feat: add php8.2 image

.drone.star

@@ -9,6 +9,7 @@ def main(ctx):
         "7.4-ubuntu22.04",
         "8.0",
         "8.1",
+        "8.2",
     ]
 
     arches = [

v8.2/Dockerfile.amd64

@@ -0,0 +1,54 @@
+FROM owncloud/ubuntu:20.04-amd64
+
+LABEL maintainer="ownCloud DevOps <devops@owncloud.com>" \
+  org.label-schema.name="ownCloud CI PHP" \
+  org.label-schema.vendor="ownCloud GmbH" \
+  org.label-schema.schema-version="1.0"
+
+VOLUME ["/var/www/owncloud"]
+
+ENV ORACLE_HOME=/usr/lib/oracle/12.2/client64
+ENV LD_LIBRARY_PATH=/usr/lib/oracle/12.2/client64/lib/${LD_LIBRARY_PATH:+:$LD_LIBRARY_PATH}
+ENV APACHE_LOGGING_PATH=/dev/stdout
+
+ARG RETRY_VERSION
+
+# renovate: datasource=github-releases depName=owncloud-ci/retry
+ENV RETRY_VERSION="${RETRY_VERSION:-v2.0.0}"
+
+RUN curl -SsfL -o /usr/local/bin/retry "https://github.com/owncloud-ci/retry/releases/download/v${RETRY_VERSION##v}/retry" && \
+  chmod 755 /usr/local/bin/retry
+
+RUN apt-get update -y && \
+  apt-get install -y software-properties-common language-pack-en-base && \
+  LC_ALL=en_US.UTF-8 add-apt-repository ppa:ondrej/php && \
+  LC_ALL=en_US.UTF-8 add-apt-repository ppa:ondrej/apache2
+
+RUN apt-get update -y && \
+  apt-get upgrade -y && \
+  apt-get install -y apache2 libapache2-mod-php8.2 libxml2-utils git-core unzip wget fontconfig libaio1 python php8.2 php8.2-dev php8.2-xml php8.2-mbstring php8.2-curl php8.2-gd php8.2-zip php8.2-intl php8.2-sqlite3 php8.2-mysql php8.2-pgsql php8.2-soap php8.2-phpdbg php8.2-ldap php8.2-gmp php8.2-imap php8.2-redis php8.2-memcached php8.2-imagick php8.2-smbclient php8.2-apcu php8.2-ast rsync && \
+  apt-get clean && \
+  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /etc/apache2/sites-available/default-ssl.conf && \
+  a2enmod rewrite headers env dir mime ssl expires dav dav_fs
+
+RUN update-alternatives --set php /usr/bin/php8.2
+
+RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer
+
+RUN curl -sSo oracle-instantclient12.2-basic_12.2.0.1.0-2_amd64.deb https://minio.owncloud.com/packages/oracle/oracle-instantclient12.2-basic_12.2.0.1.0-2_amd64.deb && \
+  dpkg -i oracle-instantclient12.2-basic_12.2.0.1.0-2_amd64.deb && \
+  rm oracle-instantclient12.2-basic_12.2.0.1.0-2_amd64.deb
+
+RUN curl -sSo oracle-instantclient12.2-sqlplus_12.2.0.1.0-2_amd64.deb https://minio.owncloud.com/packages/oracle/oracle-instantclient12.2-sqlplus_12.2.0.1.0-2_amd64.deb && \
+  dpkg -i oracle-instantclient12.2-sqlplus_12.2.0.1.0-2_amd64.deb && \
+  rm oracle-instantclient12.2-sqlplus_12.2.0.1.0-2_amd64.deb
+
+RUN curl -sSo oracle-instantclient12.2-devel_12.2.0.1.0-2_amd64.deb https://minio.owncloud.com/packages/oracle/oracle-instantclient12.2-devel_12.2.0.1.0-2_amd64.deb && \
+  dpkg -i oracle-instantclient12.2-devel_12.2.0.1.0-2_amd64.deb && \
+  rm oracle-instantclient12.2-devel_12.2.0.1.0-2_amd64.deb
+
+RUN ln -s /usr/include/oracle/12.2/client64 /usr/lib/oracle/12.2/client64/include && \
+  echo "instantclient,/usr/lib/oracle/12.2/client64/lib" | pecl install oci8-3.2.1
+
+COPY ./overlay ./overlay-amd64 /
+WORKDIR /var/www/owncloud

