Skip to content

Commit

Permalink
Docker build: Use the latest actions and upgrade to php8
Browse files Browse the repository at this point in the history
  • Loading branch information
quartje committed Mar 28, 2024
1 parent 71efbd9 commit ecb5c8d
Show file tree
Hide file tree
Showing 3 changed files with 81 additions and 23 deletions.
42 changes: 31 additions & 11 deletions .github/workflows/build-push-docker-image.yml
Original file line number Diff line number Diff line change
@@ -1,6 +1,5 @@
name: build-push-docker-image

#on: workflow_dispatch
on:
push:
branches: feature/docker_configs
Expand All @@ -17,32 +16,53 @@ jobs:

- name: Get the latest release
id: release
uses: robinraju/release-downloader@v1.7
uses: robinraju/release-downloader@v1.9
with:
latest: true
fileName: "*.tar.bz2"

- name: Get commit details for the tag from the latest release
id: commit_details
run: |
GIT_SHA=$(git rev-list -n 1 ${{ steps.release.outputs.tag_name }})
GIT_COMMIT_TIME=$(git show -s --format=%ci ${{ steps.release.outputs.tag_name }})
echo "::set-output name=sha::$GIT_SHA"
echo "::set-output name=commit_time::$GIT_COMMIT_TIME"
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v2
uses: docker/setup-buildx-action@v3

- name: Login to GitHub Container Registry
uses: docker/login-action@v2
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Set docker labels and tags
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/openconext/stepup-ra/stepup-ra
tags: |
type=ref,event=tag
type=semver,pattern={{version}}
type=sha
type=raw,value=prod
- name: Build and push the Production image
uses: docker/build-push-action@v4
uses: docker/build-push-action@v5
with:
context: .
build-args: |
APP_VERSION=${{ steps.release.outputs.tag_name }}
GIT_SHA=${{ steps.commit_details.outputs.sha }}
GIT_COMMIT_TIME=${{ steps.commit_details.outputs.commit_time }}
file: docker/Dockerfile.prod
platforms: linux/amd64,linux/arm64
push: true
tags: |
ghcr.io/openconext/stepup-ra/stepup-ra:prod
ghcr.io/openconext/stepup-ra/stepup-ra:${{ github.sha }}
ghcr.io/openconext/stepup-ra/stepup-ra:${{ steps.release.outputs.tag_name }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
28 changes: 16 additions & 12 deletions docker/Dockerfile.prod
Original file line number Diff line number Diff line change
@@ -1,20 +1,24 @@
FROM ghcr.io/openconext/openconext-basecontainers/php72-apache2:latest AS php-build
FROM ghcr.io/openconext/openconext-basecontainers/php82-apache2:latest
ARG APP_VERSION
ARG GIT_SHA
ARG GIT_COMMIT_TIME
ENV OPENCONEXT_APP_VERSION=${APP_VERSION}
ENV OPENCONEXT_GIT_SHA=${GIT_SHA}
ENV OPENCONEXT_COMMIT_DATE=${GIT_COMMIT_TIME}

# Set the default workdir
WORKDIR /var/www/html
COPY *.tar.bz2 /tmp/
RUN tar -xvjf /tmp/*.tar.bz2 -C /var/www/html/ && \
rm -rf /tmp/*.tar.bz2

# Add the application configuration files
COPY config/legacy/parameters.yaml.dist config/legacy/parameters.yaml
COPY config/legacy/samlstepupproviders_parameters.yaml.dist config/legacy/samlstepupproviders_parameters.yaml
COPY config/packages/prod/monolog.yaml.docker config/packages/prod/monolog.yaml

COPY config/openconext/parameters.yaml.dist config/openconext/parameters.yaml
COPY config/openconext/samlstepupproviders_parameters.yaml.dist config/openconext/samlstepupproviders_parameters.yaml

# Add the config files for Apache2
RUN rm -rf /etc/apache2/sites-enabled/*
COPY ./docker/conf/ra-apache2.conf /etc/apache2/sites-enabled/ra.conf
RUN rm -rf /var/www/html/var/cache/prod && chown -R www-data /var/www/html/var

# Set the default workdir
WORKDIR /var/www/html

CMD ["apache2-foreground"]
COPY ./docker/conf/apache2.conf /etc/apache2/sites-enabled/apache2.conf
RUN rm -rf /var/www/html/var/cache/prod && \
mkdir -p /var/www/html/var/cache/ && \
chown -R www-data /var/www/html/var
34 changes: 34 additions & 0 deletions docker/conf/apache2.conf
Original file line number Diff line number Diff line change
@@ -0,0 +1,34 @@
<Virtualhost *:80>
ServerName ra
ServerAdmin [email protected]

DocumentRoot /var/www/html/public

SetEnv HTTPS on
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1

<Directory "/var/www/html/public">
Require all granted

Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ index.php [QSA,L]
</Directory>
<Location />
Require all granted
</Location>

Header always set X-Content-Type-Options "nosniff"

# Set the php application handler so mod_php interpets the files
<FilesMatch \.php$>
SetHandler application/x-httpd-php
</FilesMatch>

ExpiresActive on
ExpiresByType font/* "access plus 1 year"
ExpiresByType image/* "access plus 6 months"
ExpiresByType text/css "access plus 1 year"
ExpiresByType text/js "access plus 1 year"
</VirtualHost>

0 comments on commit ecb5c8d

Please sign in to comment.