From 013978de70f642e2909d2a7223889b5f5ac9c9b0 Mon Sep 17 00:00:00 2001 From: Petr Heinz Date: Thu, 3 May 2018 13:43:54 +0200 Subject: [PATCH] switched from phpdockerio/php72-fpm to official php image (in version 7.2-fpm-alpine) - Alpine linux uses apk instead of apt-get - default UID for user "www-data" is 82 on Alpine linux instead of 33 - there is no bash installed, use sh instead --- CHANGELOG.md | 1 + docker/conf/docker-compose-mac.yml.dist | 2 +- docker/conf/docker-compose.yml.dist | 2 +- docs/cookbook/jenkins-configuration.md | 6 +- docs/docker/docker-troubleshooting.md | 2 +- ...allation-using-docker-application-setup.md | 2 +- .../installation-using-docker-linux.md | 8 +- .../installation-using-docker-macos.md | 8 +- docs/introduction/running-acceptance-tests.md | 2 +- project-base/CHANGELOG.md | 6 + .../docker/conf/docker-compose-mac.yml.dist | 2 +- .../docker/conf/docker-compose.yml.dist | 2 +- project-base/docker/php-fpm/Dockerfile | 103 ++++++++---------- .../docker/php-fpm/docker-install-composer | 20 ++++ .../docker/php-fpm/php-ini-overrides.ini | 4 +- 15 files changed, 95 insertions(+), 75 deletions(-) create mode 100644 project-base/docker/php-fpm/docker-install-composer diff --git a/CHANGELOG.md b/CHANGELOG.md index f73badd47bc..c332b3ca90e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -31,6 +31,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. - Docker installation supported on Linux, MacOS and Windows 10 Pro and higher (recommended way of installing the application) - native installation is also supported (recommended on Windows 10 Home and lower) - as a rule, using minor versions of docker images (eg. `1.2` or `1.2-alpine`) if possible (@MattCzerner) +- docs and `docker-compose.yml` templates reflect [changes of Docker images in shopsys/project-base](./project-base/CHANGELOG.md) (@PetrHeinz, @MattCzerner) ### Fixed - documentation: missing redis extension in required php extensions (@pk16011990) diff --git a/docker/conf/docker-compose-mac.yml.dist b/docker/conf/docker-compose-mac.yml.dist index 8ba229d9752..8fa49c8ad0f 100644 --- a/docker/conf/docker-compose-mac.yml.dist +++ b/docker/conf/docker-compose-mac.yml.dist @@ -29,7 +29,7 @@ services: working_dir: /var/www/shopsys-framework volumes: - shopsys-framework-sync:/var/www/shopsys-framework - - ./project-base/docker/php-fpm/php-ini-overrides.ini:/etc/php/7.1/fpm/conf.d/99-overrides.ini + - ./project-base/docker/php-fpm/php-ini-overrides.ini:/usr/local/etc/php/php.ini links: - postgres - redis diff --git a/docker/conf/docker-compose.yml.dist b/docker/conf/docker-compose.yml.dist index e7e60e9eb0c..a455c4292bc 100644 --- a/docker/conf/docker-compose.yml.dist +++ b/docker/conf/docker-compose.yml.dist @@ -29,7 +29,7 @@ services: working_dir: /var/www/shopsys-framework volumes: - .:/var/www/shopsys-framework - - ./project-base/docker/php-fpm/php-ini-overrides.ini:/etc/php/7.1/fpm/conf.d/99-overrides.ini + - ./project-base/docker/php-fpm/php-ini-overrides.ini:/usr/local/etc/php/php.ini links: - postgres - redis diff --git a/docs/cookbook/jenkins-configuration.md b/docs/cookbook/jenkins-configuration.md index 4c7b02cc82a..ce7ea907068 100644 --- a/docs/cookbook/jenkins-configuration.md +++ b/docs/cookbook/jenkins-configuration.md @@ -357,9 +357,9 @@ correct permissions for all application files. We can use `setfacl` command, which can apply multiple permission rules onto folder and make it accessible for multiple users. ``` -# Allow user with UID 33 (user "www-data" in container "php-fpm") read and write all project files -/usr/bin/docker exec $JOB_NAME-shopsys-framework-php-fpm setfacl -R -m user:33:rwX -m mask:rwX . -/usr/bin/docker exec $JOB_NAME-shopsys-framework-php-fpm setfacl -dR -m user:33:rwX -m mask:rwX . +# Allow user with UID 82 (user "www-data" in container "php-fpm") read and write all project files +/usr/bin/docker exec $JOB_NAME-shopsys-framework-php-fpm setfacl -R -m user:82:rwX -m mask:rwX . +/usr/bin/docker exec $JOB_NAME-shopsys-framework-php-fpm setfacl -dR -m user:82:rwX -m mask:rwX . # Allow user with UID 100 (user "nginx" in container "webserver") read files in "web" directory /usr/bin/docker exec $JOB_NAME-shopsys-framework-php-fpm setfacl -R -m user:100:rX ./project-base/web diff --git a/docs/docker/docker-troubleshooting.md b/docs/docker/docker-troubleshooting.md index a5bd2afddc7..0cf2fc948a9 100644 --- a/docs/docker/docker-troubleshooting.md +++ b/docs/docker/docker-troubleshooting.md @@ -83,7 +83,7 @@ Remember that after changing these you need to do few things differently. for instance, if your new container name is `my-new-project-name-php-fpm` you need to execute ``` -docker exec -it my-new-project-name-php-fpm bash +docker exec -it my-new-project-name-php-fpm sh ``` ## Update of Dockerfile is not Reflected diff --git a/docs/installation/installation-using-docker-application-setup.md b/docs/installation/installation-using-docker-application-setup.md index 07a64bd3219..f798765c7bd 100644 --- a/docs/installation/installation-using-docker-application-setup.md +++ b/docs/installation/installation-using-docker-application-setup.md @@ -8,7 +8,7 @@ Now that the Docker environment is prepared we can setup the application itself. ### 1.1. Connect into terminal of the Docker container ``` -docker exec -it shopsys-framework-php-fpm bash +docker exec -it shopsys-framework-php-fpm sh ``` ### 1.2. Install dependencies and configure parameters diff --git a/docs/installation/installation-using-docker-linux.md b/docs/installation/installation-using-docker-linux.md index 003694a10fb..ea1166bb25b 100644 --- a/docs/installation/installation-using-docker-linux.md +++ b/docs/installation/installation-using-docker-linux.md @@ -48,13 +48,13 @@ sudo setfacl -dR -m user:`whoami`:rwX -m mask:rwX . #### 4.2. Grant system users inside the container the required permissions ##### Connect into terminal of the Docker container ``` -docker exec -it shopsys-framework-php-fpm bash +docker exec -it shopsys-framework-php-fpm sh ``` -##### Allow user with UID 33 ("www-data" in "php-fpm" container) read and write all project files +##### Allow user with UID 82 ("www-data" in "php-fpm" container) read and write all project files ``` -setfacl -R -m user:33:rwX -m mask:rwX . -setfacl -dR -m user:33:rwX -m mask:rwX . +setfacl -R -m user:82:rwX -m mask:rwX . +setfacl -dR -m user:82:rwX -m mask:rwX . ``` ##### Allow user with UID 100 ("nginx" in "webserver" container) read files in "web" directory diff --git a/docs/installation/installation-using-docker-macos.md b/docs/installation/installation-using-docker-macos.md index ac73e5fb332..103da3d147b 100644 --- a/docs/installation/installation-using-docker-macos.md +++ b/docs/installation/installation-using-docker-macos.md @@ -50,13 +50,13 @@ docker-compose up -d Grant system users inside the container the required permissions #### Connect into terminal of the Docker container ``` -docker exec -it shopsys-framework-php-fpm bash +docker exec -it shopsys-framework-php-fpm sh ``` -#### Allow user with UID 33 ("www-data" in "php-fpm" container) read and write all project files +#### Allow user with UID 82 ("www-data" in "php-fpm" container) read and write all project files ``` -setfacl -R -m user:33:rwX -m mask:rwX . -setfacl -dR -m user:33:rwX -m mask:rwX . +setfacl -R -m user:82:rwX -m mask:rwX . +setfacl -dR -m user:82:rwX -m mask:rwX . ``` #### Allow user with UID 100 ("nginx" in "webserver" container) read files in "web" directory diff --git a/docs/introduction/running-acceptance-tests.md b/docs/introduction/running-acceptance-tests.md index e60e33b9397..ee8e2d30cdc 100644 --- a/docs/introduction/running-acceptance-tests.md +++ b/docs/introduction/running-acceptance-tests.md @@ -5,7 +5,7 @@ There is `selenium-server` container with installed Selenium hub and Google Chro You should run all command mentioned below while logged into your `php-fpm` container via command: ``` -docker exec -it shopsys-framework-php-fpm bash +docker exec -it shopsys-framework-php-fpm sh ``` *Note: For `selenium-server` to be able to connect to you `webserver` container and access your application, all domains should have URL set to `http://webserver:8000`.