Merge pull request #11 | 4.0 Release ( Project Rename, Alpine Images Switch, and More Optimizations )

4.0 Release ( Project Rename, Alpine Images Switch, and More Optimizations )

Author: sherifabdlnaby

Dockerfile

@@ -4,6 +4,8 @@ ARG NGINX_VERSION="1.17.4"
 ARG COMPOSER_VERSION="2.0"
 ARG XDEBUG_VERSION="3.0.3"
 ARG COMPOSER_AUTH
+ARG IMAGE_DEPS="fcgi tini icu-dev gettext curl"
+ARG RUNTIME_DEPS="zip"
 
 # -------------------------------------------------- Composer Image ----------------------------------------------------
 
@@ -14,39 +16,44 @@ FROM composer:${COMPOSER_VERSION} as composer
 # ---------------  This stage install needed extenstions, plugins and add all needed configurations  -------------------
 # ======================================================================================================================
 
-FROM php:${PHP_VERSION}-fpm AS base
+FROM php:${PHP_VERSION}-fpm-alpine AS base
+
+# Required Args ( inherited from start of file, or passed at build )
+ARG IMAGE_DEPS
+ARG RUNTIME_DEPS
 
 # Maintainer label
 LABEL maintainer="sherifabdlnaby@gmail.com"
 
 # ------------------------------------- Install Packages Needed Inside Base Image --------------------------------------
 
-RUN apt-get update && apt-get -y --no-install-recommends install \
-    # Needed for Image
-    tini=0.18.0-1               \
-    libfcgi-bin=2.4.0-10        \
-    libicu-dev=63.1-6+deb10u1   \
-    gettext-base                \
-    # Needed for Application Runtime
-
-    # Clean metadata and clear caches
-    && apt-get autoremove --purge -y && apt-get clean \
-    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
+RUN apk add --no-cache ${IMAGE_DEPS} ${RUNTIME_DEPS}
 
 # ---------------------------------------- Install / Enable PHP Extensions ---------------------------------------------
 
-# - base image has helper scripts docker-php-ext-configure, docker-php-ext-install, and docker-php-ext-enable to
-#   more easily install PHP extensions.
+#   # Needed to add Extensions to PHP ( will be deleted after install PHP Extenstions )
+RUN apk add --virtual .buildtime-deps ${PHPIZE_DEPS} \
+#  install PHP Extensions
 #   head to: https://github.com/docker-library/docs/tree/master/php#how-to-install-more-php-extensions
 #   EX: RUN docker-php-ext-install curl pdo pdo_mysql mysqli
 #   EX: RUN pecl install memcached && docker-php-ext-enable memcached
-RUN docker-php-ext-install -j$(nproc) \
+ && docker-php-ext-install -j$(nproc) \
     opcache     \
     intl        \
-    pdo_mysql
-    # Pecl Extentions
-RUN pecl install apcu-5.1.20 && docker-php-ext-enable apcu
+    pdo_mysql   \
+# Pecl Extentions
 #   EX: RUN pecl install memcached && docker-php-ext-enable memcached
+ && pecl install apcu-5.1.20 \
+ && docker-php-ext-enable apcu \
+# Delete buildtime-deps
+ && apk del -f .buildtime-deps
+
+# ------------------------------------------------- Permissions --------------------------------------------------------
+
+# - Clean bundled config/users & recreate them with UID 1000 for docker compatability in dev container.
+# - Create composer directories (since we run as non-root later)
+RUN deluser --remove-home www-data && adduser -u1000 -D www-data && rm -rf /var/www /usr/local/etc/php-fpm.d/* && \
+    mkdir -p /var/www/.composer /app && chown -R www-data:www-data /app /var/www/.composer
 
 # ------------------------------------------------ PHP Configuration ---------------------------------------------------
 
@@ -58,45 +65,39 @@ COPY docker/php/base-*   $PHP_INI_DIR/conf.d
 
 # ---------------------------------------------- PHP FPM Configuration -------------------------------------------------
 
-# Clean bundled config & create composer directories (since we run as non-root later)
-RUN usermod -u 1000 www-data && rm -rf /var/www /usr/local/etc/php-fpm.d/* && \
-    mkdir -p /var/www/.composer /var/www/app && chown -R www-data:www-data /var/www/app /var/www/.composer
+# PHP-FPM config
+COPY docker/fpm/*.conf  /usr/local/etc/php-fpm.d/
 
-# Copy scripts and PHP-FPM config
-COPY docker/fpm/*.conf          /usr/local/etc/php-fpm.d/
 
