feat: Migrate Dockerfile to multi-stage build and get rid of `roadiz/…

…php83-fpm-alpine` base image BREAKING CHANGE: Base PHP image is now `php:8.3.13-fpm-bookworm`
roadiz · Nov 14, 2024 · d2f3899 · d2f3899
1 parent dcbf346
commit d2f3899
Show file tree

Hide file tree

Showing 20 changed files with 349 additions and 316 deletions.
diff --git a/.dockerignore b/.dockerignore
@@ -1,5 +1,3 @@
-# Ignore Roadiz tools and cache for
-# creating a docker image
 .dockerignore
 .DS_Store
 .git
@@ -14,54 +12,37 @@ tests
 README.md
 Dockerfile
 Dockerfile.archive
-compose.yml
-compose.env
-compose.standalone.yml
-compose.override.yml
-compose.override.yml.dist
+compose.*
+sonar-project.properties
 
 */temp*
 */*/temp*
-docker
-.vagrant
-var/sessions/*
-var/log/*
-var/cache/*
-var/secret/*
+var
 /config/secrets/prod/prod.decrypt.private.php
 /config/secrets/prod/prod.encrypt.private.php
-var/*.zip
-var/*.sql
-var/*.tar.gz
 *.zip
 *.sql
 *.log
+*.tar
 *.tar.gz
-themes/*/build
-themes/*/node_modules
-themes/*/app
 */*/*/node_modules
 files/*
 public/files/*
 */*/*/src-img
 */*/src-img
 */*.log
-Vagrantfile
-pimple.json
+.phpcs-cache
 supervisord.pid
 project_env.sh
-.phpcs-cache
+.php-cs-fixer.cache
+vendor
+Makefile
+.editorconfig
+.gitignore
+phpcs.*
+phpstan.*
+restic.*
 
 !.env
-!vendor
-!docker/solr/managed-schema.xml
-!docker/php-fpm-alpine/crontab.txt
-!docker/php-fpm-alpine/docker-php-entrypoint
-!docker/php-fpm-alpine/docker-php-entrypoint-dev
-!docker/php-fpm-alpine/docker-cron-entrypoint
-!docker/php-fpm-alpine/docker-cron-entrypoint-dev
-!docker/php-fpm-alpine/php.ini
-!docker/php-fpm-alpine/php.prod.ini
-!docker/php-fpm-alpine/wait-for-it.sh
 !public/themes/*
 
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
@@ -1,11 +1,6 @@
-# Gitlab CI
-# Replace “roadiz_skeleton” with your project slug
-image: roadiz/php83-runner
-
 stages:
     - test
     - build
-    - deploy
     - release
 
 # AutoDevOps templates for security
@@ -20,6 +15,7 @@ variables:
     SENTRY_URL: ""
 
 roadiz_skeleton_test:
+    image: roadiz/php83-runner
     stage: test
     interruptible: true
     only:
@@ -50,33 +46,8 @@ roadiz_skeleton_test:
         - php -d memory_limit=-1 vendor/bin/phpstan analyse -c phpstan.neon
         - php -d memory_limit=-1 vendor/bin/phpunit --colors=never
 
-roadiz_skeleton_build:
+roadiz_skeleton_build_develop:
     stage: build
-    interruptible: true
-    only:
-        - develop
-        - tags
-    cache:
-        key: ${CI_COMMIT_REF_SLUG}
-        paths:
-            - vendor/
-    variables:
-        # temporary vars for composer scripts only
-        APP_ENV: prod
-        JWT_PASSPHRASE: changeme
-        APP_SECRET: changeme
-    artifacts:
-        expire_in: 1 hour
-        paths:
-            - vendor/
-            # Keep themes assets to include them in docker image
-            - public/themes/
-            - public/bundles/
-    script:
-        - composer install --no-dev --optimize-autoloader
-
-roadiz_skeleton_dev_docker:
-    stage: deploy
     image: docker:git
     # Create a docker image only when a new tag is pushed
     only:
@@ -87,32 +58,30 @@ roadiz_skeleton_dev_docker:
         DOCKER_DRIVER: overlay2
         DOCKER_TLS_CERTDIR: "/certs"
     when: on_success
-    needs: ["roadiz_skeleton_build"]
-    dependencies: ["roadiz_skeleton_build"]
     script:
         # Connect to your Gitlab Registry
         - "echo \"Registry image: ${CI_REGISTRY_IMAGE} for develop\""
         - "docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}"
         # App image build
-        - "docker build -t ${CI_REGISTRY_IMAGE}:develop ."
+        - "docker build --target=php-prod -t ${CI_REGISTRY_IMAGE}:develop ."
         - "docker push ${CI_REGISTRY_IMAGE}:develop"
         ## Solr image build
-        #- "docker build -t ${CI_REGISTRY_IMAGE}/solr:develop ./docker/solr"
+        #- "docker build --target=solr -t ${CI_REGISTRY_IMAGE}/solr:develop ."
         #- "docker push ${CI_REGISTRY_IMAGE}/solr:develop"
         # Nginx image build
-        - "docker build -t ${CI_REGISTRY_IMAGE}/nginx:develop -f docker/nginx/Dockerfile ."
+        - "docker build --target=nginx-prod -t ${CI_REGISTRY_IMAGE}/nginx:develop ."
         - "docker push ${CI_REGISTRY_IMAGE}/nginx:develop"
         # Varnish image build
-        - "docker build -t ${CI_REGISTRY_IMAGE}/varnish:develop ./docker/varnish"
+        - "docker build --target=varnish -t ${CI_REGISTRY_IMAGE}/varnish:develop ."
         - "docker push ${CI_REGISTRY_IMAGE}/varnish:develop"
 