v8.2/Dockerfile.arm64v8

@@ -0,0 +1,34 @@
+FROM owncloud/ubuntu:20.04-arm64v8
+
+LABEL maintainer="ownCloud DevOps <devops@owncloud.com>" \
+  org.label-schema.name="ownCloud CI PHP" \
+  org.label-schema.vendor="ownCloud GmbH" \
+  org.label-schema.schema-version="1.0"
+
+VOLUME ["/var/www/owncloud"]
+ENV APACHE_LOGGING_PATH=/dev/stdout
+
+ARG RETRY_VERSION
+
+# renovate: datasource=github-releases depName=owncloud-ci/retry
+ENV RETRY_VERSION="${RETRY_VERSION:-v2.0.0}"
+
+RUN curl -SsfL -o /usr/local/bin/retry "https://github.com/owncloud-ci/retry/releases/download/v${RETRY_VERSION##v}/retry" && \
+  chmod 755 /usr/local/bin/retry
+
+RUN apt-get update -y && \
+  apt-get install -y software-properties-common language-pack-en-base && \
+  LC_ALL=en_US.UTF-8 add-apt-repository ppa:ondrej/php && \
+  LC_ALL=en_US.UTF-8 add-apt-repository ppa:ondrej/apache2
+
+RUN apt-get update -y && \
+  apt-get upgrade -y && \
+  apt-get install -y apache2 libapache2-mod-php8.2 libxml2-utils git-core unzip wget fontconfig libaio1 python php8.2 php8.2-dev php8.2-xml php8.2-mbstring php8.2-curl php8.2-gd php8.2-zip php8.2-intl php8.2-sqlite3 php8.2-mysql php8.2-pgsql php8.2-soap php8.2-phpdbg php8.2-ldap php8.2-gmp php8.2-imap php8.2-redis php8.2-memcached php8.2-imagick php8.2-smbclient php8.2-apcu php8.2-ast rsync && \
+  apt-get clean && \
+  rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* /etc/apache2/sites-available/default-ssl.conf && \
+  a2enmod rewrite headers env dir mime ssl expires dav dav_fs
+
+RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/bin --filename=composer
+
+COPY ./overlay ./overlay-arm64v8 /
+WORKDIR /var/www/owncloud

v8.2/manifest.tmpl

@@ -0,0 +1,11 @@
+image: owncloudci/php:8.2
+manifests:
+  - image: owncloudci/php:8.2-amd64
+    platform:
+      architecture: amd64
+      os: linux
+  - image: owncloudci/php:8.2-arm64v8
+    platform:
+      architecture: arm64
+      variant: v8
+      os: linux

