From 6e3f0e7a613fe6f9854cf569b543081b3ca0f92d Mon Sep 17 00:00:00 2001 From: rudy Date: Wed, 14 Jun 2023 14:59:14 +0200 Subject: [PATCH 1/5] =?UTF-8?q?issue-14:=20modification=20Dockerfile=20+?= =?UTF-8?q?=20structure=20k8S=20(=C3=A0=20compl=C3=A9ter)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .dockerignore | 2 + Dockerfile.standalone | 3 + containers/hydra-sql/000-default.conf | 38 - containers/hydra-sql/Dockerfile | 119 - containers/hydra-sql/composer-wrapper.sh | 34 - containers/hydra-sql/docker-entrypoint.sh | 18 - containers/hydra-sql/first-run.sh | 17 - containers/hydra-sql/fixuid.yml | 6 - containers/hydra-sql/install-composer.sh | 19 - containers/hydra-sql/php.ini | 1938 ----------------- containers/hydra-sql/rsyslog.conf | 1 - containers/hydra-sql/supervisor.ini | 45 - containers/hydra-sql/www.conf | 20 - docker-compose.yml | 57 +- misc/images/hydra-sql-kube/Dockerfile | 11 + misc/images/hydra-sql-standalone/Dockerfile | 11 + .../k8s/kind/cluster/kustomization.yaml | 11 + .../k8s/kind/cluster/lb/kustomization.yaml | 7 + .../kind/cluster/lb/resources/advertise.yaml | 9 + .../cluster/lb/resources/ipaddresspoool.yaml | 8 + misc/images/k8s/kind/kind-cluster.yaml | 48 + skaffold.yaml | 46 + 22 files changed, 178 insertions(+), 2290 deletions(-) create mode 100644 .dockerignore create mode 100644 Dockerfile.standalone delete mode 100644 containers/hydra-sql/000-default.conf delete mode 100644 containers/hydra-sql/Dockerfile delete mode 100755 containers/hydra-sql/composer-wrapper.sh delete mode 100644 containers/hydra-sql/docker-entrypoint.sh delete mode 100644 containers/hydra-sql/first-run.sh delete mode 100644 containers/hydra-sql/fixuid.yml delete mode 100644 containers/hydra-sql/install-composer.sh delete mode 100644 containers/hydra-sql/php.ini delete mode 100644 containers/hydra-sql/rsyslog.conf delete mode 100644 containers/hydra-sql/supervisor.ini delete mode 100644 containers/hydra-sql/www.conf create mode 100644 misc/images/hydra-sql-kube/Dockerfile create mode 100644 misc/images/hydra-sql-standalone/Dockerfile create mode 100644 misc/images/k8s/kind/cluster/kustomization.yaml create mode 100644 misc/images/k8s/kind/cluster/lb/kustomization.yaml create mode 100644 misc/images/k8s/kind/cluster/lb/resources/advertise.yaml create mode 100644 misc/images/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml create mode 100644 misc/images/k8s/kind/kind-cluster.yaml create mode 100644 skaffold.yaml diff --git a/.dockerignore b/.dockerignore new file mode 100644 index 0000000..3b052cc --- /dev/null +++ b/.dockerignore @@ -0,0 +1,2 @@ +/vendor +/var \ No newline at end of file diff --git a/Dockerfile.standalone b/Dockerfile.standalone new file mode 100644 index 0000000..452c27a --- /dev/null +++ b/Dockerfile.standalone @@ -0,0 +1,3 @@ +ARG ADDITIONAL_PACKAGES="bash mysql-client php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql" + +FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone \ No newline at end of file diff --git a/containers/hydra-sql/000-default.conf b/containers/hydra-sql/000-default.conf deleted file mode 100644 index fab6d95..0000000 --- a/containers/hydra-sql/000-default.conf +++ /dev/null @@ -1,38 +0,0 @@ - - # Uncomment the following line to force Apache to pass the Authorization - # header to PHP: required for "basic_auth" under PHP-FPM and FastCGI - # - # SetEnvIfNoCase ^Authorization$ "(.+)" HTTP_AUTHORIZATION=$1 - - # For Apache 2.4.9 or higher - # Using SetHandler avoids issues with using ProxyPassMatch in combination - # with mod_rewrite or mod_autoindex - - SetHandler "proxy:unix:/run/php/php8.1-fpm.sock|fcgi://127.0.0.1:9000" - # for Unix sockets, Apache 2.4.10 or higher - # SetHandler proxy:unix:/path/to/fpm.sock|fcgi://dummy - - - # If you use Apache version below 2.4.9 you must consider update or use this instead - # ProxyPassMatch ^/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/project/public/$1 - - # If you run your Symfony application on a subpath of your document root, the - # regular expression must be changed accordingly: - # ProxyPassMatch ^/path-to-app/(.*\.php(/.*)?)$ fcgi://127.0.0.1:9000/var/www/project/public/$1 - - DocumentRoot /var/www/public - - # enable the .htaccess rewrites - AllowOverride All - Require all granted - - - # uncomment the following lines if you install assets as symlinks - # or run into problems when compiling LESS/Sass/CoffeeScript assets - # - # Options FollowSymlinks - # - - ErrorLog /var/log/apache2/project_error.log - CustomLog /var/log/apache2/project_access.log combined - \ No newline at end of file diff --git a/containers/hydra-sql/Dockerfile b/containers/hydra-sql/Dockerfile deleted file mode 100644 index b427365..0000000 --- a/containers/hydra-sql/Dockerfile +++ /dev/null @@ -1,119 +0,0 @@ -FROM ubuntu:22.04 - -ARG HTTP_PROXY= -ARG HTTPS_PROXY= -ARG http_proxy= -ARG https_proxy= - -ENV WAITFORIT_VERSION="v2.4.1" - -ARG PHP_VERSION="8.1" -ENV PHP_VERSION $PHP_VERSION - -RUN export DEBIAN_FRONTEND=noninteractive && \ - apt-get update -y && \ - apt-get install -y software-properties-common && \ - add-apt-repository ppa:ondrej/php && \ - apt-get update -y && \ - apt-get install -y --no-install-recommends \ - git bash wget ca-certificates supervisor cron rsyslog mysql-client jq \ - mutt tree vim python3-setuptools python3-pip make \ - php${PHP_VERSION}-cli php${PHP_VERSION}-ldap php${PHP_VERSION}-soap \ - php${PHP_VERSION}-intl php${PHP_VERSION}-curl php${PHP_VERSION}-gd \ - php${PHP_VERSION}-xml php${PHP_VERSION}-bcmath \ - php${PHP_VERSION}-zip php${PHP_VERSION}-fpm \ - php${PHP_VERSION}-mbstring \ - php${PHP_VERSION}-pgsql \ - php${PHP_VERSION}-mysql \ - php${PHP_VERSION}-pdo-pgsql \ - php${PHP_VERSION}-pdo-mysql \ - php${PHP_VERSION}-ssh2 libxml2-utils \ - locales \ - apache2 \ - libapache2-mod-fcgid \ - ssh-client \ - acl moreutils \ - sudo - -# Set fr_FR locale -RUN sed -i -e 's/# fr_FR.UTF-8 UTF-8/fr_FR.UTF-8 UTF-8/' /etc/locale.gen && \ - dpkg-reconfigure --frontend=noninteractive locales && \ - update-locale LANG=fr_FR.UTF-8 -ENV LC_ALL fr_FR.UTF-8 -ENV LANG fr_FR.UTF-8 -ENV LANGUAGE fr_FR.UTF-8 - -# Install NodeJS -RUN wget -O- https://deb.nodesource.com/setup_18.x | bash - \ - && apt-get install -y nodejs \ - && npm install nodemon -g - -# Waitforit - Wait for all service is running before launch tests -RUN wget -q -O /usr/local/bin/waitforit https://github.com/maxcnunes/waitforit/releases/download/$WAITFORIT_VERSION/waitforit-linux_amd64 \ - && chmod +x /usr/local/bin/waitforit - -# Install superfsmon to restart supervisor programs on file changes -RUN pip3 install wheel superfsmon - -VOLUME /var/www -VOLUME /var/www/var/logs -VOLUME /var/www/var/cache - -# Install composer -COPY install-composer.sh /var/www/install-composer.sh -RUN chmod +x /var/www/install-composer.sh &&\ - /var/www/install-composer.sh &&\ - rm -f /var/www/install-composer.sh - -# On active les mods d'apache nécessaires -RUN a2enmod rewrite -RUN a2enmod proxy_fcgi setenvif -RUN a2enconf php8.1-fpm -RUN a2enmod proxy -RUN a2enmod expires -RUN a2enmod headers - -# On injecte les bonnes configs apache et php-fpm -COPY 000-default.conf /etc/apache2/sites-available/000-default.conf -COPY www.conf /etc/php/8.1/fpm/pool.d/www.conf - -EXPOSE 5000 -EXPOSE 80 - -WORKDIR /var/www - -# On démarre php-fpm une fois pour créer les sockets -RUN service php8.1-fpm start -RUN service php8.1-fpm stop - - -COPY docker-entrypoint.sh /docker-entrypoint.sh -RUN chmod +x /docker-entrypoint.sh - -COPY first-run.sh /root/first-run.sh -RUN chmod +x /root/first-run.sh - -# Disable rsyslog privileges drop to allow stdout logging -RUN sed -i 's/^\$\(PrivDropTo.*\)$/#\1/' /etc/rsyslog.conf -RUN sed -i '/imklog/s/^/#/' /etc/rsyslog.conf - -COPY rsyslog.conf /etc/rsyslog.d/var/www.conf -COPY supervisor.ini /etc/supervisor/supervisor.ini -COPY php.ini /etc/php/8.1/fpm/php.ini - -VOLUME /container-lifecycle - -RUN wget -O- https://github.com/boxboat/fixuid/releases/download/v0.5.1/fixuid-0.5.1-linux-amd64.tar.gz | tar -C /usr/local/bin -xzf - \ - && chown root:root /usr/local/bin/fixuid \ - && chmod 4755 /usr/local/bin/fixuid \ - && mkdir -p /etc/fixuid - -COPY fixuid.yml /etc/fixuid/config.yml - -ENTRYPOINT ["/usr/local/bin/fixuid"] - -RUN echo "www-data ALL=(ALL:ALL) NOPASSWD: ALL" > /etc/sudoers.d/www-data - -USER www-data - -CMD ["/docker-entrypoint.sh"] diff --git a/containers/hydra-sql/composer-wrapper.sh b/containers/hydra-sql/composer-wrapper.sh deleted file mode 100755 index 597d673..0000000 --- a/containers/hydra-sql/composer-wrapper.sh +++ /dev/null @@ -1,34 +0,0 @@ -#!/bin/bash - -set -eo pipefail - -export COMPOSER_HOME=/tmp/composer - -COMPOSER_AUTH="${COMPOSER_HOME}/auth.json" - -function fix_composer_auth { - if [ ! -f "${COMPOSER_AUTH}" ]; then - return - fi - - GITHUB_TOKEN=$(cat "${COMPOSER_AUTH}" | jq -r '.["github-oauth"]["github.com"]') - - if [ ! -z "${GITHUB_TOKEN}" ]; then - - GITHUB_USERNAME=$(cat "${COMPOSER_AUTH}" | jq -r '.["http-basic"]["github.com"].username') - if [ -z "${GITHUB_USERNAME}" ]; then - echo -n "Identifiant Github ? " - read GITHUB_USERNAME - fi - - cat "${COMPOSER_AUTH}" | jq ".[\"http-basic\"][\"github.com\"] = {\"username\": \"${GITHUB_USERNAME}\", \"password\":\"${GITHUB_TOKEN}\"}" | sponge "${COMPOSER_AUTH}" - cat "${COMPOSER_AUTH}" | jq "del(.[\"github-oauth\"])" | sponge "${COMPOSER_AUTH}" - fi -} - -function main { - fix_composer_auth - php composer.phar ${@:1} -} - -main $@ \ No newline at end of file diff --git a/containers/hydra-sql/docker-entrypoint.sh b/containers/hydra-sql/docker-entrypoint.sh deleted file mode 100644 index 80d2e1c..0000000 --- a/containers/hydra-sql/docker-entrypoint.sh +++ /dev/null @@ -1,18 +0,0 @@ -#!/bin/bash - -set -eo pipefail - -if [ ! -e /container-lifecycle/first_run ]; then - echo "First hydra-sql run detected. Initializing environment..." - sudo -E /root/first-run.sh - sudo touch /container-lifecycle/first_run -fi - -# Récupération des clés SSH de l'hôte pour Composer -if [ -d '/root/.host-ssh' ] && [ $(id -u) -eq 0 ]; then - sudo rm -rf /root/.ssh - sudo cp -r /root/.host-ssh /root/.ssh - sudo chown -R root: /root/.ssh -fi - -sudo -E /usr/bin/supervisord -c /etc/supervisor/supervisor.ini diff --git a/containers/hydra-sql/first-run.sh b/containers/hydra-sql/first-run.sh deleted file mode 100644 index 81e4589..0000000 --- a/containers/hydra-sql/first-run.sh +++ /dev/null @@ -1,17 +0,0 @@ -#!/bin/bash - -set -xeo pipefail - -[ ! -d /var/www/.config ] && sudo mkdir -p /var/www/.config -[ -d /var/www/.config ] && sudo chown -R www-data: /var/www/.config - -[ ! -d /var/www/.cache ] && sudo mkdir -p /var/www/.cache -[ -d /var/www/.cache ] && sudo chown -R www-data: /var/www/.cache - -sudo chown -R www-data: /var/www - -cp /bin/composer.phar /var/www/composer.phar -cd /var/www -php composer.phar install -npm install -npm run build \ No newline at end of file diff --git a/containers/hydra-sql/fixuid.yml b/containers/hydra-sql/fixuid.yml deleted file mode 100644 index d5d9989..0000000 --- a/containers/hydra-sql/fixuid.yml +++ /dev/null @@ -1,6 +0,0 @@ -user: www-data -group: www-data -paths: - - /var/www/node_modules - - /var/www/vendor - - /var/www diff --git a/containers/hydra-sql/install-composer.sh b/containers/hydra-sql/install-composer.sh deleted file mode 100644 index 1e7965f..0000000 --- a/containers/hydra-sql/install-composer.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -set -eo pipefail - -EXPECTED_SIGNATURE="$(wget -q -O- https://composer.github.io/installer.sig)" -wget -q -O composer-setup.php https://getcomposer.org/installer -ACTUAL_SIGNATURE="$(php -r "echo hash_file('SHA384', 'composer-setup.php');")" - -if [ "$EXPECTED_SIGNATURE" != "$ACTUAL_SIGNATURE" ] -then - >&2 echo 'ERROR: Invalid installer signature' - rm composer-setup.php - exit 1 -fi - -php composer-setup.php --install-dir=bin -RESULT=$? -rm composer-setup.php -exit $RESULT \ No newline at end of file diff --git a/containers/hydra-sql/php.ini b/containers/hydra-sql/php.ini deleted file mode 100644 index 0894fb9..0000000 --- a/containers/hydra-sql/php.ini +++ /dev/null @@ -1,1938 +0,0 @@ -[PHP] - -;;;;;;;;;;;;;;;;;;; -; About php.ini ; -;;;;;;;;;;;;;;;;;;; -; PHP's initialization file, generally called php.ini, is responsible for -; configuring many of the aspects of PHP's behavior. - -; PHP attempts to find and load this configuration from a number of locations. -; The following is a summary of its search order: -; 1. SAPI module specific location. -; 2. The PHPRC environment variable. (As of PHP 5.2.0) -; 3. A number of predefined registry keys on Windows (As of PHP 5.2.0) -; 4. Current working directory (except CLI) -; 5. The web server's directory (for SAPI modules), or directory of PHP -; (otherwise in Windows) -; 6. The directory from the --with-config-file-path compile time option, or the -; Windows directory (usually C:\windows) -; See the PHP docs for more specific information. -; http://php.net/configuration.file - -; The syntax of the file is extremely simple. Whitespace and lines -; beginning with a semicolon are silently ignored (as you probably guessed). -; Section headers (e.g. [Foo]) are also silently ignored, even though -; they might mean something in the future. - -; Directives following the section heading [PATH=/www/mysite] only -; apply to PHP files in the /www/mysite directory. Directives -; following the section heading [HOST=www.example.com] only apply to -; PHP files served from www.example.com. Directives set in these -; special sections cannot be overridden by user-defined INI files or -; at runtime. Currently, [PATH=] and [HOST=] sections only work under -; CGI/FastCGI. -; http://php.net/ini.sections - -; Directives are specified using the following syntax: -; directive = value -; Directive names are *case sensitive* - foo=bar is different from FOO=bar. -; Directives are variables used to configure PHP or PHP extensions. -; There is no name validation. If PHP can't find an expected -; directive because it is not set or is mistyped, a default value will be used. - -; The value can be a string, a number, a PHP constant (e.g. E_ALL or M_PI), one -; of the INI constants (On, Off, True, False, Yes, No and None) or an