp/ecamp3-dev-api-caddy.tar
outputs: type=docker,dest=/tmp/ecamp3-dev-api.tar

- uses: actions/upload-artifact@v4
with:
Expand Down
5 changes: 2 additions & 3 deletions .github/workflows/reusable-e2e-tests-run.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,8 +36,7 @@ jobs:

- name: Load images
run: |
docker load --input /tmp/ecamp3-dev-api-php.tar
docker load --input /tmp/ecamp3-dev-api-caddy.tar
docker load --input /tmp/ecamp3-dev-api.tar
docker image ls -a --digests

- name: Restore cache volumes (npm, composer)
Expand All @@ -49,7 +48,7 @@ jobs:
docker-compose-

# start necessary containers
- run: docker compose up -d php caddy frontend pdf print browserless database docker-host http-cache mail
- run: docker compose up -d api frontend pdf print browserless database docker-host http-cache mail

- uses: cypress-io/github-action@v6.7.0
with:
Expand Down
45 changes: 21 additions & 24 deletions .github/workflows/reusable-stage-prod-deployment.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -42,8 +42,7 @@ jobs:
--set imageTag=${{ github.sha }} \
--set frontend.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-frontend' \
--set print.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-print' \
--set php.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-api-php' \
--set caddy.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-api-caddy' \
--set api.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-api' \
--set apiCache.image.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-varnish' \
--set postgresql.dbBackupRestoreImage.repository='docker.io/${{ vars.DOCKER_HUB_USERNAME }}/ecamp3-db-backup-restore' \
--set termsOfServiceLinkTemplate='https://ecamp3.ch/{lang}/tos' \
Expand Down Expand Up @@ -71,23 +70,23 @@ jobs:
--set postgresql.restore.s3.accessKey='${{ secrets.RESTORE_S3_ACCESS_KEY }}' \
--set postgresql.restore.encryptionKey=${{ secrets.RESTORE_ENCRYPTION_KEY != null && format('''{0}''', secrets.RESTORE_ENCRYPTION_KEY) || null }} \
--set postgresql.restore.inviteSupportAccountToInterestingCamps=${{ vars.RESTORE_INVITE_TO_INTERESTING_CAMPS != null && format('''{0}''', vars.RESTORE_INVITE_TO_INTERESTING_CAMPS) || false }} \
--set php.dataMigrationsDir='${{ vars.DATA_MIGRATIONS_DIR }}' \
--set php.appSecret='${{ secrets.API_APP_SECRET }}' \
--set php.sentryDsn='${{ secrets.API_SENTRY_DSN }}' \
--set php.jwt.passphrase='${{ secrets.JWT_PASSPHRASE }}' \
--set php.jwt.publicKey='${{ secrets.JWT_PUBLIC_KEY }}' \
--set php.jwt.privateKey='${{ secrets.JWT_PRIVATE_KEY }}' \
--set php.oauth.google.clientId='${{ secrets.OAUTH_GOOGLE_CLIENT_ID }}' \
--set php.oauth.google.clientSecret='${{ secrets.OAUTH_GOOGLE_CLIENT_SECRET }}' \
--set php.oauth.pbsmidata.clientId='${{ secrets.OAUTH_PBSMIDATA_CLIENT_ID }}' \
--set php.oauth.pbsmidata.clientSecret='${{ secrets.OAUTH_PBSMIDATA_CLIENT_SECRET }}' \
--set php.oauth.pbsmidata.baseUrl='${{ secrets.OAUTH_PBSMIDATA_BASE_URL }}' \
--set php.oauth.cevidb.clientId='${{ secrets.OAUTH_CEVIDB_CLIENT_ID }}' \
--set php.oauth.cevidb.clientSecret='${{ secrets.OAUTH_CEVIDB_CLIENT_SECRET }}' \
