From 6300bc1ed8a7b5214614bb5c179c2e8da396c78431d29213cd430270ba02abd2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dan=20=C4=8Cerm=C3=A1k?= Date: Wed, 11 Sep 2024 08:27:49 +0000 Subject: [PATCH] [info=4fe3925be00f7d1a9bce0d579c7272eb] OBS-URL: https://build.opensuse.org/package/show/devel:BCI:Tumbleweed/php-fpm8-image?expand=0&rev=144 --- .gitattributes | 23 +++++++ .gitignore | 1 + Dockerfile | 83 ++++++++++++++++++++++ README.md | 145 +++++++++++++++++++++++++++++++++++++++ _service | 14 ++++ docker-php-entrypoint | 9 +++ docker-php-ext-configure | 2 + docker-php-ext-enable | 2 + docker-php-ext-install | 10 +++ docker-php-source | 2 + php-fpm8-image.changes | 99 ++++++++++++++++++++++++++ 11 files changed, 390 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 Dockerfile create mode 100644 README.md create mode 100644 _service create mode 100644 docker-php-entrypoint create mode 100644 docker-php-ext-configure create mode 100644 docker-php-ext-enable create mode 100644 docker-php-ext-install create mode 100644 docker-php-source create mode 100644 php-fpm8-image.changes diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..7790beb --- /dev/null +++ b/Dockerfile @@ -0,0 +1,83 @@ +# SPDX-License-Identifier: MIT + +# Copyright (c) 2024 SUSE LLC + +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. + +# The content of THIS FILE IS AUTOGENERATED and should not be manually modified. +# It is maintained by the BCI team and generated by +# https://github.com/SUSE/BCI-dockerfile-generator + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# You can contact the BCI team via https://github.com/SUSE/bci/discussions + + +#!BuildTag: opensuse/bci/php-fpm:8 +#!BuildTag: opensuse/bci/php-fpm:8-%RELEASE% +#!BuildTag: opensuse/bci/php-fpm:%%php_version%% +#!BuildTag: opensuse/bci/php-fpm:%%php_version%%-%RELEASE% +#!BuildTag: opensuse/bci/php-fpm:latest + +FROM opensuse/tumbleweed:latest + +RUN set -euo pipefail; zypper -n in php8 php8-cli php-composer2 php8-curl php8-zip php8-zlib php8-phar php8-mbstring php8-fpm; zypper -n clean; rm -rf /var/log/{lastlog,tallylog,zypper.log,zypp/history,YaST2} + +# Define labels according to https://en.opensuse.org/Building_derived_containers +# labelprefix=org.opensuse.bci.php-fpm +LABEL org.opencontainers.image.authors="openSUSE (https://www.opensuse.org/)" +LABEL org.opencontainers.image.title="openSUSE Tumbleweed BCI PHP-FPM 8" +LABEL org.opencontainers.image.description="PHP-FPM 8 container based on the openSUSE Tumbleweed Base Container Image." +LABEL org.opencontainers.image.version="%%php_version%%" +LABEL org.opencontainers.image.url="https://www.opensuse.org" +LABEL org.opencontainers.image.created="%BUILDTIME%" +LABEL org.opencontainers.image.vendor="openSUSE Project" +LABEL org.opencontainers.image.source="%SOURCEURL%" +LABEL org.opencontainers.image.ref.name="8-%RELEASE%" +LABEL org.opensuse.reference="registry.opensuse.org/opensuse/bci/php-fpm:8-%RELEASE%" +LABEL org.openbuildservice.disturl="%DISTURL%" +LABEL org.opensuse.lifecycle-url="https://en.opensuse.org/Lifetime#openSUSE_BCI" +LABEL org.opensuse.release-stage="released" +# endlabelprefix +LABEL io.artifacthub.package.readme-url="https://raw.githubusercontent.com/SUSE/BCI-dockerfile-generator/Tumbleweed/php-fpm8-image/README.md" +ENV PHP_VERSION="%%php_version%%" +ENV PHP_INI_DIR="/etc/php8/" +ENV PHPIZE_DEPS="php8-devel awk make findutils" +ENV COMPOSER_VERSION="%%composer_version%%" + +ENTRYPOINT ["docker-php-entrypoint"] +CMD ["php-fpm"] +COPY docker-php-source docker-php-entrypoint docker-php-ext-configure docker-php-ext-enable docker-php-ext-install /usr/local/bin/ +RUN chmod +x /usr/local/bin/docker-php-* +WORKDIR /srv/www/htdocs + +RUN set -euo pipefail; \ + cd /etc/php8/fpm/; \ + test -e php-fpm.d/www.conf.default && cp -p php-fpm.d/www.conf.default php-fpm.d/www.conf; \ + test -e php-fpm.conf.default && cp -p php-fpm.conf.default php-fpm.conf; \ + { \ + echo '[global]'; \ + echo 'error_log = /proc/self/fd/2'; \ + echo; echo '; https://github.com/docker-library/php/pull/725#issuecomment-443540114'; echo 'log_limit = 8192'; \ + echo; \ + echo '[www]'; \ + echo '; if we send this to /proc/self/fd/1, it never appears'; \ + echo 'access.log = /proc/self/fd/2'; \ + echo; \ + echo 'clear_env = no'; \ + echo; \ + echo '; Ensure worker stdout and stderr are sent to the main error log.'; \ + echo 'catch_workers_output = yes'; \ + echo 'decorate_workers_output = no'; \ + } | tee php-fpm.d/docker.conf; \ + { \ + echo '[global]'; \ + echo 'daemonize = no'; \ + } | tee php-fpm.d/zz-docker.conf + +# Override stop signal to stop process gracefully +# https://github.com/php/php-src/blob/17baa87faddc2550def3ae7314236826bc1b1398/sapi/fpm/php-fpm.8.in#L163 +STOPSIGNAL SIGQUIT + +EXPOSE 9000 diff --git a/README.md b/README.md new file mode 100644 index 0000000..97f164e --- /dev/null +++ b/README.md @@ -0,0 +1,145 @@ +# The PHP FPM 8 container image + +![Redistributable](https://img.shields.io/badge/Redistributable-Yes-green) + +PHP is a general-purpose scripting language used primarily for server-side web +development. It can be used directly, embedded in HTML files, or executed via a +server-side Apache2 module or CGI scripts. + +## How to use the image + +The image contains [PHP-FPM](https://php-fpm.org/), a FastCGI implementation +for PHP that serves content via the FastCGI protocol and not via HTTP(S). This +requires a reverse proxy that can handle FastCGI and can serve content via +HTTP(s). + +**Caution:** FastCGI does not offer any protection or access control, so the +open socket must be protected via network separation. This means that the +PHP-FPM container must run in a separate private network or a pod, and its +socket must be exposed to the reverse proxy only. + +To deploy an application in the PHP-FPM container, copy the application into +`/srv/www/htdocs` (this directory is the `WORKDIR` of the container image): + +```Dockerfile +FROM registry.opensuse.org/opensuse/bci/php-fpm:8 + +RUN set -eux; \ + zypper -n in $my_dependencies; \ + # additional setup steps + +# Copy the app into the PHP-FPM document root +COPY app/ . +``` + +To configure NGINX as a reverse proxy, add the following to the +`server` section in `/etc/nginx/nginx.conf`: +``` + location ~ \.php$ { + include fastcgi_params; + fastcgi_index index.php; + root /srv/www/htdocs/; + fastcgi_pass 127.0.0.1:9000; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + } +``` + +Additionally, create `/etc/nginx/fastcgi_params` with the following contents: +``` +fastcgi_param QUERY_STRING $query_string; +fastcgi_param REQUEST_METHOD $request_method; +fastcgi_param CONTENT_TYPE $content_type; +fastcgi_param CONTENT_LENGTH $content_length; + +fastcgi_param SCRIPT_NAME $fastcgi_script_name; +fastcgi_param REQUEST_URI $request_uri; +fastcgi_param DOCUMENT_URI $document_uri; +fastcgi_param DOCUMENT_ROOT $document_root; +fastcgi_param SERVER_PROTOCOL $server_protocol; +fastcgi_param REQUEST_SCHEME $scheme; +fastcgi_param HTTPS $https if_not_empty; + +fastcgi_param GATEWAY_INTERFACE CGI/1.1; +fastcgi_param SERVER_SOFTWARE nginx/$nginx_version; + +fastcgi_param REMOTE_ADDR $remote_addr; +fastcgi_param REMOTE_PORT $remote_port; +fastcgi_param SERVER_ADDR $server_addr; +fastcgi_param SERVER_PORT $server_port; +fastcgi_param SERVER_NAME $server_name; + +# PHP only, required if PHP was built with --enable-force-cgi-redirect +fastcgi_param REDIRECT_STATUS 200; +``` + +If you are using a NGINX container with the above changes, you can +use a Podman pod to deploy the application: +```ShellSession +$ podman pod create --name fpm -p 80:8080 +$ podman run -d --pod fpm name-of-my-fpm-container +$ podman run -d --pod fpm name-of-my-nginx-container +``` + +The website is served on port 8080, and the FastCGI application is not +accessible from outside of the `fpm` pod. + +## How to install PHP extensions + +PHP extensions must be installed using the `zypper` package manager. PHP +extensions are named using the `php8-$extension_name` scheme, +and they can be installed as follows: + +```Dockerfile +FROM registry.opensuse.org/opensuse/bci/php-fpm:8 + +RUN zypper -n in php8-gd php8-intl +``` + +Alternatively, you can use the `docker-php-ext-install` script. It is provided +for compatibility with the [PHP DockerHub Image](https://hub.docker.com/_/php) +but it uses zypper to install the extensions from RPMs. It is provided for +compatibility reasons and can be used similar to the script from PHP DockerHub +image: + +```Dockerfile +FROM registry.opensuse.org/opensuse/bci/php-fpm:8 + +RUN docker-php-ext-install gd intl +``` + +## How to install PECL extensions + +[PECL](https://pecl.php.net/) is a package repository hosting PHP extensions. It +can be used as an alternative source to obtain PHP extensions, but without any +guarantee of interoperability with this image and without any official support. + +Install PECL extensions as follows: + +```Dockerfile +FROM registry.opensuse.org/opensuse/bci/php-fpm:8 + +RUN set -euo pipefail; \ + zypper -n in $PHPIZE_DEPS php8-pecl; \ + pecl install APCu-5.1.21; +``` + +**Note:** Building an extension may require installing its dependencies first. + + +## Compatibility with the DockerHub Image + +The following scripts ship with the image to keep it compatible with the +DockerHub image: `docker-php-source`, `docker-php-ext-configure`, +`docker-php-ext-enable`, and `docker-php-ext-install`. +The script `docker-php-ext-install` performs an actual job, all others are +just no-operation scripts for interoperability. + +## Licensing + +`SPDX-License-Identifier: MIT` + +This documentation and the build recipe are licensed as MIT. +The container itself contains various software components under various open source licenses listed in the associated +Software Bill of Materials (SBOM). + +This image is based on [openSUSE Tumbleweed](https://get.opensuse.org/tumbleweed/). diff --git a/_service b/_service new file mode 100644 index 0000000..5f96c7a --- /dev/null +++ b/_service @@ -0,0 +1,14 @@ + + + + + Dockerfile + %%composer_version%% + php-composer2 + + + Dockerfile + %%php_version%% + php8 + + \ No newline at end of file diff --git a/docker-php-entrypoint b/docker-php-entrypoint new file mode 100644 index 0000000..67fa328 --- /dev/null +++ b/docker-php-entrypoint @@ -0,0 +1,9 @@ +#!/bin/sh +set -e + +# first arg is `-f` or `--some-option` +if [ "${1#-}" != "$1" ]; then + set -- php-fpm "$@" +fi + +exec "$@" diff --git a/docker-php-ext-configure b/docker-php-ext-configure new file mode 100644 index 0000000..9c08ffa --- /dev/null +++ b/docker-php-ext-configure @@ -0,0 +1,2 @@ +#!/bin/sh +echo "This script is not required in this PHP container." diff --git a/docker-php-ext-enable b/docker-php-ext-enable new file mode 100644 index 0000000..9c08ffa --- /dev/null +++ b/docker-php-ext-enable @@ -0,0 +1,2 @@ +#!/bin/sh +echo "This script is not required in this PHP container." diff --git a/docker-php-ext-install b/docker-php-ext-install new file mode 100644 index 0000000..1f9c642 --- /dev/null +++ b/docker-php-ext-install @@ -0,0 +1,10 @@ +#!