Update to Pimcore 12 and CoreShop 5 compatibility

.docker/nginx.conf

@@ -0,0 +1,189 @@
+# mime types are covered in nginx.conf by:
+# http {
+#   include       mime.types;
+# }
+
+upstream php-pimcore {
+    server datadefinitions-php-1:9000;
+}
+
+upstream php-pimcore-debug {
+    server datadefinitions-php-debug-1:9000;
+}
+
+server {
+    listen [::]:80 default_server;
+    listen 80 default_server;
+
+    fastcgi_buffer_size 128k;
+    fastcgi_buffers 8 256k;
+    fastcgi_busy_buffers_size 256k;
+    #server_name pimcore.localhost;
+
+    root /var/www/html/public;
+    index index.php;
+
+    # Filesize depending on your data
+    client_max_body_size 100m;
+
+    # It is recommended to seclude logs per virtual host
+    #access_log  /var/log/access.log;
+    #error_log   /var/log/error.log error;
+
+    # Protected Assets
+    #
+    ### 1. Option - Restricting access to certain assets completely
+    #
+    # location ~ ^/protected/.* {
+    #   return 403;
+    # }
+    # location ~ ^/var/.*/protected(.*) {
+    #   return 403;
+    # }
+    #
+    # location ~ ^/cache-buster\-[\d]+/protected(.*) {
+    #   return 403;
+    # }
+    #
+    ### 2. Option - Checking permissions before delivery
+    #
+    # rewrite ^(/protected/.*) /index.php$is_args$args last;
+    #
+    # location ~ ^/var/.*/protected(.*) {
+    #   return 403;
+    # }
+    #
+    # location ~ ^/cache-buster\-[\d]+/protected(.*) {
+    #   return 403;
+    # }
+
+    # Mercure Hub Proxy for SSE (Server-Sent Events)
+    # /hub/.well-known/mercure -> http://mercure/.well-known/mercure
+    location /hub/ {
+        rewrite ^/hub/(.*)$ /$1 break;
+        proxy_pass http://mercure;
+        proxy_read_timeout 24h;
+        proxy_http_version 1.1;
+        proxy_set_header Connection "";
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_buffering off;
+        proxy_cache off;
+    }
+
+    # Pimcore Head-Link Cache-Busting
+    rewrite ^/cache-buster-(?:\d+)/(.*) /$1 last;
+
+    # Stay secure
+    #
+    # a) don't allow PHP in folders allowing file uploads
+    location ~* /var/assets/.*\.php(/|$) {
+        return 404;
+    }
+
+    # b) Prevent clients from accessing hidden files (starting with a dot)
+    # Access to `/.well-known/` is allowed.
+    # https://www.mnot.net/blog/2010/04/07/well-known
+    # https://tools.ietf.org/html/rfc5785
+    location ~* /\.(?!well-known/) {
+        deny all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # c) Prevent clients from accessing to backup/config/source files
+    location ~* (?:\.(?:bak|conf(ig)?|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
+        deny all;
+    }
+
+    # Some Admin Modules need this:
+    # Database Admin, Server Info
+    location ~* ^/admin/(adminer|external) {
+        rewrite .* /index.php$is_args$args last;
+    }
+
+    # Thumbnails
+    location ~* .*/(image|video)-thumb__\d+__.* {
+        try_files /var/tmp/thumbnails$uri /index.php;
+        expires 2w;
+        access_log off;
+        add_header Cache-Control "public";
+    }
+
+    # Assets
+    # Still use a whitelist approach to prevent each and every missing asset to go through the PHP Engine.
+    location ~* ^(?!/admin)(.+?)\.((?:css|js)(?:\.map)?|jpe?g|gif|png|svgz?|eps|exe|gz|zip|mp\d|ogg|ogv|webm|pdf|docx?|xlsx?|pptx?)$ {
+        try_files /var/assets$uri $uri =404;
+        expires 2w;
+        access_log off;
+        log_not_found off;
+        add_header Cache-Control "public";
+    }
+
+    location / {
+        error_page 404 /meta/404;
+        try_files $uri /index.php$is_args$args;
+    }
+
+    # Use this location when the installer has to be run
+    # location ~ /(index|install)\.php(/|$) {
+    #
+    # Use this after initial install is done:
+    location ~ ^/index\.php(/|$) {
+        send_timeout 1800;
+        fastcgi_read_timeout 1800;
+        # regex to split $uri to $fastcgi_script_name and $fastcgi_path_info
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        # Check that the PHP script exists before passing it
+        #try_files $fastcgi_script_name =404;
+        # include fastcgi.conf if needed
+        include fastcgi_params;
+        # Bypass the fact that try_files resets $fastcgi_path_info
+        # see: http://trac.nginx.org/nginx/ticket/321
+        set $path_info $fastcgi_path_info;
+        fastcgi_param PATH_INFO $path_info;
+
+        # Activate these, if using Symlinks and opcache
+        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
+        fastcgi_param DOCUMENT_ROOT $realpath_root;
+
+        # Mitigate https://httpoxy.org/ vulnerabilities
+        fastcgi_param HTTP_PROXY "";
+
+        # If Xdebug session is requested, pass it to the Xdebug enabled container
+        if ($http_cookie ~* "XDEBUG_SESSION") {
+            fastcgi_pass php-pimcore-debug;
+        }
+
+        fastcgi_pass php-pimcore;
+        # Prevents URIs that include the front controller. This will 404:
+        # http://domain.tld/index.php/some-path
+        # Remove the internal directive to allow URIs like this
+        internal;
+    }
+
+    # PHP-FPM Status and Ping
+    location /fpm- {
+        access_log off;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        location /fpm-status {
+            allow 127.0.0.1;
+            # add additional IP's or Ranges
+            deny all;
+            fastcgi_pass php-pimcore;
+        }
+        location /fpm-ping {
+            fastcgi_pass php-pimcore;
+        }
+    }
+    # nginx Status
+    # see: https://nginx.org/en/docs/http/ngx_http_stub_status_module.html
+    location /nginx-status {
+        allow 127.0.0.1;
+        deny all;
+        access_log off;
+        stub_status;
+    }
+}

