From ada0c37a60ee3654308d268a954384b1e61278fe Mon Sep 17 00:00:00 2001
From: Nick Davis <nicholas.davis@digital.justice.gov.uk>
Date: Mon, 24 Jul 2023 15:47:39 +0100
Subject: [PATCH 1/5] take apk upgrade out of api dockerfile.  fix keys for dev
 dynamo at the same time

---
 docker-compose.yml                            | 24 +++++++++----------
 .../troubleshooting_container_images.md       |  8 +++----
 service-api/docker/app/Dockerfile             |  3 +--
 3 files changed, 17 insertions(+), 18 deletions(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index aca1fc47c3..c0b0351947 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -111,8 +111,8 @@ services:
     volumes:
       - ./local-config/:/app/
     environment:
-      AWS_ACCESS_KEY_ID: "-"
-      AWS_SECRET_ACCESS_KEY: "-"
+      AWS_ACCESS_KEY_ID: "devkey"
+      AWS_SECRET_ACCESS_KEY: "devkey"
       AWS_ENDPOINT_DYNAMODB: dynamodb:8000
 
       OPG_LPA_COMMON_SQS_ENDPOINT: localstack:4566
@@ -186,8 +186,8 @@ services:
       OPG_LPA_FRONT_CSRF_SALT: "test"
 
       # Local only
-      AWS_ACCESS_KEY_ID: "-"
-      AWS_SECRET_ACCESS_KEY: "-"
+      AWS_ACCESS_KEY_ID: "devkey"
+      AWS_SECRET_ACCESS_KEY: "devkey"
 
       OPG_LPA_COMMON_DYNAMODB_ENDPOINT: http://dynamodb:8000
 
@@ -253,14 +253,14 @@ services:
 
   api-app:
     container_name: lpa-api-app
-    image: lpa-api-app
+    image: 311462405659.dkr.ecr.eu-west-1.amazonaws.com/online-lpa/api_app:34c63f1
     build:
       context: ./
 # Enable debug is recommended to default to off for api to avoid slowness. Turn this on if you ever need to debug the api
       args:
         ENABLE_XDEBUG: 0
         OPG_LPA_COMMON_APP_VERSION: "${OPG_LPA_COMMON_APP_VERSION}"
-      dockerfile: service-api/docker/app/Dockerfile
+          #dockerfile: service-api/docker/app/Dockerfile
     volumes:
 # to speed running, volumes are restricted to source code that may change while container is running
       - ./service-api/bin:/app/bin
@@ -305,8 +305,8 @@ services:
       OPG_LPA_COMMON_ADMIN_ACCOUNTS: "${OPG_LPA_COMMON_ADMIN_ACCOUNTS}"
 
       # Local only
-      AWS_ACCESS_KEY_ID: "-"
-      AWS_SECRET_ACCESS_KEY: "-"
+      AWS_ACCESS_KEY_ID: "devkey"
+      AWS_SECRET_ACCESS_KEY: "devkey"
 
       OPG_LPA_COMMON_DYNAMODB_ENDPOINT: http://dynamodb:8000
       OPG_LPA_COMMON_S3_ENDPOINT: http://localstack:4566
@@ -381,8 +381,8 @@ services:
       OPG_LPA_ADMIN_JWT_SECRET: "test-secret"
 
       # Local only
-      AWS_ACCESS_KEY_ID: "-"
-      AWS_SECRET_ACCESS_KEY: "-"
+      AWS_ACCESS_KEY_ID: "devkey"
+      AWS_SECRET_ACCESS_KEY: "devkey"
 
       OPG_LPA_COMMON_DYNAMODB_ENDPOINT: http://dynamodb:8000
 
@@ -443,8 +443,8 @@ services:
       OPG_LPA_COMMON_PDF_CACHE_S3_BUCKET: "lpacache"
 
       # Local only
-      AWS_ACCESS_KEY_ID: "-"
-      AWS_SECRET_ACCESS_KEY: "-"
+      AWS_ACCESS_KEY_ID: "devkey"
+      AWS_SECRET_ACCESS_KEY: "devkey"
 
       OPG_LPA_COMMON_S3_ENDPOINT: http://localstack:4566
       OPG_LPA_COMMON_PDF_QUEUE_URL: http://localstack:4566/000000000000/pdf-queue.fifo
diff --git a/docs/runbooks/troubleshooting_container_images/troubleshooting_container_images.md b/docs/runbooks/troubleshooting_container_images/troubleshooting_container_images.md
index d1336bfffe..1387786416 100644
--- a/docs/runbooks/troubleshooting_container_images/troubleshooting_container_images.md
+++ b/docs/runbooks/troubleshooting_container_images/troubleshooting_container_images.md
@@ -73,7 +73,7 @@ docker pull 311462405659.dkr.ecr.eu-west-1.amazonaws.com/online-lpa/api_app:late
 run the image up, enable xdebug on the container and run the tests, using the following commands:
 
 ``` bash
-docker run -d --env AWS_ACCESS_KEY_ID='-' --env AWS_SECRET_ACCESS_KEY='-' --name api-tests 311462405659.dkr.ecr.eu-west-1.amazonaws.com/online-lpa/api_app:latest
+docker run -d --env AWS_ACCESS_KEY_ID='devkey' --env AWS_SECRET_ACCESS_KEY='devkey' --name api-tests 311462405659.dkr.ecr.eu-west-1.amazonaws.com/online-lpa/api_app:latest
 docker exec api-tests docker-php-ext-enable xdebug
 docker exec api-tests /app/vendor/bin/phpunit -d memory_limit=256M
 
@@ -88,11 +88,11 @@ docker exec api-tests /app/vendor/bin/phpunit -d memory_limit=256M
    3. set image name (as in previous step)
    4. set container name as set in previous step
    5. you may need to set AWS environment variables - these should be all you need:
-      1. `AWS_ACCESS_KEY_ID='-'; AWS_SECRET_ACCESS_KEY='-'`
+      1. `AWS_ACCESS_KEY_ID='devkey'; AWS_SECRET_ACCESS_KEY='devkey'`
    6. in the command preview you will see the constructed command look like this:
 