 # --------------------------------------------------- Scripts ----------------------------------------------------------
 
-COPY docker/entrypoints             /usr/local/bin/
-COPY docker/healthcheck             /usr/local/bin/
-COPY docker/post-build              /usr/local/bin/
-COPY docker/pre-run                 /usr/local/bin/
-COPY docker/fpm/fpm-healthcheck     /usr/local/bin/
-RUN  chmod +x /usr/local/bin/entrypoint-* /usr/local/bin/post-build /usr/local/bin/pre-run /usr/local/bin/*healthcheck
+COPY docker/*-base          \
+     docker/healthcheck-*   \
+     docker/command-loop    \
+     # to
+     /usr/local/bin/
+
+RUN  chmod +x /usr/local/bin/*-base /usr/local/bin/healthcheck-* /usr/local/bin/command-loop
 
 # ---------------------------------------------------- Composer --------------------------------------------------------
 
 COPY --from=composer /usr/bin/composer /usr/bin/composer
 
-# ----------------------------------------------- NON-ROOT SWITCH ------------------------------------------------------
+# ----------------------------------------------------- MISC -----------------------------------------------------------
 
+WORKDIR /app
 USER www-data
 
-# ----------------------------------------------------- MISC -----------------------------------------------------------
-
-WORKDIR /var/www/app
+# Common PHP Frameworks Env Variables
 ENV APP_ENV prod
 ENV APP_DEBUG 0
 
-# Run as non-root
-USER www-data
-
-# Validate FPM config
+# Validate FPM config (must use the non-root user)
 RUN php-fpm -t
 
 # ---------------------------------------------------- HEALTH ----------------------------------------------------------
 
-HEALTHCHECK CMD ["healthcheck"]
+HEALTHCHECK CMD ["healthcheck-liveness"]
 
 # -------------------------------------------------- ENTRYPOINT --------------------------------------------------------
 
@@ -124,9 +125,7 @@ COPY composer.lock composer.lock
 RUN composer config platform.php ${PHP_VERSION}
 
 # Install Dependeinces
-## * Platform requirments are checked at the later steps.
-## * Scripts and Autoload are run at later steps.
-RUN composer install -n --no-progress --ignore-platform-reqs --no-plugins --no-scripts --no-dev --no-autoloader --prefer-dist
+RUN composer install -n --no-progress --ignore-platform-reqs --no-dev --prefer-dist --no-scripts --no-autoloader
 
 # ======================================================================================================================
 # ==============================================  PRODUCTION IMAGE  ====================================================
@@ -135,20 +134,28 @@ RUN composer install -n --no-progress --ignore-platform-reqs --no-plugins --no-s
 
 FROM base AS app
 
+USER root
+
+# Copy Prod Scripts
+COPY docker/*-prod /usr/local/bin/
+RUN  chmod +x /usr/local/bin/*-prod
+
+# Copy PHP Production Configuration
 COPY docker/php/prod-*   $PHP_INI_DIR/conf.d/
 
+USER www-data
+
+# ----------------------------------------------- Production Config -----------------------------------------------------
+
 # Copy Vendor
-COPY --chown=www-data:www-data --from=vendor /app/vendor /var/www/app/vendor
+COPY --chown=www-data:www-data --from=vendor /app/vendor /app/vendor
 
 # Copy App Code
 COPY --chown=www-data:www-data . .
 
-# 1. Dump optimzed autoload for vendor and app classes.
-# 2. checks that PHP and extensions versions match the platform requirements of the installed packages.
-RUN composer dump-autoload -n --optimize --no-dev --apcu && \
-    composer check-platform-reqs && \
-    composer run-script -n post-install-cmd && \
-    post-build
+# Run Composer Install again
+# ( this time to run post-install scripts, autoloader, and post-autoload scripts using one command )
+RUN post-build-base && post-build-prod
 
 ENTRYPOINT ["entrypoint-prod"]
 CMD ["php-fpm"]
@@ -164,31 +171,28 @@ ARG XDEBUG_VERSION
 ENV APP_ENV dev
 ENV APP_DEBUG 1
 
-# Switch to root to install stuff
+# Switch root to install stuff
 USER root
 
-# Packages
-RUN apt-get update && apt-get -y --no-install-recommends install \
-    # Needed for Dev luxery when you shell inside the container for debugging
-    curl     \
-    htop     \
-    dnsutils \
-    && apt-get autoremove --purge -y && apt-get clean \
-    && rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
-
 # ---------------------------------------------------- Xdebug ----------------------------------------------------------
 
