Skip to content

Commit da0da32

Browse files
smortexasmortexa
authored
Merge pull request #45 from exaco/v2
2 parents 0d8ea45 + 52e1bf5 commit da0da32

File tree

8 files changed

+51
-48
lines changed

8 files changed

+51
-48
lines changed

.github/workflows/roadrunner-test.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,4 +70,7 @@ jobs:
7070
run: sleep 10s
7171

7272
- name: Check application health
73-
run: curl -f -s -o /dev/null -w "%{http_code}" http://localhost:9000
73+
run: |
74+
curl -f -s -o /dev/null -w "%{http_code}" http://localhost:9000
75+
php artisan tinker --execute="logger('test');"
76+
working-directory: /var/www/app

.github/workflows/swoole-test.yml

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -70,4 +70,7 @@ jobs:
7070
run: sleep 10s
7171

7272
- name: Check application health
73-
run: curl -f -s -o /dev/null -w "%{http_code}" http://localhost:9000
73+
run: |
74+
curl -f -s -o /dev/null -w "%{http_code}" http://localhost:9000
75+
php artisan tinker --execute="logger('test');"
76+
working-directory: /var/www/app

Dockerfile

Lines changed: 33 additions & 27 deletions
Original file line numberDiff line numberDiff line change
@@ -7,7 +7,7 @@ ARG COMPOSER_VERSION=latest
77
ARG OCTANE_SERVER="swoole"
88

99
###########################################
10-
# Build frontend assets with NPM
10+
# Build frontend assets with PNPM
1111
###########################################
1212

1313
ARG NODE_VERSION=18-bullseye-slim
@@ -18,23 +18,23 @@ ENV ROOT=/var/www/html
1818

1919
WORKDIR $ROOT
2020

21-
RUN npm config set update-notifier false && npm set progress=false
21+
RUN npm install -g pnpm
2222

23-
COPY package*.json ./
23+
COPY package.json pnpm-lock.yaml* ./
2424

25-
RUN if [ -f $ROOT/package-lock.json ]; \
25+
RUN if [ -f $ROOT/pnpm-lock.yaml ]; \
2626
then \
27-
npm ci --no-optional --loglevel=error --no-audit; \
27+
pnpm install --frozen-lockfile --no-optional --prefer-offline; \
2828
elif [ -f $ROOT/package.json ]; \
2929
then \
30-
npm install --no-optional --loglevel=error --no-audit; \
30+
pnpm install --no-optional --prefer-offline; \
3131
fi
3232

3333
COPY . .
3434

35-
RUN if [ -f $ROOT/package.json ] || [ -f $ROOT/package-lock.json ]; \
35+
RUN if [ -f $ROOT/package.json ] || [ -f $ROOT/pnpm-lock.yaml ]; \
3636
then \
37-
npm run build; \
37+
pnpm run build; \
3838
fi
3939

4040
###########################################
@@ -90,7 +90,8 @@ ENV DEBIAN_FRONTEND=noninteractive \
9090
CONTAINER_MODE=${CONTAINER_MODE} \
9191
APP_WITH_HORIZON=${APP_WITH_HORIZON} \
9292
APP_WITH_SCHEDULER=${APP_WITH_SCHEDULER} \
93-
OCTANE_SERVER=${OCTANE_SERVER}
93+
OCTANE_SERVER=${OCTANE_SERVER} \
94+
NON_ROOT_USER=octane
9495

9596
ENV ROOT=/var/www/html
9697
WORKDIR $ROOT
@@ -233,7 +234,7 @@ ARG SERVER=swoole
233234

234235
RUN if [ ${OCTANE_SERVER} = "swoole" ]; then \
235236
apt-get install -yqq --no-install-recommends --show-progress libc-ares-dev \
236-
&& pecl -q install -o -f -D 'enable-openssl="yes" enable-http2="yes" enable-swoole-curl="yes" enable-mysqlnd="yes" enable-cares="yes"' ${SERVER} \
237+
&& printf "\n" | pecl -q install -o -f -D 'enable-openssl="yes" enable-http2="yes" enable-swoole-curl="yes" enable-mysqlnd="yes" enable-cares="yes"' ${SERVER} \
237238
&& docker-php-ext-enable ${SERVER}; \
238239
fi
239240