 ``` bash
-    docker run -P --env AWS_ACCESS_KEY_ID='-' --env AWS_SECRET_ACCESS_KEY='-' --name api-tests 311462405659.dkr.ecr.eu-west-1.amazonaws.com/online-lpa/api_app:latest
+    docker run -P --env AWS_ACCESS_KEY_ID='devkey' --env AWS_SECRET_ACCESS_KEY='devkey' --name api-tests 311462405659.dkr.ecr.eu-west-1.amazonaws.com/online-lpa/api_app:latest
 ```
 
 ## Setting up debugging of PHPUnit tests in PHPStorm
@@ -124,7 +124,7 @@ This consists of 3 main steps:
 7. connect to a running instance of the image above to work this out.
 
     ``` bash
-    docker run -d --env AWS_ACCESS_KEY_ID='-' --env AWS_SECRET_ACCESS_KEY='-' --name api-tests 311462405659.dkr.ecr.eu-west-1.amazonaws.com/online-lpa/api_app:latest
+    docker run -d --env AWS_ACCESS_KEY_ID='devkey' --env AWS_SECRET_ACCESS_KEY='devkey' --name api-tests 311462405659.dkr.ecr.eu-west-1.amazonaws.com/online-lpa/api_app:latest
     docker exec -it api-tests sh
     ```
 
diff --git a/service-api/docker/app/Dockerfile b/service-api/docker/app/Dockerfile
index bbe734ef8b..9611eef8e6 100644
--- a/service-api/docker/app/Dockerfile
+++ b/service-api/docker/app/Dockerfile
@@ -4,8 +4,7 @@ ENV OPG_PHP_POOL_CHILDREN_MAX="25"
 
 RUN adduser -D -g '' appuser
 
-RUN apk add --upgrade --no-cache apk-tools
-RUN apk upgrade --no-cache
+RUN apk add --no-cache apk-tools
 
 RUN apk add --no-cache postgresql-libs icu fcgi \
     && apk add --update --no-cache --virtual .build-dependencies $PHPIZE_DEPS postgresql-dev icu-dev linux-headers \

From 454138fd02a08fc87500727889af7a45be058944 Mon Sep 17 00:00:00 2001
From: Nick Davis <nicholas.davis@digital.justice.gov.uk>
Date: Mon, 24 Jul 2023 15:51:57 +0100
Subject: [PATCH 2/5] image back to api-app

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index c0b0351947..03b891919a 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -253,7 +253,7 @@ services:
 
   api-app:
     container_name: lpa-api-app
-    image: 311462405659.dkr.ecr.eu-west-1.amazonaws.com/online-lpa/api_app:34c63f1
+    image: lpa-api-app
     build:
       context: ./
 # Enable debug is recommended to default to off for api to avoid slowness. Turn this on if you ever need to debug the api

From 6c258f7fe1ba2b8b8dc42f95266e3b9211822451 Mon Sep 17 00:00:00 2001
From: Nick Davis <nicholas.davis@digital.justice.gov.uk>
Date: Mon, 24 Jul 2023 16:34:19 +0100
Subject: [PATCH 3/5] fix dockerfile

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index 03b891919a..e64fdcc866 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -260,7 +260,7 @@ services:
       args:
         ENABLE_XDEBUG: 0
         OPG_LPA_COMMON_APP_VERSION: "${OPG_LPA_COMMON_APP_VERSION}"
-          #dockerfile: service-api/docker/app/Dockerfile
+        dockerfile: service-api/docker/app/Dockerfile
     volumes:
 # to speed running, volumes are restricted to source code that may change while container is running
       - ./service-api/bin:/app/bin

From dc41afcc3db8726389b3bfa89d1b7d1dde3eaf9a Mon Sep 17 00:00:00 2001
From: Nick Davis <nicholas.davis@digital.justice.gov.uk>
Date: Mon, 24 Jul 2023 16:35:12 +0100
Subject: [PATCH 4/5] fix

---
 docker-compose.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/docker-compose.yml b/docker-compose.yml
index e64fdcc866..7739e36768 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -260,7 +260,7 @@ services:
       args:
         ENABLE_XDEBUG: 0
         OPG_LPA_COMMON_APP_VERSION: "${OPG_LPA_COMMON_APP_VERSION}"
-        dockerfile: service-api/docker/app/Dockerfile
+      dockerfile: service-api/docker/app/Dockerfile
     volumes:
 # to speed running, volumes are restricted to source code that may change while container is running
       - ./service-api/bin:/app/bin

From 70373c2b9777b99f1ac678f82209f7a9bb565c37 Mon Sep 17 00:00:00 2001
From: Nick Davis <nicholas.davis@digital.justice.gov.uk>
Date: Tue, 25 Jul 2023 11:11:38 +0100
Subject: [PATCH 5/5] experiment with alpine 3.17

---
 service-api/docker/app/Dockerfile | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/service-api/docker/app/Dockerfile b/service-api/docker/app/Dockerfile
index 9611eef8e6..0d84e13bd5 100644
--- a/service-api/docker/app/Dockerfile
+++ b/service-api/docker/app/Dockerfile
@@ -1,4 +1,4 @@
-FROM php:8.2-fpm-alpine3.16
+FROM php:8.2-fpm-alpine3.17
 
 ENV OPG_PHP_POOL_CHILDREN_MAX="25"