/bin/bash +set -euo pipefail + +extensions=() + +for ext in $@; do + [[ "$ext" =~ ^- ]] || extensions+=("php8-$ext") +done + +zypper -n in ${extensions[*]} diff --git a/docker-php-source b/docker-php-source new file mode 100644 index 0000000..9c08ffa --- /dev/null +++ b/docker-php-source @@ -0,0 +1,2 @@ +#!/bin/sh +echo "This script is not required in this PHP container." diff --git a/php-fpm8-image.changes b/php-fpm8-image.changes new file mode 100644 index 0000000..3c1a158 --- /dev/null +++ b/php-fpm8-image.changes @@ -0,0 +1,99 @@ +------------------------------------------------------------------- +Wed Sep 11 08:07:25 UTC 2024 - Dirk Mueller + +- use full version in php container labels + +------------------------------------------------------------------- +Wed Aug 14 12:30:32 UTC 2024 - Dirk Mueller + +- install packages first + +------------------------------------------------------------------- +Thu Aug 8 19:28:10 UTC 2024 - Dirk Mueller + +- add oci.image.ref.name + +------------------------------------------------------------------- +Thu Aug 8 16:43:43 UTC 2024 - Dirk Mueller + +- remove oci reference annotation again + +------------------------------------------------------------------- +Mon Aug 5 11:38:13 UTC 2024 - Dirk Mueller + +- add OCI reference annotation + +------------------------------------------------------------------- +Sat Aug 3 08:56:51 UTC 2024 - Dirk Mueller + +- set OCI.authors attribute instead of deprecated MAINTAINER + +------------------------------------------------------------------- +Wed Jul 31 12:06:45 UTC 2024 - Dirk Mueller + +- set specific lifecycle url for openSUSE BCI + +------------------------------------------------------------------- +Tue Jun 18 17:24:16 UTC 2024 - Dirk Mueller + +- use sentence style capitalization in READMEs + +------------------------------------------------------------------- +Mon Jun 10 15:11:25 UTC 2024 - Dirk Mueller + +- update README; reduce unnecessary newlines + +------------------------------------------------------------------- +Wed Jun 5 15:13:27 UTC 2024 - Dirk Mueller + +- Don't add artifacthub labels into labelprefix section + +------------------------------------------------------------------- +Tue Jun 4 12:35:15 UTC 2024 - Alexandre Vicenzi + +- Fix grammar mistake in licensing footer + +------------------------------------------------------------------- +Wed May 22 13:38:53 UTC 2024 - Dan Čermák + +- Extend README + +------------------------------------------------------------------- +Sun May 19 09:10:06 UTC 2024 - Dan Čermák + +- add findutils for phpize + +------------------------------------------------------------------- +Tue May 14 15:40:34 UTC 2024 - Dirk Mueller + +- add latest tag + +------------------------------------------------------------------- +Tue May 7 19:07:24 UTC 2024 - Dirk Mueller + +- extend READMEs; correct eula for application images + +------------------------------------------------------------------- +Fri Apr 12 12:03:53 UTC 2024 - Dirk Mueller + +- Don't wipe everything in /var/log, only remove log files (this omits directories owned by packages) + +------------------------------------------------------------------- +Wed Jan 17 14:29:14 UTC 2024 - Dan Čermák + +- Add initial README stub + +------------------------------------------------------------------- +Tue Jan 2 08:26:58 UTC 2024 - Dirk Mueller + +- update year to 2024 + +------------------------------------------------------------------- +Thu Sep 28 14:29:10 UTC 2023 - Dirk Mueller + +- add copyright and description header + +------------------------------------------------------------------- +Thu Jul 06 09:56:51 UTC 2023 - SUSE Update Bot + +- First version of the PHP-FPM 8 BCI