expression -; (e.g. E_ALL & ~E_NOTICE), a quoted string ("bar"), or a reference to a -; previously set variable or directive (e.g. ${foo}) - -; Expressions in the INI file are limited to bitwise operators and parentheses: -; | bitwise OR -; ^ bitwise XOR -; & bitwise AND -; ~ bitwise NOT -; ! boolean NOT - -; Boolean flags can be turned on using the values 1, On, True or Yes. -; They can be turned off using the values 0, Off, False or No. - -; An empty string can be denoted by simply not writing anything after the equal -; sign, or by using the None keyword: - -; foo = ; sets foo to an empty string -; foo = None ; sets foo to an empty string -; foo = "None" ; sets foo to the string 'None' - -; If you use constants in your value, and these constants belong to a -; dynamically loaded extension (either a PHP extension or a Zend extension), -; you may only use these constants *after* the line that loads the extension. - -;;;;;;;;;;;;;;;;;;; -; About this file ; -;;;;;;;;;;;;;;;;;;; -; PHP comes packaged with two INI files. One that is recommended to be used -; in production environments and one that is recommended to be used in -; development environments. - -; php.ini-production contains settings which hold security, performance and -; best practices at its core. But please be aware, these settings may break -; compatibility with older or less security conscience applications. We -; recommending using the production ini in production and testing environments. - -; php.ini-development is very similar to its production variant, except it is -; much more verbose when it comes to errors. We recommend using the -; development version only in development environments, as errors shown to -; application users can inadvertently leak otherwise secure information. - -; This is the php.ini-production INI file. - -;;;;;;;;;;;;;;;;;;; -; Quick Reference ; -;;;;;;;;;;;;;;;;;;; -; The following are all the settings which are different in either the production -; or development versions of the INIs with respect to PHP's default behavior. -; Please see the actual settings later in the document for more details as to why -; we recommend these changes in PHP's behavior. - -; display_errors -; Default Value: On -; Development Value: On -; Production Value: Off - -; display_startup_errors -; Default Value: Off -; Development Value: On -; Production Value: Off - -; error_reporting -; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED -; Development Value: E_ALL -; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT - -; html_errors -; Default Value: On -; Development Value: On -; Production value: On - -; log_errors -; Default Value: Off -; Development Value: On -; Production Value: On - -; max_input_time -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) - -; output_buffering -; Default Value: Off -; Development Value: 4096 -; Production Value: 4096 - -; register_argc_argv -; Default Value: On -; Development Value: Off -; Production Value: Off - -; request_order -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" - -; session.gc_divisor -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 - -; session.sid_bits_per_character -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 - -; short_open_tag -; Default Value: On -; Development Value: Off -; Production Value: Off - -; variables_order -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS" - -;;;;;;;;;;;;;;;;;;;; -; php.ini Options ; -;;;;;;;;;;;;;;;;;;;; -; Name for user-defined php.ini (.htaccess) files. Default is ".user.ini" -;user_ini.filename = ".user.ini" - -; To disable this feature set this option to an empty value -;user_ini.filename = - -; TTL for user-defined php.ini files (time-to-live) in seconds. Default is 300 seconds (5 minutes) -;user_ini.cache_ttl = 300 - -;;;;;;;;;;;;;;;;;;;; -; Language Options ; -;;;;;;;;;;;;;;;;;;;; - -; Enable the PHP scripting language engine under Apache. -; http://php.net/engine -engine = On - -; This directive determines whether or not PHP will recognize code between -; tags as PHP source which should be processed as such. It is -; generally recommended that should be used and that this feature -; should be disabled, as enabling it may result in issues when generating XML -; documents, however this remains supported for backward compatibility reasons. -; Note that this directive does not control the would work. -; http://php.net/syntax-highlighting -;highlight.string = #DD0000 -;highlight.comment = #FF9900 -;highlight.keyword = #007700 -;highlight.default = #0000BB -;highlight.html = #000000 - -; If enabled, the request will be allowed to complete even if the user aborts -; the request. Consider enabling it if executing long requests, which may end up -; being interrupted by the user or a browser timing out. PHP's default behavior -; is to disable this feature. -; http://php.net/ignore-user-abort -;ignore_user_abort = On - -; Determines the size of the realpath cache to be used by PHP. This value should -; be increased on systems where PHP opens many files to reflect the quantity of -; the file operations performed. -; Note: if open_basedir is set, the cache is disabled -; http://php.net/realpath-cache-size -;realpath_cache_size = 4096k - -; Duration of time, in seconds for which to cache realpath information for a given -; file or directory. For systems with rarely changing files, consider increasing this -; value. -; http://php.net/realpath-cache-ttl -;realpath_cache_ttl = 120 - -; Enables or disables the circular reference collector. -; http://php.net/zend.enable-gc -zend.enable_gc = On - -; If enabled, scripts may be written in encodings that are incompatible with -; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such -; encodings. To use this feature, mbstring extension must be enabled. -; Default: Off -;zend.multibyte = Off - -; Allows to set the default encoding for the scripts. This value will be used -; unless "declare(encoding=...)" directive appears at the top of the script. -; Only affects if zend.multibyte is set. -; Default: "" -;zend.script_encoding = - -;;;;;;;;;;;;;;;;; -; Miscellaneous ; -;;;;;;;;;;;;;;;;; - -; Decides whether PHP may expose the fact that it is installed on the server -; (e.g. by adding its signature to the Web server header). It is no security -; threat in any way, but it makes it possible to determine whether you use PHP -; on your server or not. -; http://php.net/expose-php -expose_php = Off - -;;;;;;;;;;;;;;;;;;; -; Resource Limits ; -;;;;;;;;;;;;;;;;;;; - -; Maximum execution time of each script, in seconds -; http://php.net/max-execution-time -; Note: This directive is hardcoded to 0 for the CLI SAPI -max_execution_time = 30 - -; Maximum amount of time each script may spend parsing request data. It's a good -; idea to limit this time on productions servers in order to eliminate unexpectedly -; long running scripts. -; Note: This directive is hardcoded to -1 for the CLI SAPI -; Default Value: -1 (Unlimited) -; Development Value: 60 (60 seconds) -; Production Value: 60 (60 seconds) -; http://php.net/max-input-time -max_input_time = 60 - -; Maximum input variable nesting level -; http://php.net/max-input-nesting-level -;max_input_nesting_level = 64 - -; How many GET/POST/COOKIE input variables may be accepted -;max_input_vars = 1000 - -; Maximum amount of memory a script may consume (128MB) -; http://php.net/memory-limit -memory_limit = 128M - -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; -; Error handling and logging ; -;;;;;;;;;;;;;;;;;;;;;;;;;;;;;; - -; This directive informs PHP of which errors, warnings and notices you would like -; it to take action for. The recommended way of setting values for this -; directive is through the use of the error level constants and bitwise -; operators. The error level constants are below here for convenience as well as -; some common settings and their meanings. -; By default, PHP is set to take action on all errors, notices and warnings EXCEPT -; those related to E_NOTICE and E_STRICT, which together cover best practices and -; recommended coding standards in PHP. For performance reasons, this is the -; recommend error reporting setting. Your production server shouldn't be wasting -; resources complaining about best practices and coding standards. That's what -; development servers and development settings are for. -; Note: The php.ini-development file has this setting as E_ALL. This -; means it pretty much reports everything which is exactly what you want during -; development and early testing. -; -; Error Level Constants: -; E_ALL - All errors and warnings (includes E_STRICT as of PHP 5.4.0) -; E_ERROR - fatal run-time errors -; E_RECOVERABLE_ERROR - almost fatal run-time errors -; E_WARNING - run-time warnings (non-fatal errors) -; E_PARSE - compile-time parse errors -; E_NOTICE - run-time notices (these are warnings which often result -; from a bug in your code, but it's possible that it was -; intentional (e.g., using an uninitialized variable and -; relying on the fact it is automatically initialized to an -; empty string) -; E_STRICT - run-time notices, enable to have PHP suggest changes -; to your code which will ensure the best interoperability -; and forward compatibility of your code -; E_CORE_ERROR - fatal errors that occur during PHP's initial startup -; E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's -; initial startup -; E_COMPILE_ERROR - fatal compile-time errors -; E_COMPILE_WARNING - compile-time warnings (non-fatal errors) -; E_USER_ERROR - user-generated error message -; E_USER_WARNING - user-generated warning message -; E_USER_NOTICE - user-generated notice message -; E_DEPRECATED - warn about code that will not work in future versions -; of PHP -; E_USER_DEPRECATED - user-generated deprecation warnings -; -; Common Values: -; E_ALL (Show all errors, warnings and notices including coding standards.) -; E_ALL & ~E_NOTICE (Show all errors, except for notices) -; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) -; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED -; Development Value: E_ALL -; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT -; http://php.net/error-reporting -error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT - -; This directive controls whether or not and where PHP will output errors, -; notices and warnings too. Error output is very useful during development, but -; it could be very dangerous in production environments. Depending on the code -; which is triggering the error, sensitive information could potentially leak -; out of your application such as database usernames and passwords or worse. -; For production environments, we recommend logging errors rather than -; sending them to STDOUT. -; Possible Values: -; Off = Do not display any errors -; stderr = Display errors to STDERR (affects only CGI/CLI binaries!) -; On or stdout = Display errors to STDOUT -; Default Value: On -; Development Value: On -; Production Value: Off -; http://php.net/display-errors -display_errors = Off - -; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. We strongly recommend you -; set this to 'off' for production servers. -; Default Value: Off -; Development Value: On -; Production Value: Off -; http://php.net/display-startup-errors -display_startup_errors = Off - -; Besides displaying errors, PHP can also log errors to locations such as a -; server-specific log, STDERR, or a location specified by the error_log -; directive found below. While errors should not be displayed on productions -; servers they should still be monitored and logging is a great way to do that. -; Default Value: Off -; Development Value: On -; Production Value: On -; http://php.net/log-errors -log_errors = On - -; Set maximum length of log_errors. In error_log information about the source is -; added. The default is 1024 and 0 allows to not apply any maximum length at all. -; http://php.net/log-errors-max-len -log_errors_max_len = 1024 - -; Do not log repeated messages. Repeated errors must occur in same file on same -; line unless ignore_repeated_source is set true. -; http://php.net/ignore-repeated-errors -ignore_repeated_errors = Off - -; Ignore source of message when ignoring repeated messages. When this setting -; is On you will not log errors with repeated messages from different files or -; source lines. -; http://php.net/ignore-repeated-source -ignore_repeated_source = Off - -; If this parameter is set to Off, then memory leaks will not be shown (on -; stdout or in the log). This has only effect in a debug compile, and if -; error reporting includes E_WARNING in the allowed list -; http://php.net/report-memleaks -report_memleaks = On - -; This setting is on by default. -;report_zend_debug = 0 - -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; This directive is DEPRECATED. -; Default Value: Off -; Development Value: Off -; Production Value: Off -; http://php.net/track-errors -;track_errors = Off - -; Turn off normal error reporting and emit XML-RPC error XML -; http://php.net/xmlrpc-errors -;xmlrpc_errors = 0 - -; An XML-RPC faultCode -;xmlrpc_error_number = 0 - -; When PHP displays or logs an error, it has the capability of formatting the -; error message as HTML for easier reading. This directive controls whether -; the error message is formatted as HTML or not. -; Note: This directive is hardcoded to Off for the CLI SAPI -; Default Value: On -; Development Value: On -; Production value: On -; http://php.net/html-errors -html_errors = On - -; If html_errors is set to On *and* docref_root is not empty, then PHP -; produces clickable error messages that direct to a page describing the error -; or function causing the error in detail. -; You can download a copy of the PHP manual from http://php.net/docs -; and change docref_root to the base URL of your local copy including the -; leading '/'. You must also specify the file extension being used including -; the dot. PHP's default behavior is to leave these settings empty, in which -; case no links to documentation are generated. -; Note: Never use this feature for production boxes. -; http://php.net/docref-root -; Examples -;docref_root = "/phpmanual/" - -; http://php.net/docref-ext -;docref_ext = .html - -; String to output before an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-prepend-string -; Example: -;error_prepend_string = "" - -; String to output after an error message. PHP's default behavior is to leave -; this setting blank. -; http://php.net/error-append-string -; Example: -;error_append_string = "" - -; Log errors to specified file. PHP's default behavior is to leave this value -; empty. -; http://php.net/error-log -; Example: -;error_log = php_errors.log -; Log errors to syslog (Event Log on Windows). -;error_log = syslog - -; The syslog ident is a string which is prepended to every message logged -; to syslog. Only used when error_log is set to syslog. -;syslog.ident = php - -; The syslog facility is used to specify what type of program is logging -; the message. Only used when error_log is set to syslog. -;syslog.facility = user - -; Set this to disable filtering control characters (the default). -; Some loggers only accept NVT-ASCII, others accept anything that's not -; control characters. If your logger accepts everything, then no filtering -; is needed at all. -; Allowed values are: -; ascii (all printable ASCII characters and NL) -; no-ctrl (all characters except control characters) -; all (all characters) -; raw (like "all", but messages are not split at newlines) -; http://php.net/syslog.filter -;syslog.filter = ascii - -;windows.show_crt_warning -; Default value: 0 -; Development value: 0 -; Production value: 0 - -;;;;;;;;;;;;;;;;; -; Data Handling ; -;;;;;;;;;;;;;;;;; - -; The separator used in PHP generated URLs to separate arguments. -; PHP's default setting is "&". -; http://php.net/arg-separator.output -; Example: -;arg_separator.output = "&" - -; List of separator(s) used by PHP to parse input URLs into variables. -; PHP's default setting is "&". -; NOTE: Every character in this directive is considered as separator! -; http://php.net/arg-separator.input -; Example: -;arg_separator.input = ";&" - -; This directive determines which super global arrays are registered when PHP -; starts up. G,P,C,E & S are abbreviations for the following respective super -; globals: GET, POST, COOKIE, ENV and SERVER. There is a performance penalty -; paid for the registration of these arrays and because ENV is not as commonly -; used as the others, ENV is not recommended on productions servers. You -; can still get access to the environment variables through getenv() should you -; need to. -; Default Value: "EGPCS" -; Development Value: "GPCS" -; Production Value: "GPCS"; -; http://php.net/variables-order -variables_order = "GPCS" - -; This directive determines which super global data (G,P & C) should be -; registered into the super global array REQUEST. If so, it also determines -; the order in which that data is registered. The values for this directive -; are specified in the same manner as the variables_order directive, -; EXCEPT one. Leaving this value empty will cause PHP to use the value set -; in the variables_order directive. It does not mean it will leave the super -; globals array REQUEST empty. -; Default Value: None -; Development Value: "GP" -; Production Value: "GP" -; http://php.net/request-order -request_order = "GP" - -; This directive determines whether PHP registers $argv & $argc each time it -; runs. $argv contains an array of all the arguments passed to PHP when a script -; is invoked. $argc contains an integer representing the number of arguments -; that were passed when the script was invoked. These arrays are extremely -; useful when running scripts from the command line. When this directive is -; enabled, registering these variables consumes CPU cycles and memory each time -; a script is executed. For performance reasons, this feature should be disabled -; on production servers. -; Note: This directive is hardcoded to On for the CLI SAPI -; Default Value: On -; Development Value: Off -; Production Value: Off -; http://php.net/register-argc-argv -register_argc_argv = Off - -; When enabled, the ENV, REQUEST and SERVER variables are created when they're -; first used (Just In Time) instead of when the script starts. If these -; variables are not used within a script, having this directive on will result -; in a performance gain. The PHP directive register_argc_argv must be disabled -; for this directive to have any affect. -; http://php.net/auto-globals-jit -auto_globals_jit = On - -; Whether PHP will read the POST data. -; This option is enabled by default. -; Most likely, you won't want to disable this option globally. It causes $_POST -; and $_FILES to always be empty; the only way you will be able to read the -; POST data will be through the php://input stream wrapper. This can be useful -; to proxy requests or to process the POST data in a memory efficient fashion. -; http://php.net/enable-post-data-reading -;enable_post_data_reading = Off - -; Maximum size of POST data that PHP will accept. -; Its value may be 0 to disable the limit. It is ignored if POST data reading -; is disabled through enable_post_data_reading. -; http://php.net/post-max-size -post_max_size = 80M - -; Automatically add files before PHP document. -; http://php.net/auto-prepend-file -auto_prepend_file = - -; Automatically add files after PHP document. -; http://php.net/auto-append-file -auto_append_file = - -; By default, PHP will output a media type using the Content-Type header. To -; disable this, simply set it to be empty. -; -; PHP's built-in default media type is set to text/html. -; http://php.net/default-mimetype -default_mimetype = "text/html" - -; PHP's default character set is set to UTF-8. -; http://php.net/default-charset -default_charset = "UTF-8" - -; PHP internal character encoding is set to empty. -; If empty, default_charset is used. -; http://php.net/internal-encoding -;internal_encoding = - -; PHP input character encoding is set to empty. -; If empty, default_charset is used. -; http://php.net/input-encoding -;input_encoding = - -; PHP output character encoding is set to empty. -; If empty, default_charset is used. -; See also output_buffer. -; http://php.net/output-encoding -;output_encoding = - -;;;;;;;;;;;;;;;;;;;;;;;;; -; Paths and Directories ; -;;;;;;;;;;;;;;;;;;;;;;;;; - -; UNIX: "/path1:/path2" -;include_path = ".:/usr/share/php" -; -; Windows: "\path1;\path2" -;include_path = ".;c:\php\includes" -; -; PHP's default setting for include_path is ".;/path/to/php/pear" -; http://php.net/include-path - -; The root of the PHP pages, used only if nonempty. -; if PHP was not compiled with FORCE_REDIRECT, you SHOULD set doc_root -; if you are running php as a CGI under any web server (other than IIS) -; see documentation for security issues. The alternate is to use the -; cgi.force_redirect configuration below -; http://php.net/doc-root -doc_root = - -; The directory under which PHP opens the script using /~username used only -; if nonempty. -; http://php.net/user-dir -user_dir = - -; Directory in which the loadable extensions (modules) reside. -; http://php.net/extension-dir -;extension_dir = "./" -; On windows: -;extension_dir = "ext" - -; Directory where the temporary files should be placed. -; Defaults to the system default (see sys_get_temp_dir) -;sys_temp_dir = "/tmp" - -; Whether or not to enable the dl() function. The dl() function does NOT work -; properly in multithreaded servers, such as IIS or Zeus, and is automatically -; disabled on them. -; http://php.net/enable-dl -enable_dl = Off - -; cgi.force_redirect is necessary to provide security running PHP as a CGI under -; most web servers. Left undefined, PHP turns this on by default. You can -; turn it off here AT YOUR OWN RISK -; **You CAN safely turn this off for IIS, in fact, you MUST.** -; http://php.net/cgi.force-redirect -;cgi.force_redirect = 1 - -; if cgi.nph is enabled it will force cgi to always sent Status: 200 with -; every request. PHP's default behavior is to disable this feature. -;cgi.nph = 1 - -; if cgi.force_redirect is turned on, and you are not running under Apache or Netscape -; (iPlanet) web servers, you MAY need to set an environment variable name that PHP -; will look for to know it is OK to continue execution. Setting this variable MAY -; cause security issues, KNOW WHAT YOU ARE DOING FIRST. -; http://php.net/cgi.redirect-status-env -;cgi.redirect_status_env = - -; cgi.fix_pathinfo provides *real* PATH_INFO/PATH_TRANSLATED support for CGI. PHP's -; previous behaviour was to set PATH_TRANSLATED to SCRIPT_FILENAME, and to not grok -; what PATH_INFO is. For more information on PATH_INFO, see the cgi specs. Setting -; this to 1 will cause PHP CGI to fix its paths to conform to the spec. A setting -; of zero causes PHP to behave as before. Default is 1. You should fix your scripts -; to use SCRIPT_FILENAME rather than PATH_TRANSLATED. -; http://php.net/cgi.fix-pathinfo -;cgi.fix_pathinfo=1 - -; if cgi.discard_path is enabled, the PHP CGI binary can safely be placed outside -; of the web tree and people will not be able to circumvent .htaccess security. -;cgi.discard_path=1 - -; FastCGI under IIS supports the ability to impersonate -; security tokens of the calling client. This allows IIS to define the -; security context that the request runs under. mod_fastcgi under Apache -; does not currently support this feature (03/17/2002) -; Set to 1 if running under IIS. Default is zero. -; http://php.net/fastcgi.impersonate -;fastcgi.impersonate = 1 - -; Disable logging through FastCGI connection. PHP's default behavior is to enable -; this feature. -;fastcgi.logging = 0 - -; cgi.rfc2616_headers configuration option tells PHP what type of headers to -; use when sending HTTP response code. If set to 0, PHP sends Status: header that -; is supported by Apache. When this option is set to 1, PHP will send -; RFC2616 compliant header. -; Default is zero. -; http://php.net/cgi.rfc2616-headers -;cgi.rfc2616_headers = 0 - -; cgi.check_shebang_line controls whether CGI PHP checks for line starting with #! -; (shebang) at the top of the running script. This line might be needed if the -; script support running both as stand-alone script and via PHP CGI<. PHP in CGI -; mode skips this line and ignores its content if this directive is turned on. -; http://php.net/cgi.check-shebang-line -;cgi.check_shebang_line=1 - -;;;;;;;;;;;;;;;; -; File Uploads ; -;;;;;;;;;;;;;;;; - -; Whether to allow HTTP file uploads. -; http://php.net/file-uploads -file_uploads = On - -; Temporary directory for HTTP uploaded files (will use system default if not -; specified). -; http://php.net/upload-tmp-dir -;upload_tmp_dir = - -; Maximum allowed size for uploaded files. -; http://php.net/upload-max-filesize -upload_max_filesize = 22M - -; Maximum number of files that can be uploaded via a single request -max_file_uploads = 20 - -;;;;;;;;;;;;;;;;;; -; Fopen wrappers ; -;;;;;;;;;;;;;;;;;; - -; Whether to allow the treatment of URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-fopen -allow_url_fopen = On - -; Whether to allow include/require to open URLs (like http:// or ftp://) as files. -; http://php.net/allow-url-include -allow_url_include = Off - -; Define the anonymous ftp password (your email address). PHP's default setting -; for this is empty. -; http://php.net/from -;from="john@doe.com" - -; Define the User-Agent string. PHP's default setting for this is empty. -; http://php.net/user-agent -;user_agent="PHP" - -; Default timeout for socket based streams (seconds) -; http://php.net/default-socket-timeout -default_socket_timeout = 60 - -; If your scripts have to deal with files from Macintosh systems, -; or you are running on a Mac and need to deal with files from -; unix or win32 systems, setting this flag will cause PHP to -; automatically detect the EOL character in those files so that -; fgets() and file() will work regardless of the source of the file. -; http://php.net/auto-detect-line-endings -;auto_detect_line_endings = Off - -;;;;;;;;;;;;;;;;;;;;;; -; Dynamic Extensions ; -;;;;;;;;;;;;;;;;;;;;;; - -; If you wish to have an extension loaded automatically, use the following -; syntax: -; -; extension=modulename -; -; For example: -; -; extension=mysqli -; -; When the extension library to load is not located in the default extension -; directory, You may specify an absolute path to the library file: -; -; extension=/path/to/extension/mysqli.so -; -; Note : The syntax used in previous PHP versions ('extension=.so' and -; 'extension='php_.dll') is supported for legacy reasons and may be -; deprecated in a future PHP major version. So, when it is possible, please -; move to the new ('extension=) syntax. -; -; Notes for Windows environments : -; -; - Many DLL files are located in the extensions/ (PHP 4) or ext/ (PHP 5+) -; extension folders as well as the separate PECL DLL download (PHP 5+). -; Be sure to appropriately set the extension_dir directive. -; -;extension=bz2 -;extension=curl -;extension=fileinfo -;extension=gd2 -;extension=gettext -;extension=gmp -;extension=intl -;extension=imap -;extension=interbase -;extension=ldap -;extension=mbstring -;extension=exif ; Must be after mbstring as it depends on it -;extension=mysqli -;extension=oci8_12c ; Use with Oracle Database 12c Instant Client -;extension=odbc -;extension=openssl -;extension=pdo_firebird -extension=pdo_mysql -;extension=pdo_oci -;extension=pdo_odbc -;extension=pdo_pgsql -;extension=pdo_sqlite -;extension=pgsql -;extension=shmop - -; The MIBS data available in the PHP distribution must be installed. -; See http://www.php.net/manual/en/snmp.installation.php -;extension=snmp - -;extension=soap -;extension=sockets -;extension=sodium -;extension=sqlite3 -;extension=tidy -;extension=xmlrpc -;extension=xsl - -;;;;;;;;;;;;;;;;;;; -; Module Settings ; -;;;;;;;;;;;;;;;;;;; - -[CLI Server] -; Whether the CLI web server uses ANSI color coding in its terminal output. -cli_server.color = On - -[Date] -; Defines the default timezone used by the date functions -; http://php.net/date.timezone -;date.timezone = - -; http://php.net/date.default-latitude -;date.default_latitude = 31.7667 - -; http://php.net/date.default-longitude -;date.default_longitude = 35.2333 - -; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 - -; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 - -[filter] -; http://php.net/filter.default -;filter.default = unsafe_raw - -; http://php.net/filter.default-flags -;filter.default_flags = - -[iconv] -; Use of this INI entry is deprecated, use global input_encoding instead. -; If empty, default_charset or input_encoding or iconv.input_encoding is used. -; The precedence is: default_charset < input_encoding < iconv.input_encoding -;iconv.input_encoding = - -; Use of this INI entry is deprecated, use global internal_encoding instead. -; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. -; The precedence is: default_charset < internal_encoding < iconv.internal_encoding -;iconv.internal_encoding = - -; Use of this INI entry is deprecated, use global output_encoding instead. -; If empty, default_charset or output_encoding or iconv.output_encoding is used. -; The precedence is: default_charset < output_encoding < iconv.output_encoding -; To use an output encoding conversion, iconv's output handler must be set -; otherwise output encoding conversion cannot be performed. -;iconv.output_encoding = - -[imap] -; rsh/ssh logins are disabled by default. Use this INI entry if you want to -; enable them. Note that the IMAP library does not filter mailbox names before -; passing them to rsh/ssh command, thus passing untrusted data to this function -; with rsh/ssh enabled is insecure. -;imap.enable_insecure_rsh=0 - -[intl] -;intl.default_locale = -; This directive allows you to produce PHP errors when some error -; happens within intl functions. The value is the level of the error produced. -; Default is 0, which does not produce any errors. -;intl.error_level = E_WARNING -;intl.use_exceptions = 0 - -[sqlite3] -; Directory pointing to SQLite3 extensions -; http://php.net/sqlite3.extension-dir -;sqlite3.extension_dir = - -; SQLite defensive mode flag (only available from SQLite 3.26+) -; When the defensive flag is enabled, language features that allow ordinary -; SQL to deliberately corrupt the database file are disabled. This forbids -; writing directly to the schema, shadow tables (eg. FTS data tables), or -; the sqlite_dbpage virtual table. -; https://www.sqlite.org/c3ref/c_dbconfig_defensive.html -; (for older SQLite versions, this flag has no use) -;sqlite3.defensive = 1 - -[Pcre] -; PCRE library backtracking limit. -; http://php.net/pcre.backtrack-limit -;pcre.backtrack_limit=100000 - -; PCRE library recursion limit. -; Please note that if you set this value to a high number you may consume all -; the available process stack and eventually crash PHP (due to reaching the -; stack size limit imposed by the Operating System). -; http://php.net/pcre.recursion-limit -;pcre.recursion_limit=100000 - -; Enables or disables JIT compilation of patterns. This requires the PCRE -; library to be compiled with JIT support. -;pcre.jit=1 - -[Pdo] -; Whether to pool ODBC connections. Can be one of "strict", "relaxed" or "off" -; http://php.net/pdo-odbc.connection-pooling -;pdo_odbc.connection_pooling=strict - -;pdo_odbc.db2_instance_name - -[Pdo_mysql] -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -pdo_mysql.default_socket= - -[Phar] -; http://php.net/phar.readonly -;phar.readonly = On - -; http://php.net/phar.require-hash -;phar.require_hash = On - -;phar.cache_list = - -[mail function] -; For Win32 only. -; http://php.net/smtp -SMTP = localhost -; http://php.net/smtp-port -smtp_port = 25 - -; For Win32 only. -; http://php.net/sendmail-from -;sendmail_from = me@example.com - -; For Unix only. You may supply arguments as well (default: "sendmail -t -i"). -; http://php.net/sendmail-path -;sendmail_path = - -; Force the addition of the specified parameters to be passed as extra parameters -; to the sendmail binary. These parameters will always replace the value of -; the 5th parameter to mail(). -;mail.force_extra_parameters = - -; Add X-PHP-Originating-Script: that will include uid of the script followed by the filename -mail.add_x_header = Off - -; The path to a log file that will log all mail() calls. Log entries include -; the full path of the script, line number, To address and headers. -;mail.log = -; Log mail to syslog (Event Log on Windows). -;mail.log = syslog - -[ODBC] -; http://php.net/odbc.default-db -;odbc.default_db = Not yet implemented - -; http://php.net/odbc.default-user -;odbc.default_user = Not yet implemented - -; http://php.net/odbc.default-pw -;odbc.default_pw = Not yet implemented - -; Controls the ODBC cursor model. -; Default: SQL_CURSOR_STATIC (default). -;odbc.default_cursortype - -; Allow or prevent persistent links. -; http://php.net/odbc.allow-persistent -odbc.allow_persistent = On - -; Check that a connection is still valid before reuse. -; http://php.net/odbc.check-persistent -odbc.check_persistent = On - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/odbc.max-persistent -odbc.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -; http://php.net/odbc.max-links -odbc.max_links = -1 - -; Handling of LONG fields. Returns number of bytes to variables. 0 means -; passthru. -; http://php.net/odbc.defaultlrl -odbc.defaultlrl = 4096 - -; Handling of binary data. 0 means passthru, 1 return as is, 2 convert to char. -; See the documentation on odbc_binmode and odbc_longreadlen for an explanation -; of odbc.defaultlrl and odbc.defaultbinmode -; http://php.net/odbc.defaultbinmode -odbc.defaultbinmode = 1 - -[Interbase] -; Allow or prevent persistent links. -ibase.allow_persistent = 1 - -; Maximum number of persistent links. -1 means no limit. -ibase.max_persistent = -1 - -; Maximum number of links (persistent + non-persistent). -1 means no limit. -ibase.max_links = -1 - -; Default database name for ibase_connect(). -;ibase.default_db = - -; Default username for ibase_connect(). -;ibase.default_user = - -; Default password for ibase_connect(). -;ibase.default_password = - -; Default charset for ibase_connect(). -;ibase.default_charset = - -; Default timestamp format. -ibase.timestampformat = "%Y-%m-%d %H:%M:%S" - -; Default date format. -ibase.dateformat = "%Y-%m-%d" - -; Default time format. -ibase.timeformat = "%H:%M:%S" - -[MySQLi] - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/mysqli.max-persistent -mysqli.max_persistent = -1 - -; Allow accessing, from PHP's perspective, local files with LOAD DATA statements -; http://php.net/mysqli.allow_local_infile -;mysqli.allow_local_infile = On - -; Allow or prevent persistent links. -; http://php.net/mysqli.allow-persistent -mysqli.allow_persistent = On - -; Maximum number of links. -1 means no limit. -; http://php.net/mysqli.max-links -mysqli.max_links = -1 - -; Default port number for mysqli_connect(). If unset, mysqli_connect() will use -; the $MYSQL_TCP_PORT or the mysql-tcp entry in /etc/services or the -; compile-time value defined MYSQL_PORT (in that order). Win32 will only look -; at MYSQL_PORT. -; http://php.net/mysqli.default-port -mysqli.default_port = 3306 - -; Default socket name for local MySQL connects. If empty, uses the built-in -; MySQL defaults. -; http://php.net/mysqli.default-socket -mysqli.default_socket = - -; Default host for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-host -mysqli.default_host = - -; Default user for mysql_connect() (doesn't apply in safe mode). -; http://php.net/mysqli.default-user -mysqli.default_user = - -; Default password for mysqli_connect() (doesn't apply in safe mode). -; Note that this is generally a *bad* idea to store passwords in this file. -; *Any* user with PHP access can run 'echo get_cfg_var("mysqli.default_pw") -; and reveal this password! And of course, any users with read access to this -; file will be able to reveal the password as well. -; http://php.net/mysqli.default-pw -mysqli.default_pw = - -; Allow or prevent reconnect -mysqli.reconnect = Off - -[mysqlnd] -; Enable / Disable collection of general statistics by mysqlnd which can be -; used to tune and monitor MySQL operations. -mysqlnd.collect_statistics = On - -; Enable / Disable collection of memory usage statistics by mysqlnd which can be -; used to tune and monitor MySQL operations. -mysqlnd.collect_memory_statistics = Off - -; Records communication from all extensions using mysqlnd to the specified log -; file. -; http://php.net/mysqlnd.debug -;mysqlnd.debug = - -; Defines which queries will be logged. -;mysqlnd.log_mask = 0 - -; Default size of the mysqlnd memory pool, which is used by result sets. -;mysqlnd.mempool_default_size = 16000 - -; Size of a pre-allocated buffer used when sending commands to MySQL in bytes. -;mysqlnd.net_cmd_buffer_size = 2048 - -; Size of a pre-allocated buffer used for reading data sent by the server in -; bytes. -;mysqlnd.net_read_buffer_size = 32768 - -; Timeout for network requests in seconds. -;mysqlnd.net_read_timeout = 31536000 - -; SHA-256 Authentication Plugin related. File with the MySQL server public RSA -; key. -;mysqlnd.sha256_server_public_key = - -[OCI8] - -; Connection: Enables privileged connections using external -; credentials (OCI_SYSOPER, OCI_SYSDBA) -; http://php.net/oci8.privileged-connect -;oci8.privileged_connect = Off - -; Connection: The maximum number of persistent OCI8 connections per -; process. Using -1 means no limit. -; http://php.net/oci8.max-persistent -;oci8.max_persistent = -1 - -; Connection: The maximum number of seconds a process is allowed to -; maintain an idle persistent connection. Using -1 means idle -; persistent connections will be maintained forever. -; http://php.net/oci8.persistent-timeout -;oci8.persistent_timeout = -1 - -; Connection: The number of seconds that must pass before issuing a -; ping during oci_pconnect() to check the connection validity. When -; set to 0, each oci_pconnect() will cause a ping. Using -1 disables -; pings completely. -; http://php.net/oci8.ping-interval -;oci8.ping_interval = 60 - -; Connection: Set this to a user chosen connection class to be used -; for all pooled server requests with Oracle 11g Database Resident -; Connection Pooling (DRCP). To use DRCP, this value should be set to -; the same string for all web servers running the same application, -; the database pool must be configured, and the connection string must -; specify to use a pooled server. -;oci8.connection_class = - -; High Availability: Using On lets PHP receive Fast Application -; Notification (FAN) events generated when a database node fails. The -; database must also be configured to post FAN events. -;oci8.events = Off - -; Tuning: This option enables statement caching, and specifies how -; many statements to cache. Using 0 disables statement caching. -; http://php.net/oci8.statement-cache-size -;oci8.statement_cache_size = 20 - -; Tuning: Enables statement prefetching and sets the default number of -; rows that will be fetched automatically after statement execution. -; http://php.net/oci8.default-prefetch -;oci8.default_prefetch = 100 - -; Compatibility. Using On means oci_close() will not close -; oci_connect() and oci_new_connect() connections. -; http://php.net/oci8.old-oci-close-semantics -;oci8.old_oci_close_semantics = Off - -[PostgreSQL] -; Allow or prevent persistent links. -; http://php.net/pgsql.allow-persistent -pgsql.allow_persistent = On - -; Detect broken persistent links always with pg_pconnect(). -; Auto reset feature requires a little overheads. -; http://php.net/pgsql.auto-reset-persistent -pgsql.auto_reset_persistent = Off - -; Maximum number of persistent links. -1 means no limit. -; http://php.net/pgsql.max-persistent -pgsql.max_persistent = -1 - -; Maximum number of links (persistent+non persistent). -1 means no limit. -; http://php.net/pgsql.max-links -pgsql.max_links = -1 - -; Ignore PostgreSQL backends Notice message or not. -; Notice message logging require a little overheads. -; http://php.net/pgsql.ignore-notice -pgsql.ignore_notice = 0 - -; Log PostgreSQL backends Notice message or not. -; Unless pgsql.ignore_notice=0, module cannot log notice message. -; http://php.net/pgsql.log-notice -pgsql.log_notice = 0 - -[bcmath] -; Number of decimal digits for all bcmath functions. -; http://php.net/bcmath.scale -bcmath.scale = 0 - -[browscap] -; http://php.net/browscap -;browscap = extra/browscap.ini - -[Session] -; Handler used to store/retrieve data. -; http://php.net/session.save-handler -session.save_handler = files - -; Argument passed to save_handler. In the case of files, this is the path -; where data files are stored. Note: Windows users have to change this -; variable in order to use PHP's session functions. -; -; The path can be defined as: -; -; session.save_path = "N;/path" -; -; where N is an integer. Instead of storing all the session files in -; /path, what this will do is use subdirectories N-levels deep, and -; store the session data in those directories. This is useful if -; your OS has problems with many files in one directory, and is -; a more efficient layout for servers that handle many sessions. -; -; NOTE 1: PHP will not create this directory structure automatically. -; You can use the script in the ext/session dir for that purpose. -; NOTE 2: See the section on garbage collection below if you choose to -; use subdirectories for session storage -; -; The file storage module creates files using mode 600 by default. -; You can change that by using -; -; session.save_path = "N;MODE;/path" -; -; where MODE is the octal representation of the mode. Note that this -; does not overwrite the process's umask. -; http://php.net/session.save-path -;session.save_path = "/var/lib/php/sessions" - -; Whether to use strict session mode. -; Strict session mode does not accept an uninitialized session ID, and -; regenerates the session ID if the browser sends an uninitialized session ID. -; Strict mode protects applications from session fixation via a session adoption -; vulnerability. It is disabled by default for maximum compatibility, but -; enabling it is encouraged. -; https://wiki.php.net/rfc/strict_sessions -session.use_strict_mode = 0 - -; Whether to use cookies. -; http://php.net/session.use-cookies -session.use_cookies = 1 - -; http://php.net/session.cookie-secure -;session.cookie_secure = - -; This option