--set php.oauth.cevidb.baseUrl='${{ secrets.OAUTH_CEVIDB_BASE_URL }}' \
--set php.oauth.jubladb.clientId='${{ secrets.OAUTH_JUBLADB_CLIENT_ID }}' \
--set php.oauth.jubladb.clientSecret='${{ secrets.OAUTH_JUBLADB_CLIENT_SECRET }}' \
--set php.oauth.jubladb.baseUrl='${{ secrets.OAUTH_JUBLADB_BASE_URL }}' \
--set api.dataMigrationsDir='${{ vars.DATA_MIGRATIONS_DIR }}' \
--set api.appSecret='${{ secrets.API_APP_SECRET }}' \
--set api.sentryDsn='${{ secrets.API_SENTRY_DSN }}' \
--set api.jwt.passphrase='${{ secrets.JWT_PASSPHRASE }}' \
--set api.jwt.publicKey='${{ secrets.JWT_PUBLIC_KEY }}' \
--set api.jwt.privateKey='${{ secrets.JWT_PRIVATE_KEY }}' \
--set api.oauth.google.clientId='${{ secrets.OAUTH_GOOGLE_CLIENT_ID }}' \
--set api.oauth.google.clientSecret='${{ secrets.OAUTH_GOOGLE_CLIENT_SECRET }}' \
--set api.oauth.pbsmidata.clientId='${{ secrets.OAUTH_PBSMIDATA_CLIENT_ID }}' \
--set api.oauth.pbsmidata.clientSecret='${{ secrets.OAUTH_PBSMIDATA_CLIENT_SECRET }}' \
--set api.oauth.pbsmidata.baseUrl='${{ secrets.OAUTH_PBSMIDATA_BASE_URL }}' \
--set api.oauth.cevidb.clientId='${{ secrets.OAUTH_CEVIDB_CLIENT_ID }}' \
--set api.oauth.cevidb.clientSecret='${{ secrets.OAUTH_CEVIDB_CLIENT_SECRET }}' \
--set api.oauth.cevidb.baseUrl='${{ secrets.OAUTH_CEVIDB_BASE_URL }}' \
--set api.oauth.jubladb.clientId='${{ secrets.OAUTH_JUBLADB_CLIENT_ID }}' \
--set api.oauth.jubladb.clientSecret='${{ secrets.OAUTH_JUBLADB_CLIENT_SECRET }}' \
--set api.oauth.jubladb.baseUrl='${{ secrets.OAUTH_JUBLADB_BASE_URL }}' \
--set frontend.sentryDsn='${{ secrets.FRONTEND_SENTRY_DSN }}' \
--set print.sentryDsn='${{ secrets.PRINT_SENTRY_DSN }}' \
--set print.ingress.readTimeoutSeconds='${{ vars.PRINT_INGRESS_READ_TIMEOUT_SECONDS }}' \
Expand All @@ -103,11 +102,9 @@ jobs:
--set browserless.connectionTimeout=${{ vars.BROWSERLESS_CONNECTION_TIMEOUT_MS || '30000' }} \
--set browserless.resources.requests.cpu=${{ vars.BROWSERLESS_CPU || '500m' }} \
--set browserless.resources.requests.memory=${{ vars.BROWSERLESS_MEMORY || '800Mi' }} \
--set caddy.resources.requests.cpu=50m \
--set caddy.resources.limits.cpu=500m \
--set php.resources.requests.cpu=${{ vars.PHP_CPU || '1000m' }} \
--set php.resources.requests.memory=${{ vars.PHP_MEMORY || '500Mi' }} \
--set php.resources.limits.cpu=${{ vars.PHP_CPULIMIT || '1900m' }} \
--set api.resources.requests.cpu=${{ vars.PHP_CPU || '1000m' }} \
--set api.resources.requests.memory=${{ vars.PHP_MEMORY || '500Mi' }} \
--set api.resources.limits.cpu=${{ vars.PHP_CPULIMIT || '1900m' }} \
--set frontend.resources.requests.cpu=50m \
--set print.resources.requests.cpu=${{ vars.PRINT_CPU || '300m' }} \
--set print.resources.requests.memory=${{ vars.PRINT_MEMORY || '150Mi' }} \
Expand Down
8 changes: 2 additions & 6 deletions .helm/build-images.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,14 +25,10 @@ frontend_image_tag="${docker_hub_account}/ecamp3-frontend:${version}"
docker build "$REPO_DIR" -f "$REPO_DIR"/.docker-hub/frontend/Dockerfile $frontend_sentry_build_args -t "$frontend_image_tag"
docker push "$frontend_image_tag"