 #
 # Build App docker image with vendor and built assets
 # included. You must configure your Gitlab Runner to
 # support Docker-in-docker commands.
 #
-roadiz_skeleton_docker:
-    stage: deploy
+roadiz_skeleton_build_tag:
+    stage: build
     image: docker:git
     # Create a docker image only when a new tag is pushed
     only:
@@ -123,29 +92,27 @@ roadiz_skeleton_docker:
         DOCKER_DRIVER: overlay2
         DOCKER_TLS_CERTDIR: "/certs"
     when: on_success
-    needs: ["roadiz_skeleton_build"]
-    dependencies: ["roadiz_skeleton_build"]
-    before_script:
-        # Need curl for pushing release to Sentry
-        #- apk add curl
+#    before_script:
+#        # Need curl for pushing release to Sentry
+#        - apk add curl
     script:
         # Connect to your Gitlab Registry
         - "echo \"Registry image: ${CI_REGISTRY_IMAGE} for tag ${CI_COMMIT_TAG}\""
         - "docker login -u gitlab-ci-token -p ${CI_JOB_TOKEN} ${CI_REGISTRY}"
         # App image build
-        - "docker build -t ${CI_REGISTRY_IMAGE}:latest -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG} ."
+        - "docker build --target=php-prod -t ${CI_REGISTRY_IMAGE}:latest -t ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG} ."
         - "docker push ${CI_REGISTRY_IMAGE}:latest"
         - "docker push ${CI_REGISTRY_IMAGE}:${CI_COMMIT_TAG}"
         ## Solr image build
-        #- "docker build -t ${CI_REGISTRY_IMAGE}/solr:latest -t ${CI_REGISTRY_IMAGE}/solr:${CI_COMMIT_TAG} ./docker/solr"
+        #- "docker build --target=solr -t ${CI_REGISTRY_IMAGE}/solr:latest -t ${CI_REGISTRY_IMAGE}/solr:${CI_COMMIT_TAG} ."
         #- "docker push ${CI_REGISTRY_IMAGE}/solr:latest"
         #- "docker push ${CI_REGISTRY_IMAGE}/solr:${CI_COMMIT_TAG}"
         # Nginx image build
-        - "docker build -t ${CI_REGISTRY_IMAGE}/nginx:latest -t ${CI_REGISTRY_IMAGE}/nginx:${CI_COMMIT_TAG} -f docker/nginx/Dockerfile ."
+        - "docker build --target=nginx-prod -t ${CI_REGISTRY_IMAGE}/nginx:latest -t ${CI_REGISTRY_IMAGE}/nginx:${CI_COMMIT_TAG} ."
         - "docker push ${CI_REGISTRY_IMAGE}/nginx:latest"
         - "docker push ${CI_REGISTRY_IMAGE}/nginx:${CI_COMMIT_TAG}"
         # Varnish image build
-        - "docker build -t ${CI_REGISTRY_IMAGE}/varnish:latest -t ${CI_REGISTRY_IMAGE}/varnish:${CI_COMMIT_TAG} ./docker/varnish"
+        - "docker build --target=varnish -t ${CI_REGISTRY_IMAGE}/varnish:latest -t ${CI_REGISTRY_IMAGE}/varnish:${CI_COMMIT_TAG} ."
         - "docker push ${CI_REGISTRY_IMAGE}/varnish:latest"
         - "docker push ${CI_REGISTRY_IMAGE}/varnish:${CI_COMMIT_TAG}"
         # Create Release on your app on Sentry
@@ -158,7 +125,7 @@ create_gitlab_release:
         - if: $CI_COMMIT_TAG
     script:
         - echo "Running the release job."
-    needs: [ "roadiz_skeleton_docker" ]
+    needs: [ "roadiz_skeleton_build_tag" ]
     when: on_success
     release:
         tag_name: $CI_COMMIT_TAG