-RUN pecl install xdebug-${XDEBUG_VERSION} && docker-php-ext-enable xdebug
+RUN apk add --virtual .buildtime-deps ${PHPIZE_DEPS} \
+ && pecl install xdebug-${XDEBUG_VERSION} && docker-php-ext-enable xdebug \
+ && apk del -f .buildtime-deps
+
+# ----------------------------------------  ---------- Scripts ---------------------------------------------------------
+
+# Copy Dev Scripts
+COPY docker/*-dev /usr/local/bin/
+RUN  chmod +x /usr/local/bin/*-dev
 
 # ------------------------------------------------------ PHP -----------------------------------------------------------
 
 RUN mv "$PHP_INI_DIR/php.ini-development" "$PHP_INI_DIR/php.ini"
 COPY docker/php/dev-*   $PHP_INI_DIR/conf.d/
 
-# ------------------------------------------------- Entry Point --------------------------------------------------------
-
-# Run as non-root
 USER www-data
+# ------------------------------------------------- Entry Point --------------------------------------------------------
 
 # Entrypoints
 ENTRYPOINT ["entrypoint-dev"]
@@ -203,25 +207,21 @@ CMD ["php-fpm"]
 FROM nginx:${NGINX_VERSION}-alpine AS nginx
 
 RUN rm -rf /var/www/* /etc/nginx/conf.d/* && adduser -u 1000 -D -S -G www-data www-data
-
 COPY docker/nginx/nginx-*   /usr/local/bin/
 COPY docker/nginx/          /etc/nginx/
-RUN chmod +x /usr/local/bin/nginx-*
+RUN chown -R www-data /etc/nginx/ && chmod +x /usr/local/bin/nginx-*
 
 # The PHP-FPM Host
 ## Localhost is the sensible default assuming image run on a k8S Pod
 ENV PHP_FPM_HOST "localhost"
 ENV PHP_FPM_PORT "9000"
 
-# Allow Nginx to run as non-root.
-RUN chown -R www-data:www-data /var/cache/nginx /etc/nginx/ /etc/nginx/conf.d/
-
-# Change to non root user
-USER www-data
-
 # For Documentation
 EXPOSE 8080
 
+# Switch User
+USER www-data
+
 # Add Healthcheck
 HEALTHCHECK CMD ["nginx-healthcheck"]
 
@@ -235,8 +235,7 @@ ENTRYPOINT ["nginx-entrypoint"]
 FROM nginx AS web
 
 # Copy Public folder + Assets that's going to be served from Nginx
-COPY public /var/www/app/public
-
+COPY --chown=www-data:www-data --from=app /app/public /app/public
 
 # ----------------------------------------------------- NGINX ----------------------------------------------------------
 FROM nginx AS web-dev

Makefile

@@ -2,16 +2,20 @@
 
 COMPOSE_PREFIX_CMD := DOCKER_BUILDKIT=1 COMPOSE_DOCKER_CLI_BUILD=1
 
-COMMAND ?= /bin/bash
+COMMAND ?= /bin/sh
 
 # --------------------------
 
 .PHONY: build deploy start stop logs restart shell up rm help
 
-deploy:			## Deploy Prod Image
+deploy:			## Start using Prod Image in Prod Mode
 	${COMPOSE_PREFIX_CMD} docker-compose -f docker-compose.prod.yml up --build -d
 
 up:				## Start service
+	@echo "Starting Application \n (note: Web container will wait App container to start before starting)"
+	${COMPOSE_PREFIX_CMD} docker-compose up -d
+
+build-up:       ## Start service, rebuild if necessary
 	${COMPOSE_PREFIX_CMD} docker-compose up --build -d
 
 build:			## Build The Image
@@ -55,5 +59,5 @@ rm:				## Remove current container
 
 help:       	## Show this help.
 	@echo "\n\nMake Application Docker Images and Containers using Docker-Compose files"
-	@echo "Make sure you are using \033[0;32mDocker Version >= 20.1\033[0m & \033[0;32mDocker-Compose >= 18.06\033[0m "
+	@echo "Make sure you are using \033[0;32mDocker Version >= 20.1\033[0m & \033[0;32mDocker-Compose >= 1.27\033[0m "
 	@awk 'BEGIN {FS = ":.*##"; printf "\nUsage:\n  make \033[36m<target>\033[0m ENV=<prod|dev> (default: dev)\n\nTargets:\n"} /^[a-zA-Z_-]+:.*?##/ { printf "  \033[36m%-12s\033[0m %s\n", $$1, $$2 }' $(MAKEFILE_LIST)