Implement docker

[mpiot]

This PR provides a Docker implementation for the Symfony Demo project. (based on https://github.com/mpiot/docker4symfony)

[javiereguiluz]

Thanks for contributing this. We've wanted to add this for a long time.

However, some of the proposed changes are a no-go for us:

• We must use SQLite by default, not MySQL.
• We must include all the compiled assets by default, not generate them with Yarn + Webpack Encore.

The Symfony Demo app must be runnable after downloading it without installing anything, configuring anything, changing any file or running any command. Thanks!

[mpiot]

@javiereguiluz okay, I see many possibilities:

• implement MySQL and Yarn in docker (add SQLite to docker), keep build assets and the SQLite db
• replace MySQL by SQLite
• replace MySQL by SQLite, and remove yarn

I think the first proposal is better, then I also can add a comment in docker near the PDO extension ?

[javiereguiluz]

@mpiot I'm afraid I can't help you because I don't know much about Docker. But others will read this and will help you.

In any case, the basic premise is: we can do anything inside Docker ... but we can't change anything in the existing app.

[mpiot]

@javiereguiluz I've fix it :-)
I've just keep a Doctrine Migration file, then if a user want to use MySQL he can execute the migration.

[javiereguiluz]

Thanks a lot for reworking this. To me it's OK because it doesn't change the existing app ... but I 'll let Docker experts review it before merging. Thanks.

[stof]

I suggest to have a default.conf file in this docker and to add it instead. The nginx config file split into echo commands for each line is not really readable. Having a config file would be easier to maintain IMO.

[mpiot]

@stof I agrre with you, before I did it like that. I don't remember why I've change it to use this echo...

[voronkovich]

IMHO It's better to drop all the MySql-related stuff, because it looks very confusing.

[voronkovich]

Maybe it's better to just use: memory_limit = -1?

[mpiot]

I agree, I've just copied some files used on a personnal project, and I've forget to removed some parts...

[Pierstoval]

By the way, date.timezone can be set to UTC so everyone will have same dates on the app, WDYT?

[mpiot]

@Pierstoval Because I'm in France I've configure it like that, but you're totaly right.

Thanks a lot :-)

[voronkovich]

Why did you add this block?

[mpiot]

Mmm, it's about security, but useless in our case too, I've really forget a lot of parts... :-(

[voronkovich]

Why did you add this block?

[mpiot]

It's to store protected files and use X-Accel-Redirect, idem, forget...

[voronkovich]

If we don't need this envs at runtime, we can set their values in the RUN directive:

RUN export PHP_CPPFLAGS="${PHP_CPPFLAGS} -std=c++11" ENV APP_VERSION=0.0.0 \
    set -ex; \
    # Install required system packages
    apt-get update; \
    apt-get install -qy --no-install-recommends \
    ...

See https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#env

[mpiot]

I agree, it's interesting :-) I do it ;-)

[voronkovich]

I would suggest to use sh instead o tty here.

[mpiot]

This part open a terminal in the container, then I've named it tty:
https://en.wikipedia.org/wiki/Computer_terminal#Text_terminals

I think sh is not really correct because there is a difference between /bin/sh and /bin/bash

[voronkovich]

So, maybe a bash would be more appropriate name? BTW, I think you forgot to add a -it flags to allocate tty.

[voronkovich]

Redis?

[mpiot]

Idem...

[voronkovich]

So, If we don't use the MySql all these command will wait 60 seconds?

[mpiot]

Yes, in fact... I can remove all the db part, or just remove the waiting part and the db-reset part.

[jkufner]

This is actually quite nice oneliner. Wait until services are ready is very useful, so I would like to see something like this in the makefile, even if commented out as we use sqlite here.

[mpiot]

Yes, but it's difficult to add it in the Makefile whithout MySQL... Basically I've add all the Makefile db part in the case the user would like to use MySQL, but then we've removed all MySQL trace...

[mpiot]

@voronkovich I've fixed some parts, as mentioned above, I've forget some parts (I use files from a personnal project).

I've removed MySQL part, indeed, it's simpler whithout all theses commented parts. I've keep the Makefile db part too, but maybe we can remove it ?

[voronkovich]

@mpiot, You forgot to remove this migration file.

[voronkovich]

This network is useless, we already have a default one. https://docs.docker.com/compose/networking/#configure-the-default-network

[voronkovich]

So, maybe a bash would be more appropriate name? BTW, I think you forgot to add a -it flags to allocate tty.

[mpiot]

@voronkovich In the makefile the make tty use docker-compose exec then we don't need to add -it options.

I wait some other coments for this part, make tty, make bash or make terminal ?

[jkufner]

I wait some other coments for this part, make tty, make bash or make terminal ?

make shell

[mpiot]

@jkufner why not, now: 3 persons => 3 choices :-)

[voronkovich]

make shell sounds nice to me too.

[mpiot]

This is ok, I've rename the tty part in shell :-)

[mpiot]

What do you think about the naming for the php-cs-fixer part ? Because we name lint-yaml, lint twig, lint xliff, why not lint php ?

I'm pretty divided about it.

[mpiot]

Test fails because there is a vulnerability (Twig 2.7 required, but it will be fixed when #955 is merged)

At the moment, I've no updates used versions. Then maybe before merge, say it to me to define last versions. (PHP, node, composer, etc...)

[athlan]

One note about layers.

How about creating .dockerignore with .env files? Now they're uploaded, especially env.local and may conflict with env variables passed.

[athlan]

I'd split it as separate RUN step, any mistake in app-specific set of docker-php-ext requires full rebuild of this later which takes ages.

[mpiot]

I've add all of it in a single layout to follow Dockerfile best practices that recommend to do the less number of layer as possible. Then, when you want to add something in your image, you can split it to test before, then regroup it after ?

I think, it's not totaly usefull to split this part, because we just need the split sometimes when you want to change something, but otherwise we never change anything.

That's my opinion. But I understand what you say, because when I edit this part I split it for try, because this part (with ICU) is very long.

Wait coments, but if more people prefer, we can split after the ICU install.

[mpiot]

@athlan I've added a .dockerignore file.

[athlan]

Here I'd inherit from app step, because if application relies on some extension installed before (in app step) (example bcmath) here this dependency will be missing. Proposal:

FROM app as vendor-builder

ARG COMPOSER_VERSION

# Install Composer
RUN set -ex; \
    EXPECTED_SIGNATURE="$(curl -L https://getcomposer.org/download/${COMPOSER_VERSION}/composer.phar.sha256sum)"; \
    curl -L -o composer.phar https://getcomposer.org/download/${COMPOSER_VERSION}/composer.phar; \
    ACTUAL_SIGNATURE="$(sha256sum composer.phar)"; \
    if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ]; then >&2 echo 'ERROR: Invalid installer signature' && rm /usr/local/bin/composer && exit 1 ; fi; \
    chmod +x composer.phar && mv composer.phar /usr/local/bin/composer; \
    RESULT=$?; \
    exit $RESULT;

[mpiot]

Previously, I was doing like it, but I've change to avoid have composer in the final image.

At the moment on all my projects, I've never had this problem (but, sure, I've not test all dependencies). The goal of this part is to only install vendors and avoid to have composer in the final image.

[athlan]

That's good point 👍 . Build mechanisms should't be on final image.

However, final image won't have this dependency, because app-prod inherits from app, not vendor-builder. You wisely used only copy of /app files from vendor-builder while composer is located under /usr/local/bin/composer.

(hope it will be finally merged - good contribution I think)

[mpiot]

Yes but if we install composer on app then, you have composer on app-prod and finaly on the image.

Do you have a case were it fails ? At the moment on all projects it work fine like it (use the composer image to install vendors).

For the last point, I'm not sure, this PR is open since a long time... :(

[athlan]

Yes yes, that's why my proposal is to have it only on vendor-builder (not app):

FROM app as vendor-builder

I do have a case for amqp not-native library, which requires bcmath. Otherwise I'd need to install amqp extension, so, both cases would require that chage.

[athlan]

I suggest add also:

• /docker
• /node_modules (might appear while development, where drive is mounted in docker-compose)
• npm-debug.log
• yarn-error.log
• and others from .gitignore?

[mpiot]

Poissible to miss some files yes, I've just copy a file from my repository, but I run the build in Travis, then some folder/files are never present.

For the docker folder, I can't because the Dockerfile need to access it.

Edit: no sorry, that's okay for docker to... Now I use a single app image (nginx + php-fpm) to deploy on azure, aws as exemple) but here, no problem.

[athlan]

Ah, yes, in case of CI/CD those folders probably wont appear. Tests outputs are also isolated in your makefiles. Just missed it checking build locally.

[mpiot]

You want to install composer in vendor-builder that extend app, that's it ? Then we install composer in the app-dev and vendor-builder ? That's possible, but, I'm not totally convinced. Because at the moment on some projects, I've never had a problem on vendor install because a php extension missed. Le ven. 2 août 2019 à 17:01, Piotr Pelczar <[email protected]> a écrit :

…

***@***.**** commented on this pull request. ------------------------------ In Dockerfile <#931 (comment)>: > + + +##################################### +## PROD ASSETS BUILDER ## +##################################### +FROM node:${NODE_VERSION} as assets-builder + +COPY . /app +WORKDIR /app + +RUN yarn install && yarn build && rm -R node_modules + +##################################### +## PROD VENDOR BUILDER ## +##################################### +FROM composer:${COMPOSER_VERSION} as vendor-builder Yes yes, that's why my proposal is to have it only on vendor-builder: FROM app as vendor-builder — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#931?email_source=notifications&email_token=ACPYEBAJTASX2GSEESAG3LTQCRD2XA5CNFSM4GPUSSRKYY3PNVWWK3TUL52HS4DFWFIHK3DMKJSXC5LFON2FEZLWNFSXPKTDN5WW2ZLOORPWSZGOCANWQQQ#discussion_r310171951>, or mute the thread <https://github.com/notifications/unsubscribe-auth/ACPYEBEDIQATD37X7FRGEA3QCRD2XANCNFSM4GPUSSRA> .

[mstrom]

What do you think do we need to add command to update dependencies?

Suggested change

	deps-update:
	## Update the project dependencies
	$(EXEC) composer update -n
	$(EXEC) yarn upgrade

[mstrom]

assets and assets-build both building assets
maybe use assets-prod instead of assets-build?

Suggested change

	assets-build: node_modules ## Build the production version of the assets
	assets-prod: node_modules ## Build the production version of the assets

[ker0x]

The project already encourages to use the Symfony binary, either to create the project or to launch the local server. Why not use the advantages it offers with Docker integration (https://symfony.com/doc/current/setup/symfony_server.html#docker-integration)?

[landsman]

It would be nice to finalize this and merge it. Can I help?

[setineos]

I think we should use the basic Docker configuration if we want to implement it in this repository.

[landsman]

It would be nice to merge at least something. It's here from 2019. 😢