* diff --git a/project-base/CHANGELOG.md b/project-base/CHANGELOG.md index b37f01bd747..5707553b910 100644 --- a/project-base/CHANGELOG.md +++ b/project-base/CHANGELOG.md @@ -15,6 +15,11 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. - Dependency Injection strict mode is now enabled (@EdoBarnas) - disables autowiring features that were removed in Symfony 4 - as a rule, using minor versions of docker images (eg. `1.2` or `1.2-alpine`) if possible (@MattCzerner) +- switched to Docker image `php:7.2-fpm-alpine` instead of `phpdockerio/php72-fpm:latest` (@PetrHeinz, @MattCzerner) + - official PHP Docker image is much more stable and provides tags other than `latest` + - built on Alpine linux which uses `apk` instead of `apt-get` + - in the container there is no `bash` installed, use `sh` instead + - the default UID for user `www-data` is 82 on Alpine linux instead of 33 ### Removed - support of installation using Docker for Windows 10 Home and lower (@TomasLudvik) @@ -25,6 +30,7 @@ and this project adheres to [Semantic Versioning](http://semver.org/spec/v2.0.0. - see https://github.com/symfony/swiftmailer-bundle/commit/5edfbd39eaefb176922a346c16b0ae3aaeec87e0 - the new setting requires array instead of string so the parameter `mailer_master_email_address` is wrapped into array in config - `FpJsFormValidator` error in console on FE order pages (@vitek-rostislav) +- failure during Docker image build triggered by `E: Unable to locate package postgresql-client-9.5` (@PetrHeinz, @MattCzerner) ## 7.0.0-alpha1 - 2018-04-12 - We are releasing version 7 (open-source project known as Shopsys Framework) to better distinguish it from Shopsys 6 diff --git a/project-base/docker/conf/docker-compose-mac.yml.dist b/project-base/docker/conf/docker-compose-mac.yml.dist index 4becaafd7b3..d218532f199 100644 --- a/project-base/docker/conf/docker-compose-mac.yml.dist +++ b/project-base/docker/conf/docker-compose-mac.yml.dist @@ -29,7 +29,7 @@ services: working_dir: /var/www/shopsys-framework volumes: - shopsys-framework-sync:/var/www/shopsys-framework - - ./docker/php-fpm/php-ini-overrides.ini:/etc/php/7.1/fpm/conf.d/99-overrides.ini + - ./docker/php-fpm/php-ini-overrides.ini:/usr/local/etc/php/php.ini links: - postgres - redis diff --git a/project-base/docker/conf/docker-compose.yml.dist b/project-base/docker/conf/docker-compose.yml.dist index 7bd98cce6be..28a2f9777c6 100644 --- a/project-base/docker/conf/docker-compose.yml.dist +++ b/project-base/docker/conf/docker-compose.yml.dist @@ -29,7 +29,7 @@ services: working_dir: /var/www/shopsys-framework volumes: - .:/var/www/shopsys-framework - - ./docker/php-fpm/php-ini-overrides.ini:/etc/php/7.1/fpm/conf.d/99-overrides.ini + - ./docker/php-fpm/php-ini-overrides.ini:/usr/local/etc/php/php.ini links: - postgres - redis diff --git a/project-base/docker/php-fpm/Dockerfile b/project-base/docker/php-fpm/Dockerfile index 582958c5d40..8002872e8d5 100644 --- a/project-base/docker/php-fpm/Dockerfile +++ b/project-base/docker/php-fpm/Dockerfile @@ -1,58 +1,51 @@ -FROM phpdockerio/php72-fpm:latest - -# Switch to non-interactive mode during image build to silence some warnings. -# See https://github.com/moby/moby/issues/4032 -ARG DEBIAN_FRONTEND=noninteractive - -# Install packages are useful when working in the container in interactive mode. -RUN apt-get update && apt-get -y install apt-utils dialog - -# Install ACL support (ie. tools like "setfacl"). -RUN apt-get update && apt-get -y install acl - -# Install Git - it is necessary for code diffs -RUN apt-get update && apt-get -y install git +FROM php:7.2-fpm-alpine + +# install git for computing diffs +RUN apk add --update git + +# install Composer +COPY docker-install-composer /usr/local/bin/docker-install-composer +RUN chmod +x /usr/local/bin/docker-install-composer && docker-install-composer + +# libpng-dev needed by "gd" extension +# icu-dev needed by "intl" extension +# postgresql-dev needed by "pgsql" extension +# libzip-dev needed by "zip" extension +# autoconf needed by "redis" extension +RUN apk add --update \ + libpng-dev \ + icu-dev \ + postgresql-dev \ + libzip-dev \ + autoconf + +# "zip" extension warns about deprecation if we do not use a system library +RUN