v8.2/overlay-amd64/etc/php/8.2/apache2/conf.d/20-oci8.ini

@@ -0,0 +1 @@
+extension=oci8.so

v8.2/overlay-amd64/etc/php/8.2/cli/conf.d/20-oci8.ini

@@ -0,0 +1 @@
+extension=oci8.so

v8.2/overlay-amd64/etc/php/8.2/fpm/conf.d/20-oci8.ini

@@ -0,0 +1 @@
+extension=oci8.so

v8.2/overlay-amd64/etc/php/8.2/mods-available/oci8.ini

@@ -0,0 +1 @@
+extension=oci8.so

v8.2/overlay-amd64/etc/php/8.2/phpdbg/conf.d/20-oci8.ini

@@ -0,0 +1 @@
+extension=oci8.so

v8.2/overlay/etc/ImageMagick-6/policy.xml

@@ -0,0 +1,69 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policymap [
+<!ELEMENT policymap (policy)+>
+<!ELEMENT policy (#PCDATA)>
+<!ATTLIST policy domain (delegate|coder|filter|path|resource) #IMPLIED>
+<!ATTLIST policy name CDATA #IMPLIED>
+<!ATTLIST policy rights CDATA #IMPLIED>
+<!ATTLIST policy pattern CDATA #IMPLIED>
+<!ATTLIST policy value CDATA #IMPLIED>
+]>
+<!--
+  Configure ImageMagick policies.
+
+  Domains include system, delegate, coder, filter, path, or resource.
+
+  Rights include none, read, write, and execute.  Use | to combine them,
+  for example: "read | write" to permit read from, or write to, a path.
+
+  Use a glob expression as a pattern.
+
+  Suppose we do not want users to process MPEG video images:
+
+    <policy domain="delegate" rights="none" pattern="mpeg:decode" />
+
+  Here we do not want users reading images from HTTP:
+
+    <policy domain="coder" rights="none" pattern="HTTP" />
+
+  Lets prevent users from executing any image filters:
+
+    <policy domain="filter" rights="none" pattern="*" />
+
+  The /repository file system is restricted to read only.  We use a glob
+  expression to match all paths that start with /repository:
+
+    <policy domain="path" rights="read" pattern="/repository/*" />
+
+  Any large image is cached to disk rather than memory:
+
+    <policy domain="resource" name="area" value="1GB"/>
+
+  Define arguments for the memory, map, area, and disk resources with
+  SI prefixes (.e.g 100MB).  In addition, resource policies are maximums for
+  each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
+  exceeds policy maximum so memory limit is 1GB).
+-->
+<policymap>
+  <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
+  <!-- <policy domain="resource" name="memory" value="2GiB"/> -->
+  <!-- <policy domain="resource" name="map" value="4GiB"/> -->
+  <!-- <policy domain="resource" name="area" value="1GB"/> -->
+  <!-- <policy domain="resource" name="disk" value="16EB"/> -->
+  <!-- <policy domain="resource" name="file" value="768"/> -->
+  <!-- <policy domain="resource" name="thread" value="4"/> -->
+  <!-- <policy domain="resource" name="throttle" value="0"/> -->
+  <!-- <policy domain="resource" name="time" value="3600"/> -->
+  <!-- <policy domain="system" name="precision" value="6"/> -->
+  <policy domain="cache" name="shared-secret" value="passphrase"/>
+  <policy domain="coder" rights="none" pattern="EPHEMERAL" />
+  <policy domain="coder" rights="none" pattern="URL" />
+  <policy domain="coder" rights="none" pattern="HTTPS" />
+  <policy domain="coder" rights="none" pattern="MVG" />
+  <policy domain="coder" rights="none" pattern="MSL" />
+  <policy domain="coder" rights="none" pattern="TEXT" />
+  <policy domain="coder" rights="none" pattern="SHOW" />
+  <policy domain="coder" rights="none" pattern="WIN" />
+  <policy domain="coder" rights="none" pattern="PLT" />
+  <policy domain="path" rights="none" pattern="@*" />
+</policymap>

v8.2/overlay/etc/apache2/conf-enabled/security.conf

@@ -0,0 +1,3 @@
+ServerTokens Prod
+ServerSignature Off
+TraceEnable Off

v8.2/overlay/etc/apache2/conf-enabled/servername.conf

@@ -0,0 +1 @@
+ServerName localhost

v8.2/overlay/etc/apache2/sites-enabled/000-default.conf

@@ -0,0 +1,7 @@
+<VirtualHost *:80>
+	ServerAdmin webmaster@localhost
+	DocumentRoot /var/www/owncloud
+
+	ErrorLog /dev/stdout
+	CustomLog ${APACHE_LOGGING_PATH} combined
+</VirtualHost>

v8.2/overlay/etc/apache2/templates/base

@@ -0,0 +1,13 @@
+<VirtualHost *:80>
+	ServerAdmin webmaster@localhost
+	DocumentRoot ${APACHE_WEBROOT}
+
+	ErrorLog /dev/stdout
+	CustomLog ${APACHE_LOGGING_PATH} combined
+
+	<Directory ${APACHE_WEBROOT}>
+		Options Indexes FollowSymLinks MultiViews
+		AllowOverride All
+		Require all granted
+	</Directory>
+</VirtualHost>

v8.2/overlay/etc/apache2/templates/ssl

@@ -0,0 +1,19 @@
+<IfModule mod_ssl.c>
+	<VirtualHost *:443>
+		ServerAdmin webmaster@localhost
+		DocumentRoot ${APACHE_WEBROOT} 
+
+		ErrorLog /dev/stdout
+		CustomLog ${APACHE_LOGGING_PATH} combined
+
+		<Directory ${APACHE_WEBROOT}>
+			Options Indexes FollowSymLinks MultiViews
+			AllowOverride All
+			Require all granted
+		</Directory>
+
+		SSLEngine on
+		SSLCertificateFile	${APACHE_SSL_CERT}
+		SSLCertificateKeyFile	${APACHE_SSL_KEY} 
+	</VirtualHost>
+</IfModule>

v8.2/overlay/etc/apache2/templates/webdav

@@ -0,0 +1,25 @@
+<VirtualHost *:80>
+	DavLockDB "/tmp/lockdb"
+
+	ErrorLog /dev/stdout
+	CustomLog ${APACHE_LOGGING_PATH} combined
+
+	ServerAdmin webmaster@localhost
+	DocumentRoot ${APACHE_WEBROOT}
+	Alias /webdav ${APACHE_WEBROOT}
+
+	<Location /webdav/>
+		DAV on
+		Options +Indexes
+		AuthType Basic
+		AuthName "webdav"
+		AuthUserFile ${APACHE_WEBDAV_AUTHFILE}
+		Require valid-user
+	</Location>
+
+	<Directory ${APACHE_WEBROOT} >
+		Options Indexes FollowSymLinks
+		AllowOverride None
+		Require all granted
+	</Directory>
+</VirtualHost>