forces PHP to fetch and use a cookie for storing and maintaining -; the session id. We encourage this operation as it's very helpful in combating -; session hijacking when not specifying and managing your own session id. It is -; not the be-all and end-all of session hijacking defense, but it's a good start. -; http://php.net/session.use-only-cookies -session.use_only_cookies = 1 - -; Name of the session (used as cookie name). -; http://php.net/session.name -session.name = PHPSESSID - -; Initialize session on request startup. -; http://php.net/session.auto-start -session.auto_start = 0 - -; Lifetime in seconds of cookie or, if 0, until browser is restarted. -; http://php.net/session.cookie-lifetime -session.cookie_lifetime = 0 - -; The path for which the cookie is valid. -; http://php.net/session.cookie-path -session.cookie_path = / - -; The domain for which the cookie is valid. -; http://php.net/session.cookie-domain -session.cookie_domain = - -; Whether or not to add the httpOnly flag to the cookie, which makes it -; inaccessible to browser scripting languages such as JavaScript. -; http://php.net/session.cookie-httponly -session.cookie_httponly = - -; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) -; Current valid values are "Lax" or "Strict" -; https://tools.ietf.org/html/draft-west-first-party-cookies-07 -session.cookie_samesite = - -; Handler used to serialize data. php is the standard serializer of PHP. -; http://php.net/session.serialize-handler -session.serialize_handler = php - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using gc_probability/gc_divisor, -; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.gc-probability -session.gc_probability = 0 - -; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using gc_probability/gc_divisor, -; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. -; For high volume production servers, using a value of 1000 is a more efficient approach. -; Default Value: 100 -; Development Value: 1000 -; Production Value: 1000 -; http://php.net/session.gc-divisor -session.gc_divisor = 1000 - -; After this number of seconds, stored data will be seen as 'garbage' and -; cleaned up by the garbage collection process. -; http://php.net/session.gc-maxlifetime -session.gc_maxlifetime = 1440 - -; NOTE: If you are using the subdirectory option for storing session files -; (see session.save_path above), then garbage collection does *not* -; happen automatically. You will need to do your own garbage -; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): -; find /path/to/sessions -cmin +24 -type f | xargs rm - -; Check HTTP Referer to invalidate externally stored URLs containing ids. -; HTTP_REFERER has to contain this substring for the session to be -; considered as valid. -; http://php.net/session.referer-check -session.referer_check = - -; Set to {nocache,private,public,} to determine HTTP caching aspects -; or leave this empty to avoid sending anti-caching headers. -; http://php.net/session.cache-limiter -session.cache_limiter = nocache - -; Document expires after n minutes. -; http://php.net/session.cache-expire -session.cache_expire = 180 - -; trans sid support is disabled by default. -; Use of trans sid may risk your users' security. -; Use this option with caution. -; - User may send URL contains active session ID -; to other person via. email/irc/etc. -; - URL that contains active session ID may be stored -; in publicly accessible computer. -; - User may access your site with the same session ID -; always using URL stored in browser's history or bookmarks. -; http://php.net/session.use-trans-sid -session.use_trans_sid = 0 - -; Set session ID character length. This value could be between 22 to 256. -; Shorter length than default is supported only for compatibility reason. -; Users should use 32 or more chars. -; http://php.net/session.sid-length -; Default Value: 32 -; Development Value: 26 -; Production Value: 26 -session.sid_length = 26 - -; The URL rewriter will look for URLs in a defined set of HTML tags. -;
is special; if you include them here, the rewriter will -; add a hidden field with the info which is otherwise appended -; to URLs. tag's action attribute URL will not be modified -; unless it is specified. -; Note that all valid entries require a "=", even if no value follows. -; Default Value: "a=href,area=href,frame=src,form=" -; Development Value: "a=href,area=href,frame=src,form=" -; Production Value: "a=href,area=href,frame=src,form=" -; http://php.net/url-rewriter.tags -session.trans_sid_tags = "a=href,area=href,frame=src,form=" - -; URL rewriter does not rewrite absolute URLs by default. -; To enable rewrites for absolute paths, target hosts must be specified -; at RUNTIME. i.e. use ini_set() -; tags is special. PHP will check action attribute's URL regardless -; of session.trans_sid_tags setting. -; If no host is defined, HTTP_HOST will be used for allowed host. -; Example value: php.net,www.php.net,wiki.php.net -; Use "," for multiple hosts. No spaces are allowed. -; Default Value: "" -; Development Value: "" -; Production Value: "" -;session.trans_sid_hosts="" - -; Define how many bits are stored in each character when converting -; the binary hash data to something readable. -; Possible values: -; 4 (4 bits: 0-9, a-f) -; 5 (5 bits: 0-9, a-v) -; 6 (6 bits: 0-9, a-z, A-Z, "-", ",") -; Default Value: 4 -; Development Value: 5 -; Production Value: 5 -; http://php.net/session.hash-bits-per-character -session.sid_bits_per_character = 5 - -; Enable upload progress tracking in $_SESSION -; Default Value: On -; Development Value: On -; Production Value: On -; http://php.net/session.upload-progress.enabled -;session.upload_progress.enabled = On - -; Cleanup the progress information as soon as all POST data has been read -; (i.e. upload completed). -; Default Value: On -; Development Value: On -; Production Value: On -; http://php.net/session.upload-progress.cleanup -;session.upload_progress.cleanup = On - -; A prefix used for the upload progress key in $_SESSION -; Default Value: "upload_progress_" -; Development Value: "upload_progress_" -; Production Value: "upload_progress_" -; http://php.net/session.upload-progress.prefix -;session.upload_progress.prefix = "upload_progress_" - -; The index name (concatenated with the prefix) in $_SESSION -; containing the upload progress information -; Default Value: "PHP_SESSION_UPLOAD_PROGRESS" -; Development Value: "PHP_SESSION_UPLOAD_PROGRESS" -; Production Value: "PHP_SESSION_UPLOAD_PROGRESS" -; http://php.net/session.upload-progress.name -;session.upload_progress.name = "PHP_SESSION_UPLOAD_PROGRESS" - -; How frequently the upload progress should be updated. -; Given either in percentages (per-file), or in bytes -; Default Value: "1%" -; Development Value: "1%" -; Production Value: "1%" -; http://php.net/session.upload-progress.freq -;session.upload_progress.freq = "1%" - -; The minimum delay between updates, in seconds -; Default Value: 1 -; Development Value: 1 -; Production Value: 1 -; http://php.net/session.upload-progress.min-freq -;session.upload_progress.min_freq = "1" - -; Only write session data when session data is changed. Enabled by default. -; http://php.net/session.lazy-write -;session.lazy_write = On - -[Assertion] -; Switch whether to compile assertions at all (to have no overhead at run-time) -; -1: Do not compile at all -; 0: Jump over assertion at run-time -; 1: Execute assertions -; Changing from or to a negative value is only possible in php.ini! (For turning assertions on and off at run-time, see assert.active, when zend.assertions = 1) -; Default Value: 1 -; Development Value: 1 -; Production Value: -1 -; http://php.net/zend.assertions -zend.assertions = -1 - -; Assert(expr); active by default. -; http://php.net/assert.active -;assert.active = On - -; Throw an AssertionError on failed assertions -; http://php.net/assert.exception -;assert.exception = On - -; Issue a PHP warning for each failed assertion. (Overridden by assert.exception if active) -; http://php.net/assert.warning -;assert.warning = On - -; Don't bail out by default. -; http://php.net/assert.bail -;assert.bail = Off - -; User-function to be called if an assertion fails. -; http://php.net/assert.callback -;assert.callback = 0 - -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - -[COM] -; path to a file containing GUIDs, IIDs or filenames of files with TypeLibs -; http://php.net/com.typelib-file -;com.typelib_file = - -; allow Distributed-COM calls -; http://php.net/com.allow-dcom -;com.allow_dcom = true - -; autoregister constants of a component's typlib on com_load() -; http://php.net/com.autoregister-typelib -;com.autoregister_typelib = true - -; register constants casesensitive -; http://php.net/com.autoregister-casesensitive -;com.autoregister_casesensitive = false - -; show warnings on duplicate constant registrations -; http://php.net/com.autoregister-verbose -;com.autoregister_verbose = true - -; The default character set code-page to use when passing strings to and from COM objects. -; Default: system ANSI code page -;com.code_page= - -[mbstring] -; language for internal character representation. -; This affects mb_send_mail() and mbstring.detect_order. -; http://php.net/mbstring.language -;mbstring.language = Japanese - -; Use of this INI entry is deprecated, use global internal_encoding instead. -; internal/script encoding. -; Some encoding cannot work as internal encoding. (e.g. SJIS, BIG5, ISO-2022-*) -; If empty, default_charset or internal_encoding or iconv.internal_encoding is used. -; The precedence is: default_charset < internal_encoding < iconv.internal_encoding -;mbstring.internal_encoding = - -; Use of this INI entry is deprecated, use global input_encoding instead. -; http input encoding. -; mbstring.encoding_translation = On is needed to use this setting. -; If empty, default_charset or input_encoding or mbstring.input is used. -; The precedence is: default_charset < input_encoding < mbsting.http_input -; http://php.net/mbstring.http-input -;mbstring.http_input = - -; Use of this INI entry is deprecated, use global output_encoding instead. -; http output encoding. -; mb_output_handler must be registered as output buffer to function. -; If empty, default_charset or output_encoding or mbstring.http_output is used. -; The precedence is: default_charset < output_encoding < mbstring.http_output -; To use an output encoding conversion, mbstring's output handler must be set -; otherwise output encoding conversion cannot be performed. -; http://php.net/mbstring.http-output -;mbstring.http_output = - -; enable automatic encoding translation according to -; mbstring.internal_encoding setting. Input chars are -; converted to internal encoding by setting this to On. -; Note: Do _not_ use automatic encoding translation for -; portable libs/applications. -; http://php.net/mbstring.encoding-translation -;mbstring.encoding_translation = Off - -; automatic encoding detection order. -; "auto" detect order is changed according to mbstring.language -; http://php.net/mbstring.detect-order -;mbstring.detect_order = auto - -; substitute_character used when character cannot be converted -; one from another -; http://php.net/mbstring.substitute-character -;mbstring.substitute_character = none - -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -; Default: Off -;mbstring.strict_detection = On - -; This directive specifies the regex pattern of content types for which mb_output_handler() -; is activated. -; Default: mbstring.http_output_conv_mimetype=^(text/|application/xhtml\+xml) -;mbstring.http_output_conv_mimetype= - -; This directive specifies maximum stack depth for mbstring regular expressions. It is similar -; to the pcre.recursion_limit for PCRE. -; Default: 100000 -;mbstring.regex_stack_limit=100000 - -[gd] -; Tell the jpeg decode to ignore warnings and try to create -; a gd image. The warning will then be displayed as notices -; disabled by default -; http://php.net/gd.jpeg-ignore-warning -;gd.jpeg_ignore_warning = 1 - -[exif] -; Exif UNICODE user comments are handled as UCS-2BE/UCS-2LE and JIS as JIS. -; With mbstring support this will automatically be converted into the encoding -; given by corresponding encode setting. When empty mbstring.internal_encoding -; is used. For the decode settings you can distinguish between motorola and -; intel byte order. A decode setting cannot be empty. -; http://php.net/exif.encode-unicode -;exif.encode_unicode = ISO-8859-15 - -; http://php.net/exif.decode-unicode-motorola -;exif.decode_unicode_motorola = UCS-2BE - -; http://php.net/exif.decode-unicode-intel -;exif.decode_unicode_intel = UCS-2LE - -; http://php.net/exif.encode-jis -;exif.encode_jis = - -; http://php.net/exif.decode-jis-motorola -;exif.decode_jis_motorola = JIS - -; http://php.net/exif.decode-jis-intel -;exif.decode_jis_intel = JIS - -[Tidy] -; The path to a default tidy configuration file to use when using tidy -; http://php.net/tidy.default-config -;tidy.default_config = /usr/local/lib/php/default.tcfg - -; Should tidy clean and repair output automatically? -; WARNING: Do not use this option if you are generating non-html content -; such as dynamic images -; http://php.net/tidy.clean-output -tidy.clean_output = Off - -[soap] -; Enables or disables WSDL caching feature. -; http://php.net/soap.wsdl-cache-enabled -soap.wsdl_cache_enabled=1 - -; Sets the directory name where SOAP extension will put cache files. -; http://php.net/soap.wsdl-cache-dir -soap.wsdl_cache_dir="/tmp" - -; (time to live) Sets the number of second while cached file will be used -; instead of original one. -; http://php.net/soap.wsdl-cache-ttl -soap.wsdl_cache_ttl=86400 - -; Sets the size of the cache limit. (Max. number of WSDL files to cache) -soap.wsdl_cache_limit = 5 - -[sysvshm] -; A default size of the shared memory segment -;sysvshm.init_mem = 10000 - -[ldap] -; Sets the maximum number of open links or -1 for unlimited. -ldap.max_links = -1 - -[dba] -;dba.default_handler= - -[opcache] -; Determines if Zend OPCache is enabled -;opcache.enable=1 - -; Determines if Zend OPCache is enabled for the CLI version of PHP -;opcache.enable_cli=0 - -; The OPcache shared