docker-php-ext-configure zip --with-libzip + +# install necessary PHP extensions requested by Composer +RUN docker-php-ext-install \ + bcmath \ + gd \ + intl \ + opcache \ + pgsql \ + pdo_pgsql \ + zip + +# redis PHP extension is not provided with the PHP source and must be installed via PECL, build-base used only for installation +RUN apk add --update build-base && pecl install redis-4.0.2 && docker-php-ext-enable redis && apk del build-base + +# install npm +RUN apk add --update nodejs-npm + +# install grunt-cli using npm to be able to run grunt watch +RUN npm install -g grunt-cli -# Install PostgreSQL client for dumping database -RUN apt-get update && apt-get -y install postgresql-client-9.5 +# install postgresql to allow execution of pg_dump for acceptance tests (using older repository to install version 9.5) +RUN apk add --update --no-cache --repository https://dl-3.alpinelinux.org/alpine/v3.4/main "postgresql<9.6" -# Install locales and switch to en_US.utf8 in order to enable UTF-8 support. -# See https://perlgeek.de/en/article/set-up-a-clean-utf8-environment -RUN apt-get update && apt-get -y install locales-all +# install locales and switch to en_US.utf8 in order to enable UTF-8 support +# see https://github.com/docker-library/php/issues/240#issuecomment-305038173 +RUN apk add --update --no-cache --repository https://dl-3.alpinelinux.org/alpine/edge/testing gnu-libiconv +ENV LD_PRELOAD /usr/lib/preloadable_libiconv.so php ENV LC_ALL=en_US.utf8 LANG=en_US.utf8 LANGUAGE=en_US.utf8 - -# Install required PHP extensions -RUN apt-get update && apt-get -y --no-install-recommends install \ - php7.2-bcmath \ - php7.2-ctype \ - php7.2-curl \ - php7.2-fpm \ - php7.2-gd \ - php7.2-iconv \ - php7.2-intl \ - php7.2-json \ - php7.2-mbstring \ - php7.2-opcache \ - php7.2-pdo \ - php7.2-pgsql \ - php7.2-redis \ - php7.2-simplexml \ - php7.2-soap \ - php7.2-xml \ - php7.2-zip - -# Install Composer -RUN php -r "copy('https://getcomposer.org/download/1.5.1/composer.phar', '/usr/local/bin/composer');" \ - && php -r "if (hash_file('SHA384', '/usr/local/bin/composer') === 'fd3800adeff12dde28e9238d2bb82ba6f887bc6d718eee3e3a5d4f70685a236b9e96afd01aeb0dbab8ae6211caeb1cbe') {echo 'Composer installed';} else {echo 'Hash invalid for downloaded composer.phar'; exit(1);}" \ - && chmod 0755 /usr/local/bin/composer \ - && /usr/local/bin/composer selfupdate --stable - -# Install Node.js v6 from NodeSource repository that also contains NPM. -# See https://nodejs.org/en/download/package-manager/#debian-and-ubuntu-based-linux-distributions -RUN curl -sL https://deb.nodesource.com/setup_6.x | bash - \ - && apt-get update && apt-get -y install nodejs=6.* - -# Install grunt-cli using npm to be able to run grunt watch. -RUN npm install -g grunt-cli - -WORKDIR "/var/www/shopsys-framework" diff --git a/project-base/docker/php-fpm/docker-install-composer b/project-base/docker/php-fpm/docker-install-composer new file mode 100644 index 00000000000..44d051c36f0 --- /dev/null +++ b/project-base/docker/php-fpm/docker-install-composer @@ -0,0 +1,20 @@ +#!/bin/sh + +# copied from https://getcomposer.org/doc/faqs/how-to-install-composer-programmatically.md +# option --filename=composer is used so it can be called without the .phar extension + +EXPECTED_SIGNATURE="$(wget -q -O - https://composer.github.io/installer.sig)" +php -r "copy('https://getcomposer.org/installer', 'composer-setup.php');" +ACTUAL_SIGNATURE="$(php -r "echo hash_file('SHA384', 'composer-setup.php');")" + +if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ] +then + >&2 echo 'ERROR: Invalid installer signature' + rm composer-setup.php + exit 1 +fi + +php composer-setup.php --quiet --install-dir=/usr/local/bin --filename=composer +RESULT=$? +rm composer-setup.php +exit $RESULT diff --git a/project-base/docker/php-fpm/php-ini-overrides.ini b/project-base/docker/php-fpm/php-ini-overrides.ini index e53431b86d2..c77ded8d093 100644 --- a/project-base/docker/php-fpm/php-ini-overrides.ini +++ b/project-base/docker/php-fpm/php-ini-overrides.ini @@ -1,5 +1,5 @@ date.timezone = ${TIMEZONE} -memory_limit = 256M; +memory_limit = 512M; ; do not allow