.docker/supervisord.conf

@@ -0,0 +1,20 @@
+# Important Notice: this configuration is not optimized for production use!
+
+[program:messenger-consume]
+command=php /var/www/html/bin/console messenger:consume pimcore_core pimcore_maintenance pimcore_index_queues --memory-limit=250M --time-limit=3600
+numprocs=1
+startsecs=0
+autostart=true
+autorestart=true
+process_name=%(program_name)s_%(process_num)02d
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true
+
+[program:maintenance]
+command=bash -c 'sleep 3600 && exec php /var/www/html/bin/console pimcore:maintenance --async'
+autostart=true
+autorestart=true
+stdout_logfile=/dev/fd/1
+stdout_logfile_maxbytes=0
+redirect_stderr=true

.env

@@ -1 +1,10 @@
 PIMCORE_KERNEL_CLASS=Kernel
+APP_DEBUG=1
+
+# OpenSearch Configuration for Generic Data Index
+PIMCORE_OPENSEARCH_HOST=opensearch:9200
+
+# Mercure Configuration
+MERCURE_JWT_SECRET=SECRET_MERCURE_KEY_SECRET_MERCURE_KEY
+MERCURE_URL=http://mercure/.well-known/mercure
+MERCURE_PUBLIC_URL=http://localhost/hub/.well-known/mercure