memory storage size. -;opcache.memory_consumption=128 - -; The amount of memory for interned strings in Mbytes. -;opcache.interned_strings_buffer=8 - -; The maximum number of keys (scripts) in the OPcache hash table. -; Only numbers between 200 and 1000000 are allowed. -;opcache.max_accelerated_files=10000 - -; The maximum percentage of "wasted" memory until a restart is scheduled. -;opcache.max_wasted_percentage=5 - -; When this directive is enabled, the OPcache appends the current working -; directory to the script key, thus eliminating possible collisions between -; files with the same name (basename). Disabling the directive improves -; performance, but may break existing applications. -;opcache.use_cwd=1 - -; When disabled, you must reset the OPcache manually or restart the -; webserver for changes to the filesystem to take effect. -;opcache.validate_timestamps=1 - -; How often (in seconds) to check file timestamps for changes to the shared -; memory storage allocation. ("1" means validate once per second, but only -; once per request. "0" means always validate) -;opcache.revalidate_freq=2 - -; Enables or disables file search in include_path optimization -;opcache.revalidate_path=0 - -; If disabled, all PHPDoc comments are dropped from the code to reduce the -; size of the optimized code. -;opcache.save_comments=1 - -; Allow file existence override (file_exists, etc.) performance feature. -;opcache.enable_file_override=0 - -; A bitmask, where each bit enables or disables the appropriate OPcache -; passes -;opcache.optimization_level=0x7FFFBFFF - -;opcache.dups_fix=0 - -; The location of the OPcache blacklist file (wildcards allowed). -; Each OPcache blacklist file is a text file that holds the names of files -; that should not be accelerated. The file format is to add each filename -; to a new line. The filename may be a full path or just a file prefix -; (i.e., /var/www/x blacklists all the files and directories in /var/www -; that start with 'x'). Line starting with a ; are ignored (comments). -;opcache.blacklist_filename= - -; Allows exclusion of large files from being cached. By default all files -; are cached. -;opcache.max_file_size=0 - -; Check the cache checksum each N requests. -; The default value of "0" means that the checks are disabled. -;opcache.consistency_checks=0 - -; How long to wait (in seconds) for a scheduled restart to begin if the cache -; is not being accessed. -;opcache.force_restart_timeout=180 - -; OPcache error_log file name. Empty string assumes "stderr". -;opcache.error_log= - -; All OPcache errors go to the Web server log. -; By default, only fatal errors (level 0) or errors (level 1) are logged. -; You can also enable warnings (level 2), info messages (level 3) or -; debug messages (level 4). -;opcache.log_verbosity_level=1 - -; Preferred Shared Memory back-end. Leave empty and let the system decide. -;opcache.preferred_memory_model= - -; Protect the shared memory from unexpected writing during script execution. -; Useful for internal debugging only. -;opcache.protect_memory=0 - -; Allows calling OPcache API functions only from PHP scripts which path is -; started from specified string. The default "" means no restriction -;opcache.restrict_api= - -; Mapping base of shared memory segments (for Windows only). All the PHP -; processes have to map shared memory into the same address space. This -; directive allows to manually fix the "Unable to reattach to base address" -; errors. -;opcache.mmap_base= - -; Enables and sets the second level cache directory. -; It should improve performance when SHM memory is full, at server restart or -; SHM reset. The default "" disables file based caching. -;opcache.file_cache= - -; Enables or disables opcode caching in shared memory. -;opcache.file_cache_only=0 - -; Enables or disables checksum validation when script loaded from file cache. -;opcache.file_cache_consistency_checks=1 - -; Implies opcache.file_cache_only=1 for a certain process that failed to -; reattach to the shared memory (for Windows only). Explicitly enabled file -; cache is required. -;opcache.file_cache_fallback=1 - -; Enables or disables copying of PHP code (text segment) into HUGE PAGES. -; This should improve performance, but requires appropriate OS configuration. -;opcache.huge_code_pages=1 - -; Validate cached file permissions. -;opcache.validate_permission=0 - -; Prevent name collisions in chroot'ed environment. -;opcache.validate_root=0 - -; If specified, it produces opcode dumps for debugging different stages of -; optimizations. -;opcache.opt_debug_level=0 - -[curl] -; A default value for the CURLOPT_CAINFO option. This is required to be an -; absolute path. -;curl.cainfo = - -[openssl] -; The location of a Certificate Authority (CA) file on the local filesystem -; to use when verifying the identity of SSL/TLS peers. Most users should -; not specify a value for this directive as PHP will attempt to use the -; OS-managed cert stores in its absence. If specified, this value may still -; be overridden on a per-stream basis via the "cafile" SSL stream context -; option. -;openssl.cafile= - -; If openssl.cafile is not specified or if the CA file is not found, the -; directory pointed to by openssl.capath is searched for a suitable -; certificate. This value must be a correctly hashed certificate directory. -; Most users should not specify a value for this directive as PHP will -; attempt to use the OS-managed cert stores in its absence. If specified, -; this value may still be overridden on a per-stream basis via the "capath" -; SSL stream context option. -;openssl.capath= - -; Local Variables: -; tab-width: 4 -; End: \ No newline at end of file diff --git a/containers/hydra-sql/rsyslog.conf b/containers/hydra-sql/rsyslog.conf deleted file mode 100644 index 2b99c5c..0000000 --- a/containers/hydra-sql/rsyslog.conf +++ /dev/null @@ -1 +0,0 @@ -*.* -/dev/stdout \ No newline at end of file diff --git a/containers/hydra-sql/supervisor.ini b/containers/hydra-sql/supervisor.ini deleted file mode 100644 index 0da959b..0000000 --- a/containers/hydra-sql/supervisor.ini +++ /dev/null @@ -1,45 +0,0 @@ -[supervisord] -nodaemon=true - - -[program:rsyslog] -command = /usr/sbin/rsyslogd -n -directory = / -user = root -autostart = true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 - - -[program:apache2] -environment=HOSTNAME="%(ENV_HOSTNAME)s" -command = apachectl -D "FOREGROUND" -directory = /var/www -user = root -autostart = true -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 - -[program:php-fpm] -environment=HOSTNAME="%(ENV_HOSTNAME)s" -command = /usr/sbin/php-fpm8.1 -F -autostart = true -autorestart = true -directory = /var/www -user = root -stdout_logfile=/dev/stdout -stdout_logfile_maxbytes=0 -stderr_logfile=/dev/stderr -stderr_logfile_maxbytes=0 - - - -[unix_http_server] -file=/var/run/supervisor.sock - -[rpcinterface:supervisor] -supervisor.rpcinterface_factory=supervisor.rpcinterface:make_main_rpcinterface \ No newline at end of file diff --git a/containers/hydra-sql/www.conf b/containers/hydra-sql/www.conf deleted file mode 100644 index c496690..0000000 --- a/containers/hydra-sql/www.conf +++ /dev/null @@ -1,20 +0,0 @@ -[global] -daemonize=no -error_log=/dev/stderr - -[www] -user = www-data -group = www-data - -listen = /run/php/php8.1-fpm.sock - -listen.owner = www-data -listen.group = www-data - -pm = dynamic - -pm.max_children = 5 -pm.start_servers = 2 -pm.min_spare_servers = 1 -pm.max_spare_servers = 3 -catch_workers_output = yes \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 6386adc..af14383 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,44 +3,31 @@ services: hydra-sql: container_name: hydra-sql build: - context: ./containers/hydra-sql - args: - - HTTP_PROXY=${HTTP_PROXY} - - HTTPS_PROXY=${HTTPS_PROXY} - - http_proxy=${http_proxy} - - https_proxy=${https_proxy} - user: ${FIXUID:-1000}:${FIXGID:-1000} + context: . + dockerfile: Dockerfile.standalone ports: - - 8080:80 + - ${APP_HTTP_PORT:-8080}:8080 volumes: - - .:/var/www - - /etc/localtime:/etc/localtime:ro - - $HOME/.ssh:/root/.host-ssh:ro - tmpfs: - - /var/www/var/logs:uid=${FIXUID:-1000},gid=${FIXGID:-1000} - - /var/www/var/cache:uid=${FIXUID:-1000},gid=${FIXGID:-1000} - - /var/www/public/build:uid=${FIXUID:-1000},gid=${FIXGID:-1000} - - /tmp - links: - - hydra - extra_hosts: - - "localhost:127.0.0.1" - - "localhost:host-gateway" - - "host.docker.internal:host-gateway" + - ./src:/app/src:delegated + - ./templates:/app/templates:delegated + - ./translations:/app/translations:delegated + - ./tests:/app/tests:delegated + - ./config:/app/config:delegated + - ./.env:/app/.env:delegated environment: - - APP_LOCALES=fr,en - - HYDRA_ADMIN_BASE_URL=http://hydra:4445 - - TRUSTED_PROXIES=127.0.0.1,REMOTE_ADDR,localhost - - ISSUER_URL=http://localhost:8000 - - BASE_URL=http://localhost:8080 - - DB_USER=lasql - - DB_PASSWORD=lasql - - DEFAULT_LOCALE=fr - - DSN_REMOTE_DATABASE=pgsql:host='postgres';port=5432;dbname=lasql; - - HASH_ALGO_LEGACY=sha256 - - SECURITY_PATTERN=password,salt,pepper - - + PHP_FPM_MEMORY_LIMIT: 128m + APP_ENV: dev + APP_LOCALES: fr,en + HYDRA_ADMIN_BASE_URL: http://hydra:4445 + TRUSTED_PROXIES: 127.0.0.1,REMOTE_ADDR,localhost + ISSUER_URL: http://localhost:8000 + BASE_URL: http://localhost:8080 + DB_USER: lasql + DB_PASSWORD: lasql + DEFAULT_LOCALE: fr + DSN_REMOTE_DATABASE: pgsql:host='postgres';port=5432;dbname=lasql; + HASH_ALGO_LEGACY: sha256 + SECURITY_PATTERN: password,salt,pepper oidc-test: image: bornholm/oidc-test:v0.0.0-1-g936a77e environment: diff --git a/misc/images/hydra-sql-kube/Dockerfile b/misc/images/hydra-sql-kube/Dockerfile new file mode 100644 index 0000000..d4fc728 --- /dev/null +++ b/misc/images/hydra-sql-kube/Dockerfile @@ -0,0 +1,11 @@ +ARG ADDITIONAL_PACKAGES=" + bash + mysql-client + php81-cli + php81-pdo_pgsql + php81-pdo_mysql + php81-mysqli + php81-pgsql + " + +FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-base \ No newline at end of file diff --git a/misc/images/hydra-sql-standalone/Dockerfile b/misc/images/hydra-sql-standalone/Dockerfile new file mode 100644 index 0000000..82389c5 --- /dev/null +++ b/misc/images/hydra-sql-standalone/Dockerfile @@ -0,0 +1,11 @@ +ARG ADDITIONAL_PACKAGES=" + bash + mysql-client + php81-cli + php81-pdo_pgsql + php81-pdo_mysql + php81-mysqli + php81-pgsql + " + +FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone \ No newline at end of file diff --git a/misc/images/k8s/kind/cluster/kustomization.yaml b/misc/images/k8s/kind/cluster/kustomization.yaml new file mode 100644 index 0000000..f499bad --- /dev/null +++ b/misc/images/k8s/kind/cluster/kustomization.yaml @@ -0,0 +1,11 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- https://raw.githubusercontent.com/ory/k8s/v0.30.0/helm/charts/hydra-maester/crds/crd-oauth2clients.yaml +- https://forge.cadoles.com/CadolesKube/c-kustom//base/cloudnative-pg-operator?ref=develop +- https://forge.cadoles.com/CadolesKube/c-kustom//base/redis?ref=develop +- https://forge.cadoles.com/CadolesKube/c-kustom//base/minio?ref=develop +- https://forge.cadoles.com/CadolesKube/c-kustom//base/metallb?ref=develop +- https://forge.cadoles.com/CadolesKube/c-kustom//base/metrics?ref=develop +- https://forge.cadoles.com/CadolesKube/c-kustom//base/nginx?ref=develop diff --git a/misc/images/k8s/kind/cluster/lb/kustomization.yaml b/misc/images/k8s/kind/cluster/lb/kustomization.yaml new file mode 100644 index 0000000..6446c8b --- /dev/null +++ b/misc/images/k8s/kind/cluster/lb/kustomization.yaml @@ -0,0 +1,7 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: metallb-system + +resources: +- ./resources/ipaddresspoool.yaml +- ./resources/advertise.yaml diff --git a/misc/images/k8s/kind/cluster/lb/resources/advertise.yaml b/misc/images/k8s/kind/cluster/lb/resources/advertise.yaml new file mode 100644 index 0000000..d251dba --- /dev/null +++ b/misc/images/k8s/kind/cluster/lb/resources/advertise.yaml @@ -0,0 +1,9 @@ +apiVersion: metallb.io/v1beta1 +kind: L2Advertisement +metadata: + name: l2-ip-pool-ad + namespace: metallb-system +spec: + ipAddressPools: + - main-pool + diff --git a/misc/images/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml b/misc/images/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml new file mode 100644 index 0000000..da37f87 --- /dev/null +++ b/misc/images/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml @@ -0,0 +1,8 @@ +apiVersion: metallb.io/v1beta1 +kind: IPAddressPool +metadata: + name: main-pool + namespace: metallb-system +spec: + addresses: + - 172.18.10.100-172.18.10.200 diff --git a/misc/images/k8s/kind/kind-cluster.yaml b/misc/images/k8s/kind/kind-cluster.yaml new file mode 100644 index 0000000..1eae741 --- /dev/null +++ b/misc/images/k8s/kind/kind-cluster.yaml @@ -0,0 +1,48 @@ +kind: Cluster +apiVersion: kind.x-k8s.io/v1alpha4 +name: hydra-sql +networking: + podSubnet: "10.110.0.0/16" + serviceSubnet: "10.115.0.0/16" +nodes: +- role: control-plane + image: kindest/node:v1.27.2 + kubeadmConfigPatches: + - | + kind: InitConfiguration + nodeRegistration: + kubeletExtraArgs: + node-labels: "ingress-ready=true" + extraPortMappings: + - containerPort: 31000 + hostPort: 31000 + listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0" + - containerPort: 80 + hostPort: 8080 + listenAddress: "0.0.0.0" # Optional, defaults to "0.0.0.0" + labels: + ingress-ready: true +- role: worker + image: kindest/node:v1.27.2 + kubeadmConfigPatches: + - | + kind: JoinConfiguration + nodeRegistration: + kubeletExtraArgs: + system-reserved: memory=2Gi +- role: worker + image: kindest/node:v1.27.2 + kubeadmConfigPatches: + - | + kind: JoinConfiguration + nodeRegistration: + kubeletExtraArgs: + system-reserved: memory=2Gi +- role: worker + image: kindest/node:v1.27.2 + kubeadmConfigPatches: + - | + kind: JoinConfiguration + nodeRegistration: + kubeletExtraArgs: + system-reserved: memory=2Gi diff --git a/skaffold.yaml b/skaffold.yaml new file mode 100644 index 0000000..0d0b6a0 --- /dev/null +++ b/skaffold.yaml @@ -0,0 +1,46 @@ +apiVersion: skaffold/v3 +kind: Config + +metadata: + name: mse + +manifests: + kustomize: + paths: + - misc/k8s/kustomization/base + +profiles: +- name: dev + manifests: + kustomize: + paths: + - misc/k8s/kustomization/overlays/dev + activation: + - command: dev + +build: + cluster: + dockerConfig: + path: misc/k8s/kustomization/base/secrets/dockerconfig/.dockerconfigjson + randomDockerConfigSecret: true + randomPullSecret: true + + tagPolicy: + sha256: {} + + artifacts: + - image: reg.cadoles.com/cadoles/app-kube + context: . + sync: + infer: + - src/** + - app/** + - translations/** + - scripts/** + - templates/** + kaniko: + dockerfile: misc/images/app-kube/Dockerfile + cache: {} + +deploy: + statusCheckDeadlineSeconds: 600 -- 2.17.1 From 22231f791f392634ebc3baa7afc3da36ea733c07 Mon Sep 17 00:00:00 2001 From: rudy Date: Thu, 15 Jun 2023 15:38:14 +0200 Subject: [PATCH 2/5] issue-14: structure kubernetes --- Makefile | 50 ++---------- config/packages/cache.yaml | 4 +- config/packages/framework.yaml | 2 +- docker-compose.yml | 13 +-- main.mk | 80 +++++++++++++++++++ misc/images/hydra-sql-kube/Dockerfile | 12 +-- misc/images/hydra-sql-standalone/Dockerfile | 10 +-- .../k8s/kind/cluster/kustomization.yaml | 0 .../k8s/kind/cluster/lb/kustomization.yaml | 0 .../kind/cluster/lb/resources/advertise.yaml | 0 .../cluster/lb/resources/ipaddresspoool.yaml | 0 misc/{images => }/k8s/kind/kind-cluster.yaml | 0 .../app-cnpg/configurations/cnpg-cluster.yaml | 8 ++ .../components/app-cnpg/kustomization.yaml | 32 ++++++++ .../resources/hydra-sql-cnpg-cluster.yaml | 17 ++++ .../k8s/kustomization/base/kustomization.yaml | 10 +++ .../resources/app-kube/kustomization.yaml | 6 ++ .../resources/hydra-sql-deployment.yaml | 55 +++++++++++++ .../app-kube/resources/hydra-sql-service.yaml | 14 ++++ .../k8s/kustomization/base/secrets/.gitignore | 3 + misc/k8s/kustomization/base/secrets/.gitkeep | 0 .../overlays/dev/kustomization.yaml | 21 +++++ .../dev/patches/add-registry-pull-secret.yaml | 4 + .../dev/patches/update-replicas-for-app.yaml | 8 ++ .../overlays/dev/resources/ingress.yaml | 21 +++++ .../overlays/dev/resources/namespace.yaml | 4 + .../overlays/dev/secrets/.gitignore | 3 + .../overlays/dev/secrets/.gitkeep | 0 skaffold.yaml | 4 +- 29 files changed, 308 insertions(+), 73 deletions(-) create mode 100644 main.mk rename misc/{images => }/k8s/kind/cluster/kustomization.yaml (100%) rename misc/{images => }/k8s/kind/cluster/lb/kustomization.yaml (100%) rename misc/{images => }/k8s/kind/cluster/lb/resources/advertise.yaml (100%) rename misc/{images => }/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml (100%) rename misc/{images => }/k8s/kind/kind-cluster.yaml (100%) create mode 100644 misc/k8s/kustomization/base/components/app-cnpg/configurations/cnpg-cluster.yaml create mode 100644 misc/k8s/kustomization/base/components/app-cnpg/kustomization.yaml create mode 100644 misc/k8s/kustomization/base/components/app-cnpg/resources/hydra-sql-cnpg-cluster.yaml create mode 100644 misc/k8s/kustomization/base/kustomization.yaml create mode 100644 misc/k8s/kustomization/base/resources/app-kube/kustomization.yaml create mode 100644 misc/k8s/kustomization/base/resources/app-kube/resources/hydra-sql-deployment.yaml create mode 100644 misc/k8s/kustomization/base/resources/app-kube/resources/hydra-sql-service.yaml create mode 100644 misc/k8s/kustomization/base/secrets/.gitignore create mode 100644 misc/k8s/kustomization/base/secrets/.gitkeep create mode 100644 misc/k8s/kustomization/overlays/dev/kustomization.yaml create mode 100644 misc/k8s/kustomization/overlays/dev/patches/add-registry-pull-secret.yaml create mode 100644 misc/k8s/kustomization/overlays/dev/patches/update-replicas-for-app.yaml create mode 100644 misc/k8s/kustomization/overlays/dev/resources/ingress.yaml create mode 100644 misc/k8s/kustomization/overlays/dev/resources/namespace.yaml create mode 100644 misc/k8s/kustomization/overlays/dev/secrets/.gitignore create mode 100644 misc/k8s/kustomization/overlays/dev/secrets/.gitkeep diff --git a/Makefile b/Makefile index eebbcd6..4c37756 100644 --- a/Makefile +++ b/Makefile @@ -1,46 +1,10 @@ -CI_COMPOSE=FIXUID=$(shell id -u) FIXGID=$(shell id -g) docker-compose -f docker-compose.yml -HYDRA_SQL_SHELL_USER ?= www-data: -DOCKER_CMD ?= -DOCKER_IMAGE_NAME ?= login-app-sql_hydra-sql -up: - FIXUID=$(shell id -u) FIXGID=$(shell id -g) docker-compose up --build +################################ +# Makefile for Cadoles SP +################################ -down: - docker-compose down -v +IMAGE_REPO ?= reg.cadoles.com/cadoles +IMAGE_VERSION ?= 0.0.1 -purge: - docker-compose down -v --remove-orphans --rmi local +DAY_SUFFIX_TAG ?= $(shell date +%Y%m%d) -hydra-sql-shell: - $(CI_COMPOSE) exec \ - -u "$(HYDRA_SQL_SHELL_USER)" \ - hydra-sql \ - /bin/bash - - -APP_LOCALES ?= fr,en -HYDRA_ADMIN_BASE_URL ?= http://hydra:4445 -TRUSTED_PROXIES ?= 127.0.0.1,REMOTE_ADDR,localhost -ISSUER_URL ?= http://localhost:8000 -BASE_URL ?= http://localhost:8080 -DB_USER ?= lasql -DB_PASSWORD ?= lasql -DEFAULT_LOCALE ?= fr -BDD ?= postgres -DSN_REMOTE_DATABASE=mysql:host=mariadb;port=3306;dbname=lasql - -up-mysql: - docker run \ - -it --rm \ - -p 8080:80 \ - -e APP_LOCALES=$(APP_LOCALES) \ - -e HYDRA_ADMIN_BASE_URL=$(HYDRA_ADMIN_BASE_URL) \ - -e TRUSTED_PROXIES=$(TRUSTED_PROXIES) \ - -e ISSUER_URL=$(ISSUER_URL) \ - -e BASE_URL=$(BASE_URL) \ - -e DB_USER=$(DB_USER) \ - -e DB_PASSWORD=$(DB_PASSWORD) \ - -e DEFAULT_LOCALE=$(DEFAULT_LOCALE) \ - -e DSN_REMOTE_DATABASE=$(DSN_REMOTE_DATABASE) \ - $(DOCKER_IMAGE_NAME):latest \ - $(DOCKER_CMD) +include main.mk diff --git a/config/packages/cache.yaml b/config/packages/cache.yaml index 9f7d58f..e201638 100644 --- a/config/packages/cache.yaml +++ b/config/packages/cache.yaml @@ -8,8 +8,8 @@ framework: # Other options include: # Redis - app: cache.adapter.redis - default_redis_provider: '%env(REDIS_URL)%' + # app: cache.adapter.redis + # default_redis_provider: '%env(REDIS_URL)%' # APCu (not recommended with heavy random-write workloads as memory fragmentation can cause perf issues) #app: cache.adapter.apcu diff --git a/config/packages/framework.yaml b/config/packages/framework.yaml index 2a73793..8aefb6f 100644 --- a/config/packages/framework.yaml +++ b/config/packages/framework.yaml @@ -12,7 +12,7 @@ framework: # Enables session support. Note that the session will ONLY be started if you read or write from it. # Remove or comment this section to explicitly disable session support. session: - handler_id: '%env(REDIS_URL)%' + handler_id: null cookie_secure: auto cookie_samesite: lax storage_factory_id: session.storage.factory.native diff --git a/docker-compose.yml b/docker-compose.yml index af14383..8bbdc6c 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -28,6 +28,7 @@ services: DSN_REMOTE_DATABASE: pgsql:host='postgres';port=5432;dbname=lasql; HASH_ALGO_LEGACY: sha256 SECURITY_PATTERN: password,salt,pepper + REDIS_URL: redis://redis:6379 oidc-test: image: bornholm/oidc-test:v0.0.0-1-g936a77e environment: @@ -108,12 +109,12 @@ services: - ./containers/compose/mariadb/init-db.d:/docker-entrypoint-initdb.d/:ro - mariadb:/var/lib/mysql - /etc/localtime:/etc/localtime:ro - redis: - image: redis:7.2-rc2-alpine - environment: - - TZ=Europe/Paris - volumes: - - /etc/localtime:/etc/localtime:ro + # redis: + # image: redis:7.2-rc2-alpine + # environment: + # - TZ=Europe/Paris + # volumes: + # - /etc/localtime:/etc/localtime:ro volumes: postgres: mariadb: \ No newline at end of file diff --git a/main.mk b/main.mk new file mode 100644 index 0000000..3327adc --- /dev/null +++ b/main.mk @@ -0,0 +1,80 @@ +IMAGES_DIR := ./misc/images + +# +# $1: IMAGE_NAME +# +define build_image + echo "Building ${IMAGE_REPO}/$1";\ + docker build \ + -t "${IMAGE_REPO}/$1:$(IMAGE_VERSION)" \ + -f ${IMAGES_DIR}/$1/Dockerfile \ + . +endef + +# +# $1: IMAGE_NAME +# $2: IMAGE_TAG +# +define scan_image + echo "Scanning ${IMAGE_REPO}/$1"; \ + mkdir -p .trivy/$(IMAGE_REPO)/$1; \ + tools/trivy/bin/trivy --cache-dir .trivy/.cache image -o ".trivy/$(IMAGE_REPO)/$1/$2/report.txt" $(TRIVY_ARGS) $(IMAGE_REPO)/$1:$2 ; \ + cat ".trivy/$(IMAGE_REPO)/$1/$2report.txt" +endef + +define install_trivy + mkdir -p tools/trivy/bin ; \ + curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1 +endef + +define release_image + docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) ; \ + docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:$(IMAGE_VERSION); \ + docker tag $(IMAGE_REPO)/$1:$(IMAGE_VERSION) $(IMAGE_REPO)/$1:latest ; \ + docker push $(IMAGE_REPO)/$1:latest ; \ + docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION) ; \ + docker push $(IMAGE_REPO)/$1:$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) +endef + +#list: +build: ${IMAGES_DIR}/* + @for name in $(basename $(notdir $^)); do \ + $(call build_image,$${name}); \ + done;\ + +scan: ${IMAGES_DIR}/* + $(call install_trivy) + @for name in $(basename $(notdir $^)); do \ + $(call scan_image,$${name}); \ + done;\ + +tools/trivy/bin/trivy: + mkdir -p tools/trivy/bin + curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b ./tools/trivy/bin v0.27.1 + + +release: ${IMAGES_DIR}/* + @for name in $(basename $(notdir $^)); do \ + $(call release_image,$${name},base); \ + done;\ + +_release: + docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) + docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION) + docker tag $(IMAGE_FULL_NAME):$(IMAGE_TAG) $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest + docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION)-$(DAY_SUFFIX_TAG) + docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-$(IMAGE_VERSION) + docker push $(IMAGE_FULL_NAME):$(IMAGE_TAG)-latest + +_test: tools/bin/bash_unit + tools/bin/bash_unit ./tests/test_$(IMAGE_TAG).sh + +tools/bin/bash_unit: + mkdir -p tools/bin + cd tools/bin && bash <(curl -s https://raw.githubusercontent.com/pgrange/bash_unit/master/install.sh) + +up: + skaffold dev -p dev --default-repo ${IMAGE_REPO} + + +##include recipes/*.mk diff --git a/misc/images/hydra-sql-kube/Dockerfile b/misc/images/hydra-sql-kube/Dockerfile index d4fc728..452c27a 100644 --- a/misc/images/hydra-sql-kube/Dockerfile +++ b/misc/images/hydra-sql-kube/Dockerfile @@ -1,11 +1,3 @@ -ARG ADDITIONAL_PACKAGES=" - bash - mysql-client - php81-cli - php81-pdo_pgsql - php81-pdo_mysql - php81-mysqli - php81-pgsql - " +ARG ADDITIONAL_PACKAGES="bash mysql-client php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql" -FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-base \ No newline at end of file +FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone \ No newline at end of file diff --git a/misc/images/hydra-sql-standalone/Dockerfile b/misc/images/hydra-sql-standalone/Dockerfile index 82389c5..452c27a 100644 --- a/misc/images/hydra-sql-standalone/Dockerfile +++ b/misc/images/hydra-sql-standalone/Dockerfile @@ -1,11 +1,3 @@ -ARG ADDITIONAL_PACKAGES=" - bash - mysql-client - php81-cli - php81-pdo_pgsql - php81-pdo_mysql - php81-mysqli - php81-pgsql - " +ARG ADDITIONAL_PACKAGES="bash mysql-client php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql" FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone \ No newline at end of file diff --git a/misc/images/k8s/kind/cluster/kustomization.yaml b/misc/k8s/kind/cluster/kustomization.yaml similarity index 100% rename from misc/images/k8s/kind/cluster/kustomization.yaml rename to misc/k8s/kind/cluster/kustomization.yaml diff --git a/misc/images/k8s/kind/cluster/lb/kustomization.yaml b/misc/k8s/kind/cluster/lb/kustomization.yaml similarity index 100% rename from misc/images/k8s/kind/cluster/lb/kustomization.yaml rename to misc/k8s/kind/cluster/lb/kustomization.yaml diff --git a/misc/images/k8s/kind/cluster/lb/resources/advertise.yaml b/misc/k8s/kind/cluster/lb/resources/advertise.yaml similarity index 100% rename from misc/images/k8s/kind/cluster/lb/resources/advertise.yaml rename to misc/k8s/kind/cluster/lb/resources/advertise.yaml diff --git a/misc/images/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml b/misc/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml similarity index 100% rename from misc/images/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml rename to misc/k8s/kind/cluster/lb/resources/ipaddresspoool.yaml diff --git a/misc/images/k8s/kind/kind-cluster.yaml b/misc/k8s/kind/kind-cluster.yaml similarity index 100% rename from misc/images/k8s/kind/kind-cluster.yaml rename to misc/k8s/kind/kind-cluster.yaml diff --git a/misc/k8s/kustomization/base/components/app-cnpg/configurations/cnpg-cluster.yaml b/misc/k8s/kustomization/base/components/app-cnpg/configurations/cnpg-cluster.yaml new file mode 100644 index 0000000..2eb79d2 --- /dev/null +++ b/misc/k8s/kustomization/base/components/app-cnpg/configurations/cnpg-cluster.yaml @@ -0,0 +1,8 @@ +--- +nameReference: +- kind: Secret + fieldSpecs: + - path: spec/superuserSecret/name + kind: Cluster + - path: spec/bootstrap/initdb/secret/name + kind: Cluster diff --git a/misc/k8s/kustomization/base/components/app-cnpg/kustomization.yaml b/misc/k8s/kustomization/base/components/app-cnpg/kustomization.yaml new file mode 100644 index 0000000..c8ad87a --- /dev/null +++ b/misc/k8s/kustomization/base/components/app-cnpg/kustomization.yaml @@ -0,0 +1,32 @@ +apiVersion: kustomize.config.k8s.io/v1alpha1 +kind: Component + +generatorOptions: + disableNameSuffixHash: true + +configurations: +- ./configurations/cnpg-cluster.yaml + +resources: +- ./resources/hydra-sql-cnpg-cluster.yaml + +secretgenerator: +- name: hydra-sql-postgres-admin + type: secret + literals: + - username=postgres + - password=notsosecret +- name: hydra-sql-postgres-user + type: Secret + literals: + - username=hydra-sql + - password=NotSoSecretButThisIsBad + +vars: +- name: APP_DATABASE_SERVICE_NAME + objref: + name: hydra-sql-postgres + kind: Cluster + apiVersion: postgresql.cnpg.io/v1 + fieldref: + fieldpath: metadata.name diff --git a/misc/k8s/kustomization/base/components/app-cnpg/resources/hydra-sql-cnpg-cluster.yaml b/misc/k8s/kustomization/base/components/app-cnpg/resources/hydra-sql-cnpg-cluster.yaml new file mode 100644 index 0000000..2a3d4d7 --- /dev/null +++ b/misc/k8s/kustomization/base/components/app-cnpg/resources/hydra-sql-cnpg-cluster.yaml @@ -0,0 +1,17 @@ +apiVersion: postgresql.cnpg.io/v1 +kind: Cluster +metadata: + name: hydra-sql-postgres +spec: + instances: 