v8.2/overlay/etc/ldap/ldap.conf

@@ -0,0 +1 @@
+TLS_REQCERT never

v8.2/overlay/etc/php/8.2/apache2/conf.d/10-opcache-custom.ini

@@ -0,0 +1 @@
+opcache.revalidate_freq=0

v8.2/overlay/etc/php/8.2/cli/conf.d/10-opcache-custom.ini

@@ -0,0 +1 @@
+opcache.revalidate_freq=0

v8.2/overlay/etc/php/8.2/fpm/conf.d/10-opcache-custom.ini

@@ -0,0 +1 @@
+opcache.revalidate_freq=0

v8.2/overlay/etc/php/8.2/mods-available/opcache-custom.ini

@@ -0,0 +1 @@
+opcache.revalidate_freq=0

v8.2/overlay/etc/php/8.2/phpdbg/conf.d/10-opcache-custom.ini

@@ -0,0 +1 @@
+opcache.revalidate_freq=0

v8.2/overlay/root/.bowerrc

@@ -0,0 +1 @@
+{ "allow_root": true }

v8.2/overlay/usr/local/bin/apachectl

@@ -0,0 +1,52 @@
+#!/usr/bin/env bash
+set -eo pipefail
+
+declare -x APACHE_TEMPLATE_PATH
+[[ -z "${APACHE_TEMPLATE_PATH}" ]] && APACHE_TEMPLATE_PATH="/etc/apache2/templates"
+
+declare -x APACHE_CONFIG_TEMPLATE
+[[ -z "${APACHE_CONFIG_TEMPLATE}" ]] && APACHE_CONFIG_TEMPLATE="base"
+
+declare -x APACHE_WEBROOT
+[[ -z "${APACHE_WEBROOT}" ]] && APACHE_WEBROOT="/var/www/owncloud"
+
+declare -x APACHE_SSL_CERT_CN
+[[ -z "${APACHE_SSL_CERT_CN}" ]] && APACHE_SSL_CERT_CN="server"
+
+declare -x APACHE_SSL_CERT
+[[ -z "${APACHE_SSL_CERT}" ]] && APACHE_SSL_CERT="/etc/apache2/ssl/${APACHE_SSL_CERT_CN}.crt"
+
+declare -x APACHE_SSL_KEY
+[[ -z "${APACHE_SSL_KEY}" ]] && APACHE_SSL_KEY="/etc/apache2/ssl/${APACHE_SSL_CERT_CN}.key"
+
+declare -x APACHE_WEBDAV_AUTHFILE
+[[ -z "${APACHE_WEBDAV_AUTHFILE}" ]] && APACHE_WEBDAV_AUTHFILE="/etc/apache2/webdav.auth"
+
+declare -x APACHE_WEBDAV_USERNAME
+[[ -z "${APACHE_WEBDAV_USERNAME}" ]] && APACHE_WEBDAV_USERNAME="username"
+
+declare -x APACHE_WEBDAV_PASSWORD
+[[ -z "${APACHE_WEBDAV_PASSWORD}" ]] && APACHE_WEBDAV_PASSWORD="password"
+
+if [[ ${APACHE_CONFIG_TEMPLATE} == "webdav" ]]; then
+    echo "Creating authentication file..."
+    htpasswd -cb "${APACHE_WEBDAV_AUTHFILE}" "${APACHE_WEBDAV_USERNAME}" "${APACHE_WEBDAV_PASSWORD}"
+    chown www-data:www-data "${APACHE_WEBDAV_AUTHFILE}"
+    chmod 640 "${APACHE_WEBDAV_AUTHFILE}"
+
+    echo "Fixing directory access..."
+    chown www-data:www-data "${APACHE_WEBROOT}"
+fi
+
+if [[ ! -f ${APACHE_SSL_KEY} || ! -f ${APACHE_SSL_CERT} ]]
+then
+    echo "Generating certificates for ${APACHE_SSL_CERT_CN}..."
+    SSL_SUBJ="/C=DE/ST=Bavaria/L=Nuremberg/O=ownCloud GmbH/CN=${APACHE_SSL_CERT_CN}"
+    openssl req -x509 -subj "${SSL_SUBJ}" -sha256 -nodes -days 1825 -newkey rsa:4096 -keyout ${APACHE_SSL_KEY} -out ${APACHE_SSL_CERT}
+fi
+
+echo "Writing apache config..."
+envsubst < ${APACHE_TEMPLATE_PATH}/${APACHE_CONFIG_TEMPLATE} > /etc/apache2/sites-enabled/000-default.conf
+
+echo "Starting apache... "
+exec /usr/sbin/apachectl "$@"