From 4d01411b82475e7434cb37f4c8dc9d1a2db73e31 Mon Sep 17 00:00:00 2001 From: Ambroise Maupate Date: Tue, 26 Nov 2024 17:22:20 +0100 Subject: [PATCH] fix: Do not use SSH keys volumes to share credentials between host and container, use `COMPOSER_DEPLOY_TOKEN` --- Dockerfile | 14 +++++++++++--- README.md | 15 +++++++++------ compose.override.yml.dist | 11 +++++++---- 3 files changed, 27 insertions(+), 13 deletions(-) diff --git a/Dockerfile b/Dockerfile index c6429c1..0279b73 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG PHP_VERSION=8.3.13 +ARG PHP_VERSION=8.3.14 ARG MYSQL_VERSION=8.0.40 ARG SOLR_VERSION=9 ARG VARNISH_VERSION=7.1 @@ -56,7 +56,6 @@ curl -sSLf https://github.com/mlocati/docker-php-extension-installer/releases/l chmod +x /usr/local/bin/install-php-extensions install-php-extensions \ @composer-${COMPOSER_VERSION} \ - amqp \ bcmath \ exif \ fileinfo \ @@ -71,7 +70,6 @@ install-php-extensions \ pcntl \ pdo_mysql \ simplexml \ - soap \ xsl \ zip \ redis-${PHP_EXTENSION_REDIS_VERSION} @@ -85,6 +83,11 @@ WORKDIR /var/www/html FROM php AS php-dev +# If you depend on private Gitlab repositories, you must use a deploy token and username +# to use composer commands inside you +#ARG COMPOSER_DEPLOY_TOKEN +#ARG COMPOSER_DEPLOY_TOKEN_USER="gitlab+deploy-token-1" + ENV APP_ENV=dev ENV APP_RUNTIME_ENV=dev ENV APP_DEBUG=1 @@ -101,12 +104,17 @@ apt-get --quiet --yes --purge --autoremove upgrade # Packages - System apt-get --quiet --yes --no-install-recommends --verbose-versions install make rm -rf /var/lib/apt/lists/* +# Prepare folder to install composer credentials +install --owner=www-data --group=www-data --mode=755 --directory /var/www/.composer EOF VOLUME /var/www/html USER www-data +# If you depend on private Gitlab repositories, you must use a deploy token and username +#RUN composer config --global gitlab-token.gitlab.rezo-zero.com ${COMPOSER_DEPLOY_TOKEN_USER} ${COMPOSER_DEPLOY_TOKEN} + ################## # PHP Production # diff --git a/README.md b/README.md index 077412c..de20468 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,8 @@ Edit your `.env.local` and `docker-compose.yml` files according to your local en ```shell # Copy override file to customize your local environment cp compose.override.yml.dist compose.override.yml - +# Do not forget to add your COMPOSER_DEPLOY_TOKEN and COMPOSER_DEPLOY_TOKEN_USER +# in compose.override.yml to configure your container to fetch private repositories. docker compose build docker compose up -d --force-recreate ``` @@ -49,7 +50,7 @@ your app container to install your dependencies. ```shell # This command will run once APP container to install your dependencies without starting other services -docker compose run --rm --no-deps --entrypoint= app composer install +docker compose run --rm --no-deps --entrypoint= app composer install -o ``` To access your app services, you will have to expose ports locally in your `compose.override.yml` file. @@ -77,11 +78,13 @@ services: pma: ports: - ${PUBLIC_PMA_PORT}:80/tcp + # If you depend on private Gitlab repositories, you must use a deploy token and username #app: - # # If your project requires private package you can share your ssh keys with the container - # volumes: - # - ./:/var/www/html:cached - # - /home/my-user/.ssh/id_ed25519:/home/www-data/.ssh/id_ed25519:ro + # build: + # args: + # USER_UID: ${USER_UID} + # COMPOSER_DEPLOY_TOKEN: xxxxxxxxxxxxx + # COMPOSER_DEPLOY_TOKEN_USER: "gitlab+deploy-token-1" #solr: # ports: diff --git a/compose.override.yml.dist b/compose.override.yml.dist index 7025620..1acd861 100644 --- a/compose.override.yml.dist +++ b/compose.override.yml.dist @@ -15,11 +15,14 @@ services: pma: ports: - ${PUBLIC_PMA_PORT}:80/tcp + + # If you depend on private Gitlab repositories, you must use a deploy token and username #app: - # # If your project requires private package you can share your ssh keys with the container - # volumes: - # - ./:/var/www/html - # - /home/my-user/.ssh/id_ed25519:/home/www-data/.ssh/id_ed25519:ro + # build: + # args: + # USER_UID: ${USER_UID} + # COMPOSER_DEPLOY_TOKEN: xxxxxxxxxxxxx + # COMPOSER_DEPLOY_TOKEN_USER: "gitlab+deploy-token-1" #solr: # ports: