-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathDockerfile
180 lines (148 loc) · 6.29 KB
/
Dockerfile
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
ARG IMAGE_VERSION="latest"
ARG PHP_VERSION="7.2"
ARG ALPINE_VERSION="3.8"
# ALPINE_VERSION defines the Firefox version.
# PHP maintaners only build PHP images for a couple variants of "selected" ALPINE_VERSION's.
#
# See list here:
# PHP 7.2: https://hub.docker.com/_/php?tab=tags&page=1&name=7.2-fpm-alpine
# PHP 7.3: https://hub.docker.com/_/php?tab=tags&page=1&name=7.3-fpm-alpine
#
# Check out Firefox Versions in Alpine releases:
# https://pkgs.alpinelinux.org/packages?name=firefox-esr&branch=v3.5
#
# Alpine 3.5 - firefox-esr 45 - works with selenium 2.53
# Alpine 3.6 - firefox-esr 52.5 - works with selenium 2.53
# Alpine 3.7 - firefox-esr 52.8 - works with selenium 2.53
# Alpine 3.8 - firefox-esr 52.9 - works with selenium 2.53
# Alpine 3.9 - firefox-esr 52.9 - works with selenium 2.53
# Alpine 3.10 - firefox-esr 60
# Alpine 3.12 - firefox-esr 78
# Alpine 3.14 - firefox-esr 89
# -------------------------------------------------------------------------
FROM php:${PHP_VERSION}-fpm-alpine${ALPINE_VERSION} as builder
MAINTAINER Remus Lazar <[email protected]>
ARG S6_VERSION="1.21.2.2"
# Defaults:
ENV \
COMPOSER_MAJOR_VERSION=2 \
COMPOSER_ALLOW_SUPERUSER=1 \
COMPOSER_INSTALL_PARAMS="--prefer-dist --no-progress"
# User / Group for www-data user. Keep 1000:50 for being able to mount local volumes and having access to it
ARG UID="1000"
ARG GID="50"
# Set default values for env vars used in init scripts, override them if needed
ENV \
WWW_PORT=80 \
DB_DATABASE=db \
DB_HOST=db \
DB_USER=admin \
DB_PASS=pass \
VERSION=master
# Basic build-time metadata as defined at http://label-schema.org
LABEL org.label-schema.docker.dockerfile="/Dockerfile" \
org.label-schema.license="MIT" \
org.label-schema.name="cron Development Neos Docker Image" \
org.label-schema.url="https://github.com/cron-eu/neos" \
org.label-schema.vcs-url="https://github.com/cron-eu/neos" \
org.label-schema.vcs-type="Git"
# Install awscli
RUN set -x \
&& apk add --no-cache python3 py3-pip \
&& python3 -m pip install awscli
# Install needed tools
RUN set -x \
&& apk add --no-cache make tar rsync curl jq sed bash yaml less mysql-client git nginx openssh openssh-server-pam pwgen sudo s6
# Install required PHP extensions
COPY --from=mlocati/php-extension-installer /usr/bin/install-php-extensions /usr/bin/
RUN install-php-extensions \
gd \
pdo \
pdo_mysql \
mbstring \
opcache \
intl \
imagick \
exif \
json \
tokenizer \
zip \
redis \
yaml \
xdebug
# Install composer 1 and 2
RUN curl -o /tmp/composer-setup.php https://getcomposer.org/installer \
&& chmod a+w /usr/local/bin \
&& php /tmp/composer-setup.php --no-ansi --install-dir=/usr/local/bin --filename=composer1 --1 \
&& php /tmp/composer-setup.php --no-ansi --install-dir=/usr/local/bin --filename=composer2 \
&& rm -rf /tmp/composer-setup.php \
&& git config --global user.email "[email protected]" \
&& git config --global user.name "Server"
# Install s6
RUN curl -L https://github.com/just-containers/s6-overlay/releases/download/v${S6_VERSION}/s6-overlay-amd64.tar.gz | tar xzf - -C /