@@ -323,43 +324,48 @@ RUN if [ ${CONTAINER_MODE} = 'scheduler' ] || [ ${APP_WITH_SCHEDULER} = true ];
323324

324325
###########################################
325326

326-
RUN groupadd --force -g $WWWGROUP octane \
327-
&& useradd -ms /bin/bash --no-log-init --no-user-group -g $WWWGROUP -u $WWWUSER octane
328-
329327
RUN apt-get clean \
330328
&& docker-php-source delete \
331329
&& pecl clear-cache \
332330
&& rm -R /tmp/pear \
333331
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
334332
&& rm /var/log/lastlog /var/log/faillog
335333

336-
COPY . .
337-
COPY --from=build ${ROOT}/public public
338-
COPY --from=vendor ${ROOT}/vendor vendor
339-
COPY --from=vendor ${ROOT}/rr* ${ROOT}/composer.json ./
334+
RUN groupadd --force -g $WWWGROUP $NON_ROOT_USER \
335+
&& useradd -ms /bin/bash --no-log-init --no-user-group -g $WWWGROUP -u $WWWUSER $NON_ROOT_USER
336+
337+
RUN chown -R $NON_ROOT_USER:$NON_ROOT_USER $ROOT /var/log/
338+
339+
RUN chmod -R ug+rw /var/log/
340+
341+
USER $NON_ROOT_USER
342+
343+
COPY --chown=$NON_ROOT_USER:$NON_ROOT_USER . .
344+
COPY --chown=$NON_ROOT_USER:$NON_ROOT_USER --from=build ${ROOT}/public public
345+
COPY --chown=$NON_ROOT_USER:$NON_ROOT_USER --from=vendor ${ROOT}/vendor vendor
346+
COPY --chown=$NON_ROOT_USER:$NON_ROOT_USER --from=vendor ${ROOT}/rr* ${ROOT}/composer.json ./
340347

341348
RUN mkdir -p \
342349
storage/framework/{sessions,views,cache} \
343350
storage/logs \
344-
bootstrap/cache \
345-
&& chown -R octane:octane \
346-
storage \
347-
bootstrap/cache \
348-
&& chmod -R ug+rwx storage bootstrap/cache
351+
bootstrap/cache
349352

350-
COPY deployment/octane/supervisord* /etc/supervisor/conf.d/
351-
COPY deployment/octane/php.ini /usr/local/etc/php/conf.d/octane.ini
352-
COPY deployment/octane/.rr.prod.yaml ./.rr.yaml
353+
COPY --chown=$NON_ROOT_USER:$NON_ROOT_USER deployment/octane/supervisord* /etc/supervisor/conf.d/
354+
COPY --chown=$NON_ROOT_USER:$NON_ROOT_USER deployment/octane/php.ini /usr/local/etc/php/conf.d/99-octane.ini
355+
COPY --chown=$NON_ROOT_USER:$NON_ROOT_USER deployment/octane/.rr.prod.yaml ./.rr.yaml
356+
COPY --chown=$NON_ROOT_USER:$NON_ROOT_USER deployment/octane/start-container /usr/local/bin/start-container
357+
358+
RUN chmod +x /usr/local/bin/start-container
353359

354-
RUN chmod +x deployment/octane/entrypoint.sh
355360
RUN if [ -f "rr" ]; then \
356361
chmod +x rr; \
357362
fi
363+
358364
RUN cat deployment/octane/utilities.sh >> ~/.bashrc
359365

360366
EXPOSE 9000
361367
EXPOSE 6001
362368

363-
ENTRYPOINT ["deployment/octane/entrypoint.sh"]
369+
ENTRYPOINT ["start-container"]
364370

365371
HEALTHCHECK --start-period=5s --interval=2s --timeout=5s --retries=8 CMD php artisan octane:status || exit 1

deployment/octane/entrypoint.sh renamed to deployment/octane/start-container

Lines changed: 0 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -5,10 +5,6 @@ container_mode=${CONTAINER_MODE:-app}
55
octane_server=${OCTANE_SERVER:-swoole}
66
echo "Container mode: $container_mode"
77