3 + primaryUpdateStrategy: unsupervised + superuserSecret: + name: hydra-sql-postgres-admin + bootstrap: + initdb: + database: hydra-sql + owner: hydra-sql + secret: + name: hydra-sql-postgres-user + storage: + size: 20Gi diff --git a/misc/k8s/kustomization/base/kustomization.yaml b/misc/k8s/kustomization/base/kustomization.yaml new file mode 100644 index 0000000..e32db15 --- /dev/null +++ b/misc/k8s/kustomization/base/kustomization.yaml @@ -0,0 +1,10 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +namePrefix: hydra-sql- + +components: +- components/hydra-sql-cnpg + +resources: +- resources/hydra-sql-kube diff --git a/misc/k8s/kustomization/base/resources/app-kube/kustomization.yaml b/misc/k8s/kustomization/base/resources/app-kube/kustomization.yaml new file mode 100644 index 0000000..58021af --- /dev/null +++ b/misc/k8s/kustomization/base/resources/app-kube/kustomization.yaml @@ -0,0 +1,6 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization + +resources: +- ./resources/hydra-sql-service.yaml +- ./resources/hydra-sql-deployment.yaml diff --git a/misc/k8s/kustomization/base/resources/app-kube/resources/hydra-sql-deployment.yaml b/misc/k8s/kustomization/base/resources/app-kube/resources/hydra-sql-deployment.yaml new file mode 100644 index 0000000..de20566 --- /dev/null +++ b/misc/k8s/kustomization/base/resources/app-kube/resources/hydra-sql-deployment.yaml @@ -0,0 +1,55 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + io.kompose.service: hydra-sql + name: hydra-sql +spec: + replicas: 3 + + selector: + matchLabels: + io.kompose.service: hydra-sql + strategy: + type: Recreate + template: + metadata: + labels: + io.kompose.service: hydra-sql + spec: + restartPolicy: Always + containers: + - image: reg.cadoles.com/cadoles/hydra-sql-kube + imagePullPolicy: Always + name: hydra-sql-php-fpm + args: ["/usr/sbin/php-fpm81", "-F", "-e"] + resources: {} + env: + - name: PHP_FPM_LISTEN + value: 127.0.0.1:9000 + - name: PHP_MEMORY_LIMIT + value: 128m + - name: PHP_FPM_MEMORY_LIMIT + value: 128m + - name: PHP_FPM_LOG_LEVEL + value: warning + - name: APP_DATABASE_SERVICE_NAME + value: $(APP_DATABASE_SERVICE_NAME)-rw + - image: reg.cadoles.com/cadoles/hydra-sql-kube + imagePullPolicy: Always + name: hydra-sql-nginx + args: ["/usr/sbin/nginx"] + env: + - name: NGINX_APP_UPSTREAM_BACKEND_SERVER + value: 127.0.0.1:9000 + - name: NGINX_APP_ROOT + value: "/public" + - name: NGINX_APP_PHP_INDEX + value: "/index.php" + - name: NGINX_ERROR_LOG_LEVEL + value: "warn" + - name: NGINX_APP_PHP_NON_FILE_PATTERN + value: "^/index\\.php(/|$)" + ports: + - containerPort: 8080 + resources: {} diff --git a/misc/k8s/kustomization/base/resources/app-kube/resources/hydra-sql-service.yaml b/misc/k8s/kustomization/base/resources/app-kube/resources/hydra-sql-service.yaml new file mode 100644 index 0000000..d50e3fc --- /dev/null +++ b/misc/k8s/kustomization/base/resources/app-kube/resources/hydra-sql-service.yaml @@ -0,0 +1,14 @@ +apiVersion: v1 +kind: Service +metadata: + labels: + io.kompose.service: hydra-sql + name: hydra-sql +spec: + type: ClusterIP + ports: + - name: hydra-sql-http + port: 80 + targetPort: 8080 + selector: + io.kompose.service: hydra-sql diff --git a/misc/k8s/kustomization/base/secrets/.gitignore b/misc/k8s/kustomization/base/secrets/.gitignore new file mode 100644 index 0000000..0318876 --- /dev/null +++ b/misc/k8s/kustomization/base/secrets/.gitignore @@ -0,0 +1,3 @@ +* +!.gitignore +!.gitkeep \ No newline at end of file diff --git a/misc/k8s/kustomization/base/secrets/.gitkeep b/misc/k8s/kustomization/base/secrets/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/misc/k8s/kustomization/overlays/dev/kustomization.yaml b/misc/k8s/kustomization/overlays/dev/kustomization.yaml new file mode 100644 index 0000000..19b7bbd --- /dev/null +++ b/misc/k8s/kustomization/overlays/dev/kustomization.yaml @@ -0,0 +1,21 @@ +apiVersion: kustomize.config.k8s.io/v1beta1 +kind: Kustomization +namespace: hydra-sql-dev + +resources: +- ../../base +- resources/namespace.yaml +- resources/ingress.yaml + +patches: +- path: patches/update-replicas-for-hydra-sql.yaml +- path: patches/add-registry-pull-secret.yaml + target: + kind: Deployment + version: v1 + +secretGenerator: +- files: + - secrets/dockerconfig/.dockerconfigjson + name: regcred-dev + type: kubernetes.io/dockerconfigjson diff --git a/misc/k8s/kustomization/overlays/dev/patches/add-registry-pull-secret.yaml b/misc/k8s/kustomization/overlays/dev/patches/add-registry-pull-secret.yaml new file mode 100644 index 0000000..1e4b8d2 --- /dev/null +++ b/misc/k8s/kustomization/overlays/dev/patches/add-registry-pull-secret.yaml @@ -0,0 +1,4 @@ +- op: add + path: "/spec/template/spec/imagePullSecrets" + value: + - name: regcred-dev diff --git a/misc/k8s/kustomization/overlays/dev/patches/update-replicas-for-app.yaml b/misc/k8s/kustomization/overlays/dev/patches/update-replicas-for-app.yaml new file mode 100644 index 0000000..d90be89 --- /dev/null +++ b/misc/k8s/kustomization/overlays/dev/patches/update-replicas-for-app.yaml @@ -0,0 +1,8 @@ +apiVersion: apps/v1 +kind: Deployment +metadata: + labels: + io.kompose.service: hydra-sql + name: hydra-sql +spec: + replicas: 1 diff --git a/misc/k8s/kustomization/overlays/dev/resources/ingress.yaml b/misc/k8s/kustomization/overlays/dev/resources/ingress.yaml new file mode 100644 index 0000000..7f80f88 --- /dev/null +++ b/misc/k8s/kustomization/overlays/dev/resources/ingress.yaml @@ -0,0 +1,21 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: hydra-sql + annotations: + nginx.ingress.kubernetes.io/proxy-body-size: "138m" + nginx.ingress.kubernetes.io/enable-cors: "true" #cf 01 + nginx.ingress.kubernetes.io/cors-allow-headers: "X-Forwarded-For" #cf 01 +spec: + ingressClassName: nginx + rules: + - host: hydra-sql.dev.local + http: + paths: + - path: / + pathType: Prefix + backend: + service: + name: hydra-sql + port: + number: 8080 diff --git a/misc/k8s/kustomization/overlays/dev/resources/namespace.yaml b/misc/k8s/kustomization/overlays/dev/resources/namespace.yaml new file mode 100644 index 0000000..e04b2da --- /dev/null +++ b/misc/k8s/kustomization/overlays/dev/resources/namespace.yaml @@ -0,0 +1,4 @@ +apiVersion: v1 +kind: Namespace +metadata: + name: hydra-sql-dev diff --git a/misc/k8s/kustomization/overlays/dev/secrets/.gitignore b/misc/k8s/kustomization/overlays/dev/secrets/.gitignore new file mode 100644 index 0000000..0318876 --- /dev/null +++ b/misc/k8s/kustomization/overlays/dev/secrets/.gitignore @@ -0,0 +1,3 @@ +* +!.gitignore +!.gitkeep \ No newline at end of file diff --git a/misc/k8s/kustomization/overlays/dev/secrets/.gitkeep b/misc/k8s/kustomization/overlays/dev/secrets/.gitkeep new file mode 100644 index 0000000..e69de29 diff --git a/skaffold.yaml b/skaffold.yaml index 0d0b6a0..38dfca0 100644 --- a/skaffold.yaml +++ b/skaffold.yaml @@ -29,7 +29,7 @@ build: sha256: {} artifacts: - - image: reg.cadoles.com/cadoles/app-kube + - image: reg.cadoles.com/cadoles/hydra-sql-kube context: . sync: infer: @@ -39,7 +39,7 @@ build: - scripts/** - templates/** kaniko: - dockerfile: misc/images/app-kube/Dockerfile + dockerfile: misc/images/hydra-sql-kube/Dockerfile cache: {} deploy: -- 2.17.1 From a823ac7d0e2255ea9f2965c88fe6f9cfa6caec9f Mon Sep 17 00:00:00 2001 From: rudy Date: Fri, 16 Jun 2023 13:46:17 +0200 Subject: [PATCH 3/5] issue-14: optimisation dockerfile --- Dockerfile.standalone | 2 +- Jenkinsfile | 21 ++++++++++++++++++++- docker-compose.yml | 3 +-- misc/images/hydra-sql-kube/Dockerfile | 4 ++-- misc/images/hydra-sql-standalone/Dockerfile | 2 +- readme.md | 9 ++++++--- 6 files changed, 31 insertions(+), 10 deletions(-) diff --git a/Dockerfile.standalone b/Dockerfile.standalone index 452c27a..b7efabd 100644 --- a/Dockerfile.standalone +++ b/Dockerfile.standalone @@ -1,3 +1,3 @@ -ARG ADDITIONAL_PACKAGES="bash mysql-client php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql" +ARG ADDITIONAL_PACKAGES="bash php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql" FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone \ No newline at end of file diff --git a/Jenkinsfile b/Jenkinsfile index 69e458d..89c674a 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -4,4 +4,23 @@ // Utilisation du pipeline partagé pour les applications Symfony de Cadoles // Le nom de l'image Docker passée en paramètre vous permet de préciser l'environnement de test // de votre application Symfony -symfonyAppPipeline("ubuntu:22.04") \ No newline at end of file +symfonyAppPipeline('ubuntu:22.04', [ + 'hooks': [ + // Run docker image build, verification and publication stages + 'postSymfonyAppPipeline': { + stage('Build and publish hydra-dispatcher image') { + // Retrieve current tag + String currentTag = sh(script: 'git tag --points-at HEAD | head -n 1', returnStdout: true).trim() + // Retrieve default tag + String defaultTag = sh(returnStdout: true, script: 'git describe --always').trim() + container.buildAndPublishImage([ + 'imageName': 'reg.cadoles.com/cadoles/hydra-dispatcher', + // Use current tag or default tag if not defined + 'imageTag': defaultTag, + 'dockerfile': './misc/docker/Dockerfile', + 'dryRun': false + ]) + } + } + ] +]) \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 8bbdc6c..da8edd4 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -1,7 +1,6 @@ version: "3.8" services: - hydra-sql: - container_name: hydra-sql + hydra-sql: build: context: . dockerfile: Dockerfile.standalone diff --git a/misc/images/hydra-sql-kube/Dockerfile b/misc/images/hydra-sql-kube/Dockerfile index 452c27a..634819d 100644 --- a/misc/images/hydra-sql-kube/Dockerfile +++ b/misc/images/hydra-sql-kube/Dockerfile @@ -1,3 +1,3 @@ -ARG ADDITIONAL_PACKAGES="bash mysql-client php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql" +ARG ADDITIONAL_PACKAGES="bash php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql" -FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone \ No newline at end of file +FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-base \ No newline at end of file diff --git a/misc/images/hydra-sql-standalone/Dockerfile b/misc/images/hydra-sql-standalone/Dockerfile index 452c27a..b7efabd 100644 --- a/misc/images/hydra-sql-standalone/Dockerfile +++ b/misc/images/hydra-sql-standalone/Dockerfile @@ -1,3 +1,3 @@ -ARG ADDITIONAL_PACKAGES="bash mysql-client php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql" +ARG ADDITIONAL_PACKAGES="bash php81-cli php81-pdo_pgsql php81-pdo_mysql php81-mysqli php81-pgsql" FROM reg.cadoles.com/cadoles/symfony:alpine-php-8.1-standalone \ No newline at end of file diff --git a/readme.md b/readme.md index f2837bc..878a9de 100644 --- a/readme.md +++ b/readme.md @@ -27,7 +27,6 @@ make down ``` DB_USER="lasql" DB_PASSWORD="lasql" - ISSUER_URL="http://localhost:8000" BASE_URL='http://localhost:8080' # connexion hydra @@ -90,7 +89,7 @@ il faut aussi indique la sql_login.yaml à salt la valeur salt (qui correspond a |test3@test.com| 504ae1c3e2f5fdaf41f868164dabcef21e17059f5f388b452718a1ce92692c67| cesaltestunautreexemple| Dupont| Henri| |test4@test.com| $2a$12$91AHN7WFXieeadvUfZ88mO.9N7oS5adeXbdERnRno9oLAbqqDW4IG| NULL| Durand|Isabelle| -A noter que le hash de test4 est hashé avec l'algo bcrypt +A noter que le hash de test4 est hashé avec l'algo bcrypt, il faut ajouter bcrypt dans la liste HASH_ALGO_LEGACY pour que l'identification soit possible ``` ### mariadb (sans salt) @@ -127,4 +126,8 @@ sql_login: |`hydra-sql`|Login/Consent/Logout App (ce projet)|`8082`| |`postgres`| Base de donnée postgres support du test et pour hydra|`5432` |`mariadb`| Base de donnée mariadb support du test|`3306` -|`pgadmin`| pour administrer la base de donnée |`8085` \ No newline at end of file +|`pgadmin`| pour administrer la base de donnée |`8085` + +### Images + +dépot Harbor: \ No newline at end of file -- 2.17.1 From 87fe4ad16afd1dae531f555b98b4e69dfe064a1b Mon Sep 17 00:00:00 2001 From: rudy Date: Fri, 16 Jun 2023 14:00:19 +0200 Subject: [PATCH 4/5] =?UTF-8?q?issue-14:=20param=C3=A9trage=20Jenkinsfile?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- Jenkinsfile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Jenkinsfile b/Jenkinsfile index 89c674a..ad22fb1 100644 --- a/Jenkinsfile +++ b/Jenkinsfile @@ -14,10 +14,10 @@ symfonyAppPipeline('ubuntu:22.04', [ // Retrieve default tag String defaultTag = sh(returnStdout: true, script: 'git describe --always').trim() container.buildAndPublishImage([ - 'imageName': 'reg.cadoles.com/cadoles/hydra-dispatcher', + 'imageName': 'reg.cadoles.com/cadoles/hydra-sql', // Use current tag or default tag if not defined 'imageTag': defaultTag, - 'dockerfile': './misc/docker/Dockerfile', + 'dockerfile': './misc/images/hydra-sql-standalone/Dockerfile', 'dryRun': false ]) } -- 2.17.1 From 9abc04fd250c599d2ef6c636e7655dec1c011aab Mon Sep 17 00:00:00 2001 From: Matthieu Lamalle Date: Thu, 2 Nov 2023 08:37:15 +0100 Subject: [PATCH 5/5] add health path --- misc/images/{hydra-sql-kube => hydra-sql-base}/Dockerfile | 0 src/Controller/MainController.php | 7 +++++++ 2 files changed, 7 insertions(+) rename misc/images/{hydra-sql-kube => hydra-sql-base}/Dockerfile (100%) diff --git a/misc/images/hydra-sql-kube/Dockerfile b/misc/images/hydra-sql-base/Dockerfile similarity index 100% rename from misc/images/hydra-sql-kube/Dockerfile rename to misc/images/hydra-sql-base/Dockerfile diff --git a/src/Controller/MainController.php b/src/Controller/MainController.php index 9dc1ff3..fd89544 100644 --- a/src/Controller/MainController.php +++ b/src/Controller/MainController.php @@ -8,6 +8,7 @@ use App\Hydra\HydraService; use Symfony\Bundle\FrameworkBundle\Controller\AbstractController; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\HttpFoundation\Request; +use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\Session\SessionInterface; use Symfony\Component\Routing\Annotation\Route; @@ -30,6 +31,12 @@ class MainController extends AbstractController return $this->hydra->handleLoginRequest($request); } + #[Route('/health', name: 'health')] + public function health() + { + return new Response('healthy', 200); + } + #[Route('/connect/login-accept', name: 'app_login_accept')] public function loginAccept(Request $request) { -- 2.17.1