api_image_tag="${docker_hub_account}/ecamp3-api-php:${version}"
docker build "$REPO_DIR"/api -f "$REPO_DIR"/api/Dockerfile -t "$api_image_tag" --target api_platform_php $sentry_build_args
api_image_tag="${docker_hub_account}/ecamp3-api:${version}"
docker build "$REPO_DIR"/api -f "$REPO_DIR"/api/Dockerfile -t "$api_image_tag" --target frankenphp_prod $sentry_build_args
docker push "$api_image_tag"

caddy_image_tag="${docker_hub_account}/ecamp3-api-caddy:${version}"
docker build "$REPO_DIR"/api -f "$REPO_DIR"/api/Dockerfile -t "$caddy_image_tag" --target api_platform_caddy_prod
docker push "$caddy_image_tag"

print_sentry_build_args="$sentry_build_args --build-arg SENTRY_PRINT_PROJECT=$SENTRY_PRINT_PROJECT"

print_image_tag="${docker_hub_account}/ecamp3-print:${version}"
Expand Down
19 changes: 7 additions & 12 deletions .helm/deploy-to-cluster.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -47,20 +47,20 @@ for i in 1; do
values="$values --set postgresql.url=$POSTGRES_URL/ecamp3$instance_name-"$i"?sslmode=require"
values="$values --set postgresql.adminUrl=$POSTGRES_ADMIN_URL/ecamp3$instance_name-"$i"?sslmode=require"
values="$values --set postgresql.dropDBOnUninstall=true"
values="$values --set php.dataMigrationsDir=$migrations_dir"
values="$values --set php.appSecret=$app_secret"
values="$values --set api.dataMigrationsDir=$migrations_dir"
values="$values --set api.appSecret=$app_secret"
if [ -n "$API_SENTRY_DSN" ]; then
values="$values --set php.sentryDsn=$API_SENTRY_DSN"
values="$values --set api.sentryDsn=$API_SENTRY_DSN"
fi
if [ -n "$FRONTEND_SENTRY_DSN" ]; then
values="$values --set frontend.sentryDsn=$FRONTEND_SENTRY_DSN"
fi
if [ -n "$PRINT_SENTRY_DSN" ]; then
values="$values --set print.sentryDsn=$PRINT_SENTRY_DSN"
fi
values="$values --set php.jwt.passphrase=$app_jwt_passphrase"
values="$values --set-file php.jwt.publicKey=$SCRIPT_DIR/public.pem"
values="$values --set-file php.jwt.privateKey=$SCRIPT_DIR/private.pem"
values="$values --set api.jwt.passphrase=$app_jwt_passphrase"
values="$values --set-file api.jwt.publicKey=$SCRIPT_DIR/public.pem"
values="$values --set-file api.jwt.privateKey=$SCRIPT_DIR/private.pem"
values="$values --set deploymentTime=$(date -u +%s)"
values="$values --set deployedVersion=\"$(git rev-parse --short HEAD)\""
values="$values --set featureToggle.developer=true"
Expand Down Expand Up @@ -89,16 +89,11 @@ for i in 1; do
values="$values --set postgresql.restore.inviteSupportAccountToInterestingCamps=$RESTORE_INVITE_TO_INTERESTING_CAMPS"
fi

for imagespec in "frontend" "print"; do
for imagespec in "frontend" "print" "api"; do
values="$values --set $imagespec.image.pullPolicy=$pull_policy"
values="$values --set $imagespec.image.repository=docker.io/${docker_hub_account}/ecamp3-$imagespec"
done

for imagespec in "php" "caddy"; do
values="$values --set $imagespec.image.pullPolicy=$pull_policy"
values="$values --set $imagespec.image.repository=docker.io/${docker_hub_account}/ecamp3-api-$imagespec"
done

values="$values --set apiCache.image.repository=docker.io/${docker_hub_account}/ecamp3-varnish"

values="$values --set postgresql.dbBackupRestoreImage.pullPolicy=$pull_policy"
Expand Down
15 changes: 8 additions & 7 deletions .helm/ecamp3/templates/api_configmap.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -8,20 +8,21 @@ metadata:
data:
ADDITIONAL_TRUSTED_HOSTS: {{ .Values.domain | quote }}
COOKIE_PREFIX: {{ include "api.cookiePrefix" . | quote }}
APP_ENV: {{ .Values.php.appEnv | quote }}
APP_DEBUG: {{ .Values.php.appDebug | quote }}
{{- if .Values.php.dataMigrationsDir }}
DATA_MIGRATIONS_DIR: {{ .Values.php.dataMigrationsDir | quote }}
APP_ENV: {{ .Values.api.appEnv | quote }}
APP_DEBUG: {{ .Values.api.appDebug | quote }}
{{- if .Values.api.dataMigrationsDir }}
DATA_MIGRATIONS_DIR: {{ .Values.api.dataMigrationsDir | quote }}
{{- end }}
CORS_ALLOW_ORIGIN: {{ include "frontend.url" . | quote }}
TRUSTED_PROXIES: "{{ join "," .Values.php.trustedProxies }}"
{{- if .Values.php.sentryDsn }}
SENTRY_API_DSN: {{ .Values.php.sentryDsn | quote }}
TRUSTED_PROXIES: "{{ join "," .Values.api.trustedProxies }}"
{{- if .Values.api.sentryDsn }}
SENTRY_API_DSN: {{ .Values.api.sentryDsn | quote }}
SENTRY_ENVIRONMENT: {{ .Values.domain | quote }}
{{- else }}
SENTRY_API_DSN: {{ "" | quote }}
{{- end }}
FRONTEND_BASE_URL: {{ include "frontend.url" . | quote }}
CADDY_GLOBAL_OPTIONS: {{ .Values.api.caddyGlobalOptions | quote }}
API_CACHE_ENABLED: {{ .Values.apiCache.enabled | quote }}
{{- if .Values.apiCache.enabled }}
VARNISH_API_URL: {{ printf "%s:%d" (include "apiCache.name" .) (.Values.apiCache.service.ports.purge | int) | quote }}
Expand Down
Loading
Loading