-
Notifications
You must be signed in to change notification settings - Fork 2
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #175 from OpenConext/feature/docker_configs
Feature/docker configs
- Loading branch information
Showing
6 changed files
with
134 additions
and
11 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,48 @@ | ||
name: build-push-docker-image | ||
|
||
#on: workflow_dispatch | ||
on: | ||
push: | ||
branches: feature/docker_configs | ||
workflow_dispatch: | ||
|
||
jobs: | ||
build-push-docker-image: | ||
runs-on: ubuntu-latest | ||
permissions: | ||
packages: write | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v3 | ||
|
||
- name: Get the latest release | ||
id: release | ||
uses: robinraju/[email protected] | ||
with: | ||
latest: true | ||
fileName: "*.tar.bz2" | ||
|
||
- name: Set up QEMU | ||
uses: docker/setup-qemu-action@v2 | ||
|
||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v2 | ||
|
||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@v2 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.repository_owner }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Build and push the Production image | ||
uses: docker/build-push-action@v4 | ||
with: | ||
context: . | ||
file: docker/Dockerfile.prod | ||
platforms: linux/amd64,linux/arm64 | ||
push: true | ||
tags: | | ||
ghcr.io/openconext/stepup-tiqr/stepup-tiqr:prod | ||
ghcr.io/openconext/stepup-tiqr/stepup-tiqr:${{ github.sha }} | ||
ghcr.io/openconext/stepup-tiqr/stepup-tiqr:${{ steps.release.outputs.tag_name }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
monolog: | ||
handlers: | ||
prod-signaler: | ||
type: fingers_crossed | ||
action_level: ERROR | ||
passthru_level: NOTICE # this means that all message of level NOTICE or higher are always logged | ||
handler: main_syslog | ||
bubble: false # if we handle it, nothing else should | ||
main_syslog: | ||
type: stream | ||
path: "php://stderr" | ||
formatter: surfnet_stepup.monolog.json_formatter |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,22 @@ | ||
FROM ghcr.io/openconext/openconext-basecontainers/php72-apache2:latest AS php-build | ||
COPY *.tar.bz2 /tmp/ | ||
RUN tar -xvjf /tmp/*.tar.bz2 -C /var/www/html/ && \ | ||
rm -rf /tmp/*.tar.bz2 | ||
|
||
# Add the application configuration files | ||
COPY config/legacy/parameters.yaml.dist config/legacy/parameters.yaml | ||
COPY config/packages/prod/monolog.yaml.docker config/packages/prod/monolog.yaml | ||
|
||
# TIQR needs some assests to be installed | ||
RUN bin/console assets:install | ||
|
||
# Add the config files for Apache2 | ||
RUN rm -rf /etc/apache2/sites-enabled/* | ||
COPY ./docker/conf/tiqr-apache2.conf /etc/apache2/sites-enabled/tiqr.conf | ||
RUN rm -rf /var/www/html/var/cache/prod && chown -R www-data /var/www/html/var | ||
EXPOSE 80 | ||
|
||
# Set the default workdir | ||
WORKDIR /var/www/html | ||
|
||
ENTRYPOINT ["apache2-foreground"] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
<Virtualhost *:80> | ||
ServerName tiqr | ||
ServerAdmin [email protected] | ||
|
||
DocumentRoot /var/www/html/public | ||
|
||
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1 | ||
|
||
<Directory "/var/www/html/public"> | ||
Require all granted | ||
|
||
Options -MultiViews | ||
RewriteEngine On | ||
RewriteCond %{REQUEST_FILENAME} !-f | ||
RewriteRule ^(.*)$ index.php [QSA,L] | ||
</Directory> | ||
<Location /> | ||
Require all granted | ||
</Location> | ||
|
||
Header always set X-Content-Type-Options "nosniff" | ||
|
||
# Set the php application handler so mod_php interpets the files | ||
<FilesMatch \.php$> | ||
SetHandler application/x-httpd-php | ||
</FilesMatch> | ||
|
||
ExpiresActive on | ||
ExpiresByType font/* "access plus 1 year" | ||
ExpiresByType image/* "access plus 6 months" | ||
ExpiresByType text/css "access plus 1 year" | ||
ExpiresByType text/js "access plus 1 year" | ||
</VirtualHost> |