RUN echo "xdebug.remote_enable=1" >> $PHP_INI_DIR/conf.d/docker-php-ext-xdebug.ini \
&& echo "xdebug.remote_connect_back=0" >> $PHP_INI_DIR/conf.d/docker-php-ext-xdebug.ini \
&& echo "xdebug.max_nesting_level=512" >> $PHP_INI_DIR/conf.d/docker-php-ext-xdebug.ini \
&& echo "xdebug.remote_host=debugproxy" >> $PHP_INI_DIR/conf.d/docker-php-ext-xdebug.ini \
&& echo "xdebug.remote_port=9010" >> $PHP_INI_DIR/conf.d/docker-php-ext-xdebug.ini \
&& sed -i -r 's/.?UseDNS\syes/UseDNS no/' /etc/ssh/sshd_config \
&& sed -i -r 's/.?PasswordAuthentication.+/PasswordAuthentication no/' /etc/ssh/sshd_config \
&& sed -i -r 's/.?ChallengeResponseAuthentication.+/ChallengeResponseAuthentication no/' /etc/ssh/sshd_config \
&& sed -i -r 's/.?PermitRootLogin.+/PermitRootLogin no/' /etc/ssh/sshd_config \
# we use PAM to make ssh daemon to load the /etc/environment (see "00-init-ssh") \
&& sed -i -r 's/.?UsePAM.+/UsePAM yes/' /etc/ssh/sshd_config \
&& sed -i '/secure_path/d' /etc/sudoers
# Copy container-files
COPY container-files /
RUN deluser www-data \
&& delgroup cdrw \
&& addgroup -g ${GID} www-data \
&& adduser -u ${UID} -G www-data -s /bin/bash -D www-data -h /data -k /etc/skel_www \
&& echo 'www-data ALL=(ALL) NOPASSWD: ALL' > /etc/sudoers.d/www \
&& rm -Rf /home/www-data \
&& sed -i -e "s#listen = 9000#listen = /var/run/php-fpm.sock#" /usr/local/etc/php-fpm.d/zz-docker.conf \
&& echo "clear_env = no" >> /usr/local/etc/php-fpm.d/zz-docker.conf \
&& echo "listen.owner = www-data" >> /usr/local/etc/php-fpm.d/zz-docker.conf \
&& echo "listen.group = www-data" >> /usr/local/etc/php-fpm.d/zz-docker.conf \
&& echo "listen.mode = 0660" >> /usr/local/etc/php-fpm.d/zz-docker.conf \
&& echo "access.log = /dev/null" >> /usr/local/etc/php-fpm.d/zz-docker.conf \
&& chown ${UID}:${GID} -R /var/lib/nginx \
&& chmod +x /github-keys.sh \
&& chmod +x /gitlab-keys.sh
FROM builder as yq-installer
# Install yq (on older alpine versions)
RUN echo "http://dl-4.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories
RUN apk update && apk add --no-cache yq
FROM builder as base
COPY --from=yq-installer /usr/bin/yq /usr/local/bin/yq
# Expose ports
EXPOSE 80 22
# Define working directory
WORKDIR /data
# Define entrypoint and command
ENTRYPOINT ["/init"]
# -------------------------------------------------------------------------
FROM base as behat
# install jre, selenium, firefox and xvfb
RUN apk add --no-cache openjdk8 xorg-server xvfb firefox-esr curl libvncserver openssl dbus \
&& curl -sSL -o /usr/bin/selenium-server-standalone.jar http://selenium-release.storage.googleapis.com/2.53/selenium-server-standalone-2.53.0.jar
# we do compile x11vnc from sources (unfortunately there is no binary package available..)
RUN apk add --no-cache --virtual=.x11vncdeps gcc g++ automake autoconf make openssl-dev libx11-dev libvncserver-dev \
&& mkdir -p /src && cd /src \
&& git clone https://github.com/LibVNC/x11vnc \
&& cd x11vnc \
&& ./autogen.sh \
&& make \
&& make install \
&& apk del .x11vncdeps \
&& cd / && rm -rf /src
# required for the xvfb notifyoncheck script
RUN apk add --no-cache xdpyinfo
ENV \
DISPLAY=:99 \
SCREEN_DIMENSION=1600x1000x24 \
VNC_PASSWORD=password
COPY container-files-behat /
EXPOSE 4444 5900
ENV FLOW_CONTEXT Development/Behat
ENV DB_DATABASE db_behat