8-
php() {
9-
su octane -c "php $*"
10-
}
11-
128
initialStuff() {
139
php artisan optimize:clear; \
1410
php artisan package:discover --ansi; \

deployment/octane/supervisord.app.conf

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,13 @@
11
[supervisord]
22
nodaemon=true
3-
user=root
3+
user=%(ENV_NON_ROOT_USER)s
44
logfile=/var/log/supervisor/supervisord.log
55
pidfile=/var/run/supervisord.pid
66

77
[program:octane]
88
process_name=%(program_name)s_%(process_num)02d
99
command=php /var/www/html/artisan octane:start --server=swoole --host=0.0.0.0 --port=9000 --workers=auto --task-workers=auto --max-requests=500
10-
user=octane
10+
user=%(ENV_NON_ROOT_USER)s
1111
autostart=true
1212
autorestart=true
1313
environment=LARAVEL_OCTANE="1"
@@ -19,7 +19,7 @@ stderr_logfile_maxbytes=0
1919
[program:horizon]
2020
process_name=%(program_name)s_%(process_num)02d
2121
command=php /var/www/html/artisan horizon
22-
user=octane
22+
user=%(ENV_NON_ROOT_USER)s
2323
autostart=%(ENV_APP_WITH_HORIZON)s
2424
autorestart=true
2525
stdout_logfile=/var/www/html/horizon.log
@@ -28,7 +28,7 @@ stopwaitsecs=3600
2828
[program:scheduler]
2929
process_name=%(program_name)s_%(process_num)02d
3030
command=supercronic /etc/supercronic/laravel
31-
user=octane
31+
user=%(ENV_NON_ROOT_USER)s
3232
autostart=%(ENV_APP_WITH_SCHEDULER)s
3333
autorestart=true
3434
stdout_logfile=/var/www/html/scheduler.log

deployment/octane/supervisord.app.roadrunner.conf

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,13 @@
11
[supervisord]
22
nodaemon=true
3-
user=root
3+
user=%(ENV_NON_ROOT_USER)s
44
logfile=/var/log/supervisor/supervisord.log
55
pidfile=/var/run/supervisord.pid
66

77
[program:octane]
88
process_name=%(program_name)s_%(process_num)02d
99
command=php /var/www/html/artisan octane:start --server=roadrunner --host=0.0.0.0 --port=9000 --rpc-port=6001 --workers=auto --max-requests=500 --rr-config=/var/www/html/.rr.yaml
10-
user=octane
10+
user=%(ENV_NON_ROOT_USER)s
1111
autostart=true
1212
autorestart=true
1313
environment=LARAVEL_OCTANE="1"
@@ -19,7 +19,7 @@ stderr_logfile_maxbytes=0
1919
[program:horizon]
2020
process_name=%(program_name)s_%(process_num)02d
2121
command=php /var/www/html/artisan horizon
22-
user=octane
22+
user=%(ENV_NON_ROOT_USER)s
2323
autostart=%(ENV_APP_WITH_HORIZON)s
2424
autorestart=true
2525
stdout_logfile=/var/www/html/horizon.log
@@ -28,7 +28,7 @@ stopwaitsecs=3600
2828
[program:scheduler]
2929
process_name=%(program_name)s_%(process_num)02d
3030
command=supercronic /etc/supercronic/laravel
31-
user=octane
31+
user=%(ENV_NON_ROOT_USER)s
3232
autostart=%(ENV_APP_WITH_SCHEDULER)s
3333
autorestart=true
3434
stdout_logfile=/var/www/html/scheduler.log

deployment/octane/supervisord.horizon.conf

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,13 @@
11
[supervisord]
22
nodaemon=true
3-
user=root
3+
user=%(ENV_NON_ROOT_USER)s
44
logfile=/var/log/supervisor/supervisord.log
55
pidfile=/var/run/supervisord.pid
66

77
[program:horizon]
88
process_name=%(program_name)s_%(process_num)02d
99
command=php /var/www/html/artisan horizon
10-
user=octane
10+
user=%(ENV_NON_ROOT_USER)s
1111
autostart=true
1212
autorestart=true
1313
stdout_logfile=/dev/stdout

deployment/octane/utilities.sh

Lines changed: 0 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,3 @@
1-
php() {
2-
echo "Running PHP as octane user ..."
3-
su octane -c "php $*"
4-
}
5-
61
tinker() {
72
if [ -z "$1" ]; then
83
php artisan tinker

0 commit comments

Comments
 (0)