.github/workflows/behat.yml

@@ -23,12 +23,9 @@ jobs:
 
     strategy:
       matrix:
-        php: [ 8.1, 8.2, 8.3 ]
-        pimcore: [ ^11.1, ^11.2, ^11.3 ]
+        php: [ 8.4 ]
+        pimcore: [ ^12.3 ]
         dependencies: [ highest ]
-        exclude:
-          - php: 8.1
-            dependencies: lowest
 
     services:
       database:
@@ -72,13 +69,13 @@ jobs:
     - if: matrix.dependencies == 'highest'
       name: Install dependencies highest
       run: |
-        composer req pimcore/pimcore:${{ matrix.pimcore }} coreshop/pimcore:4.0.x-dev --no-interaction --no-scripts --no-update
+        composer req pimcore/pimcore:${{ matrix.pimcore }} coreshop/pimcore:5.0.x-dev --no-interaction --no-scripts --no-update
         composer update --no-progress --prefer-dist --optimize-autoloader
 
     - if: matrix.dependencies == 'lowest'
       name: Install dependencies lowest
       run: |
-        composer req pimcore/pimcore:${{ matrix.pimcore }} coreshop/pimcore:4.0.x-dev --no-interaction --no-scripts --no-update
+        composer req pimcore/pimcore:${{ matrix.pimcore }} coreshop/pimcore:5.0.x-dev --no-interaction --no-scripts --no-update
         composer update --no-progress --prefer-dist --optimize-autoloader --prefer-lowest
 
     - name: Cache clear

.github/workflows/codestyles.yml

@@ -15,7 +15,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        branch: [ '4.0' ]
+        branch: [ '5.0' ]
 
     steps:
       - uses: actions/checkout@v4
@@ -25,7 +25,7 @@ jobs:
       - name: Setup PHP
         uses: shivammathur/setup-php@v2
         with:
-          php-version: 8.1
+          php-version: 8.4
 
       - name: Install PHP dependencies
         run: composer update --no-interaction --no-scripts

.github/workflows/frontend-build.yaml

@@ -0,0 +1,63 @@
+name: Data Definitions Studio Frontend Build
+
+on:
+  push:
+    branches: [ '5.0' ]
+  pull_request:
+    branches: [ '5.0' ]
+
+jobs:
+  frontend-build:
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '18'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Lint
+        run: npm run lint || true
+
+      - name: Type check
+        run: npm run check-types
+
+      - name: Build Studio bundle
+        run: npm run build
+
+      - name: Force add built assets to git
+        run: |
+          git add -f src/DataDefinitionsBundle/Resources/public/studio/*/
+          git status --porcelain
+
+      - name: Check for changes
+        id: verify-changed-files
+        run: |
+          if [ -n "$(git status --porcelain)" ]; then
+            echo "changed=true" >> $GITHUB_OUTPUT
+          fi
+
+      - name: Commit built assets
+        if: steps.verify-changed-files.outputs.changed == 'true'
+        run: |
+          git config --local user.email "[email protected]"
+          git config --local user.name "GitHub Action"
+          git commit -m "🚀 Build Data Definitions Studio bundle
+
+          🤖 Generated with [GitHub Actions](https://github.com/instride-ch/pimcore-data-definitions/actions)
+
+          Co-Authored-By: GitHub Action <[email protected]>"
+
+      - name: Push changes
+        if: steps.verify-changed-files.outputs.changed == 'true' && github.event_name == 'push'
+        uses: ad-m/github-push-action@master
+        with:
+          github_token: ${{ secrets.GITHUB_TOKEN }}
+          branch: ${{ github.ref }}

.github/workflows/frontend.yml

@@ -0,0 +1,28 @@
+name: Frontend Build
+
+on:
+  push:
+  pull_request:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    name: "Build Frontend"
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v4
+        with:
+          node-version: '20'
+          cache: 'npm'
+
+      - name: Install dependencies
+        run: npm ci
+
+      - name: Type check
+        run: npm run check-types
+
+      - name: Build
+        run: npm run build

.github/workflows/static.yml

@@ -14,12 +14,9 @@ jobs:
 
     strategy:
       matrix:
-        php: [ 8.1, 8.2, 8.3 ]
-        pimcore: [ ^11.1, ^11.2, ^11.3 ]
+        php: [ 8.4 ]
+        pimcore: [ ^12.3 ]
         dependencies: [ highest ]
-        exclude:
-          - php: 8.1
-            dependencies: lowest
 
     services:
       database: