Use S6 Overlay v3.1.3.0

shinsenter · Jan 18, 2023 · de17044 · de17044
1 parent bff7a94
commit de17044
Show file tree

Hide file tree

Showing 15 changed files with 124 additions and 74 deletions.
diff --git a/.bin/prebuild b/.bin/prebuild
@@ -18,6 +18,7 @@ LATEST_PHP="$(echo "$PHP_VERSIONS" | head -n1)"
 
 BUILD_DATE="$(date +%Y-%m-%dT%T%z)"
 BUILD_REVISION="$(git rev-parse HEAD)"
+BUILD_SCRIPT="$BASE_DIR/.github/workflows/build-v2.yml"
 
 ################################################################################
 # Helper methods
@@ -94,6 +95,7 @@ prebuild () {
     fi
 
     $BASE_DIR/.bin/fix-attr $context
+    basehash $BUILD_SCRIPT | tee -a $context/.checksum
     checksum="$(basehash $context/.checksum)"
     echo "  ${desc:-No description}"
     echo "  #️⃣ Checksum: $checksum"

diff --git a/.bin/tidy-docker b/.bin/tidy-docker
@@ -4,83 +4,111 @@
 # License: https://code.shin.company/php/blob/main/LICENSE
 ################################################################################
 
-[ ! -x "$(command -v docker)" ] && echo "Missing Docker." && exit 1
+# Check if Docker is installed
+[ ! -x "$(command -v docker)" ] \
+    && echo "Docker is not installed. Please install it and try again." \
+    && exit 1
 
 ################################################################################
 
+# Variable to store the parsed instructions for an image
 PARSE_CACHE=
 
-# extracts docker repository name and tag
+# Extracts the repository name and tag of a Docker image
 d_name_id () {
+    # Use the docker images command to get a list of images, in a specific format
+    # Then grep for the image specified by the first argument
+    # Finally, take the first result
     docker images --format "{{.Repository}}:{{.Tag}}\t{{.ID}}" \
-    | grep -F $1 \
-    | head -n1
+        | grep -F $1 | head -n1
 }
 
-# parses instruction from image
+# Parses instructions for an image from the local system
 d_local_history () {
+    # Use the docker history command to get the instructions for an image
+    # Then reverse the order of the instructions
+    # Finally, print all instructions
     docker history --no-trunc --format "{{.CreatedBy}}" $1 \
         | awk '{arr[i++]=$0}END{while(i>0)print arr[--i]}'
 }
 
-# parses instruction from docker hub
+# Parses instructions for an image from a remote repository
 d_net_history () {
-    repo="$1"
-    tag="$2"
+    local repo="$1"
+    local tag="$2"
+    # Use curl to get the instructions for an image from the remote repository
+    # Then use jq to extract the instructions from the JSON data
     curl -skL 'https://hub.docker.com/v2/repositories/$repo/tags/$tag/images' \
-        | jq '.[1].layers' \
-        | jq '.[].instruction' -r
+        | jq '.[1].layers' | jq '.[].instruction' -r
 }
 
-# parses instruction and replace all '/bin/sh -c #(nop)'
-d_parse () {
+# Parses instructions for an image, and replaces all occurrences of '/bin/sh -c #(nop)'
+d_parse() {
+    local history
     if [ -z "$PARSE_CACHE" ]; then
-        PARSE_CACHE="$(d_local_history $1 \
-            | sed 's/^\/[^ ]* *-c */RUN /' \
+        # Get the instructions for the image specified by the first argument
+        history=$(d_local_history "$1")
+
+        # Replace all occurrences of '/bin/sh -c' with 'RUN'
+        # Replace all occurrences of '|[number]' with 'RUN'
+        # Remove all occurrences of 'RUN #(nop)'
+        # Modify the format of 'EXPOSE' instructions
+        # Fix formatting of SHELL instructions
+        # Move WORKDIR, ENTRYPOINT, CMD, and STOPSIGNAL instructions to the end
+        PARSE_CACHE=$(echo "$history" | sed 's/^\/[^ ]* *-c */RUN /' \
             | sed 's/^|[0-9]* */RUN /' \
             | sed 's/^RUN \#[^ ]* *//' \
             | sed 's#EXPOSE map\[\(.*\):.*\]#EXPOSE \1#g' \
             | awk '
-            {
-                if($1=="SHELL"){
-                    gsub("\\\[","[\"",$0); gsub("\\\]","\"]",$0)
-                    i=1; printf("%s ",$i)
-                    while(i++<NF){
-                        if(i>2){printf("\", \"%s",$i)}else{printf("%s",$i)}
-                    }
-                    printf "\n"
-                } else print $0
-            }' 2>/dev/null \
+                {
+                    if($1=="SHELL"){
+                        gsub("\\\[","[\"",$0); gsub("\\\]","\"]",$0)
+                        i=1; printf("%s ",$i)
+                        while(i++<NF){
+                            if(i>2){printf("\", \"%s",$i)}else{printf("%s",$i)}
+                        }
+                        printf "\n"
+                    } else print $0
+                }' 2>/dev/null \
             | awk '
-            {
-                if(($1=="WORKDIR")||($1=="ENTRYPOINT")||($1=="CMD")||($1=="STOPSIGNAL"))
-                    {cmd[$1]=$0;if($1=="ENTRYPOINT")delete cmd["CMD"]}
-                else print $0
-            } END {
-                if(cmd["WORKDIR"])    print cmd["WORKDIR"]
-                if(cmd["ENTRYPOINT"]) print cmd["ENTRYPOINT"]
-                if(cmd["CMD"])        print cmd["CMD"]
-                if(cmd["STOPSIGNAL"]) print cmd["STOPSIGNAL"]
-            }'
-        )"
+                {
+                    if(($1=="WORKDIR")||($1=="ENTRYPOINT")||($1=="CMD")||($1=="STOPSIGNAL"))
+                        {cmd[$1]=$0;if($1=="ENTRYPOINT")delete cmd["CMD"]}
+                    else print $0
+                } END {
+                    if(cmd["WORKDIR"])    print cmd["WORKDIR"]
+                    if(cmd["ENTRYPOINT"]) print cmd["ENTRYPOINT"]
+                    if(cmd["CMD"])        print cmd["CMD"]
+                    if(cmd["STOPSIGNAL"]) print cmd["STOPSIGNAL"]
+                }'
+        )
     fi
     echo "$PARSE_CACHE"
 }
 
-# extracts given unique key-value instruction list
+# Filter out the lines starting with the given instruction
+# (default is "ENV") and split the line by "=" character
 d_attr () {
-    d_parse $1 \
+    # Filter the input and only keep the instruction
+    # that matches the given instruction type
+    d_parse "$1" \
         | grep "^${2:-ENV}" \
         | awk -F= '
-            {p=index($0,"=");v=substr($0,p+1);a[$1]=v}
-            END{for(k in a)printf("%s=\"%s\"\n",k,a[k])}
-        ' \
+            # Extracting the key-value pairs from the
+            # instruction and storing it in an associative array
+            {a[$1]=substr($0,index($0,"=")+1)}
+            # Iterating through the associative array
+            # and printing the key-value pairs
+            # in the format key="value"
+            END{for(k in a)printf("%s=\"%s\"\n",k,a[k])}' \
         | sort
 }
 
-# extracts other instructions
-ins_cmd () {
-    d_parse $1 | grep -v '^\(ADD\|ARG\|COPY\|ENV\|HEALTHCHECK\|LABEL\|ONBUILD\|RUN\)'
+# Extract the parsed instruction for the given image
+ins_cmd() {
+    # Filter out the instructions we're not interested in
+    d_parse "$1" \
+        | grep -v '^\(ADD\|ARG\|COPY\|ENV\|HEALTHCHECK\|LABEL\|ONBUILD\|RUN\)'
 }
 
 # aliases
@@ -93,10 +121,10 @@ ins_labels () { d_attr  $1 LABEL; }
 ins_shell  () { ins_cmd $1 | grep    '^SHELL'; }
 ins_others () { ins_cmd $1 | grep -v '^SHELL'; }
 
-# builds minified image
-# @param $output Output new Dockerfile (optional, must be a valid file path)
+# Build minified image
+# @param $output Create a new Dockerfile (must be an existing file path)
 # @param $base   The original image (ID or name:tag)
-# @param $save   Target image name
+# @param $save   The target image name (optional)
 minify() {
     PARSE_CACHE=
     local output="$1" ; [ ! -z "$output" ] && [ -f "$output" ] && shift || output=""
@@ -106,16 +134,17 @@ minify() {
     local temp="$([ ! -z "$output" ]    && echo "$base" || echo "tidy-docker:build-$(ins_id $base)")"
     local command="$([ ! -z "$output" ] && echo "tee $output" || echo "docker build $@ --rm -t $save -")"
 
-    # make temporary tag name for building image
+    # Make a temporary tag name for building image
     [ -z "$output" ] && docker tag $base $temp 2>/dev/null
 
-    # build the tidy
+    # Build or export a Dockerfile
     echo "🗜 Start minifying image '$repo'"
     echo "  Build arguments: $@"
     DOCKER_BUILDKIT=${DOCKER_BUILDKIT:-1} $command <<Dockerfile
 # Input Image: "${base}"
 #        (aka: "${repo}")
 # Final Image: "${save}"
+# Dockerfile : "${output}"
 ################################################################################
 # CLEANING UP THE SOURCE IMAGE. ################################################
 FROM shinsenter/scratch as scratch
@@ -159,7 +188,7 @@ $(ins_labels $base)
 ################################################################################
 Dockerfile
 
-    # cleanup
+    # Cleanup the temporary image
     if [ $? -eq 0 ] && [ -z "$output" ]; then docker rmi "$temp" >/dev/null; fi
 }
 

diff --git a/.github/workflows/build-v2.yml b/.github/workflows/build-v2.yml
@@ -202,15 +202,12 @@ jobs:
         base:
           - ubuntu
         version:
-          - 22.04
           - 20.04
+          - 22.04
         s6_version:
-          - v3.1.0.1
-          - v3.1.1.0
-          - v3.1.1.1
-          - v3.1.1.2
           - v3.1.2.0
           - v3.1.2.1
+          - v3.1.3.0
     env:
       DOCKER_BUILDKIT: "1"
     steps:
@@ -504,8 +501,9 @@ jobs:
           name="${{ env.BUILD_NAME }}:${{ env.BUILD_VERSION }}"
           docker pull $name && touch $tidy && ./.bin/tidy-docker $tidy $name "${name}-tidy"
           if [ -f $tidy ]; then
-            echo "BUILD_TIDY_FILE={$tidy}" >> $GITHUB_ENV
-            echo "BUILD_TIDY_NAME={$name}-tidy" >> $GITHUB_ENV
+            echo "Dockerfile is created at $tidy"
+            echo "BUILD_TIDY_FILE=${tidy}" >> $GITHUB_OUTPUT
+            echo "BUILD_TIDY_NAME=${name}-tidy" >> $GITHUB_OUTPUT
           fi
       -
         if: steps.cache.outputs.cache-hit != 'true' && steps.minify.outputs.BUILD_TIDY_FILE != ''
@@ -623,8 +621,9 @@ jobs:
           name="${{ env.BUILD_NAME }}:${{ env.BUILD_VERSION }}"
           docker pull $name && touch $tidy && ./.bin/tidy-docker $tidy $name "${name}-tidy"
           if [ -f $tidy ]; then
-            echo "BUILD_TIDY_FILE={$tidy}" >> $GITHUB_ENV
-            echo "BUILD_TIDY_NAME={$name}-tidy" >> $GITHUB_ENV
+            echo "Dockerfile is created at $tidy"
+            echo "BUILD_TIDY_FILE=${tidy}" >> $GITHUB_OUTPUT
+            echo "BUILD_TIDY_NAME=${name}-tidy" >> $GITHUB_OUTPUT
           fi
       -
         if: steps.cache.outputs.cache-hit != 'true' && steps.minify.outputs.BUILD_TIDY_FILE != ''

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,11 @@
 # Changelog
 
 
+## 2.5.0 - 2023-01-19
+
+Use [S6 Overlay v3.1.3.0](https://github.com/just-containers/s6-overlay/releases/tag/v3.1.3.0).
+
+
 ## 2.4.0 - 2022-12-12
 
 Added [PHP8.2 docker images](https://docker.shin.company/php/tags?page=1&name=8.2).

diff --git a/S6_VERSIONS b/S6_VERSIONS
@@ -1,6 +1,3 @@
-v3.1.0.1
-v3.1.1.0
-v3.1.1.1
-v3.1.1.2
 v3.1.2.0
-v3.1.2.1
+v3.1.2.1
+v3.1.3.0
diff --git a/src/php/fpm/Dockerfile b/src/php/fpm/Dockerfile
@@ -12,7 +12,8 @@ ARG PHP_VERSION=8.2
 FROM ${BASE_IMAGE}:${PHP_VERSION}-cli
 
 # adds PHP configs
-ENV PHP_POOL_NAME=www
+ARG PHP_POOL_NAME=www
+ARG PHPFPM_SOCK_PATH=/var/run/php/php-fpm.sock
 
 ################################################################################
 
@@ -70,7 +71,11 @@ ENV PHP_MAX_EXECUTION_TIME=99
 ENV PHP_MEMORY_LIMIT=256M
 ENV PHP_POST_MAX_SIZE=100M
 ENV PHP_UPLOAD_MAX_FILE_SIZE=10M
+
+# adds PHP-FPM settings
+ENV PHP_POOL_NAME="$PHP_POOL_NAME"
 ENV PHPFPM_CONF_DIR=/etc/php/fpm/conf.d
+ENV PHPFPM_SOCK_PATH="$PHPFPM_SOCK_PATH"
 
 # adds PHP PM settings
 ENV PHP_PM_CONTROL=ondemand

diff --git a/src/php/fpm/root/etc/services.d/100-php-fpm/run b/src/php/fpm/root/etc/services.d/100-php-fpm/run
@@ -2,4 +2,5 @@
 export PHP_DEFAULT_CHARSET="${PHP_DEFAULT_CHARSET:-UTF-8}"
 export PHP_DATE_TIMEZONE="${PHP_DATE_TIMEZONE:-$TZ}"
 export PHP_OPEN_BASEDIR="${PHP_OPEN_BASEDIR:-$WEBHOME}"
+export PHPFPM_SOCK_PATH="${PHPFPM_SOCK_PATH:-/var/run/php/php-fpm.sock}"
 exec php-fpm --nodaemonize
diff --git a/src/servers/fpm-apache/root/etc/apache2/sites-available/000-default.conf b/src/servers/fpm-apache/root/etc/apache2/sites-available/000-default.conf
@@ -19,13 +19,13 @@
     ProxyTimeout ${PHP_MAX_EXECUTION_TIME}
 
     # Healthchecks: Set /ping to be the healhcheck URL
-    ProxyPass "/ping" "unix:/var/run/php/php-fpm.sock|fcgi://localhost/"
-    ProxyPassReverse "/ping" "unix:/var/run/php/php-fpm.sock|fcgi://localhost/"
+    ProxyPass "/ping" "unix:${PHPFPM_SOCK_PATH}|fcgi://localhost/"
+    ProxyPassReverse "/ping" "unix:${PHPFPM_SOCK_PATH}|fcgi://localhost/"
 
     # For any files that match PHP, pass it to PHP-FPM for processing
     <FilesMatch "\.php$">
         ProxyFCGIBackendType GENERIC
-        SetHandler "proxy:unix:/var/run/php/php-fpm.sock|fcgi://localhost/"
+        SetHandler "proxy:unix:${PHPFPM_SOCK_PATH}|fcgi://localhost/"
     </FilesMatch>
 
     # Configure Log Settings
@@ -66,13 +66,13 @@
     ProxyTimeout ${PHP_MAX_EXECUTION_TIME}
 
     # Healthchecks: Set /ping to be the healhcheck URL
-    ProxyPass "/ping" "unix:/var/run/php/php-fpm.sock|fcgi://localhost/"
-    ProxyPassReverse "/ping" "unix:/var/run/php/php-fpm.sock|fcgi://localhost/"
+    ProxyPass "/ping" "unix:${PHPFPM_SOCK_PATH}|fcgi://localhost/"
+    ProxyPassReverse "/ping" "unix:${PHPFPM_SOCK_PATH}|fcgi://localhost/"
 
     # For any files that match PHP, pass it to PHP-FPM for processing
     <FilesMatch "\.php$">
         ProxyFCGIBackendType GENERIC
-        SetHandler "proxy:unix:/var/run/php/php-fpm.sock|fcgi://localhost/"
+        SetHandler "proxy:unix:${PHPFPM_SOCK_PATH}|fcgi://localhost/"
     </FilesMatch>
 
     # Configure Log Settings

diff --git a/src/servers/fpm-apache/root/etc/php/fpm/pool.d/y-override-phpfpm-defaults.conf b/src/servers/fpm-apache/root/etc/php/fpm/pool.d/y-override-phpfpm-defaults.conf
@@ -1,4 +1,4 @@
 [${PHP_POOL_NAME}]
-listen = /var/run/php/php-fpm.sock
+listen = ${PHPFPM_SOCK_PATH}
 listen.owner = webuser
 listen.group = webgroup
diff --git a/src/servers/fpm-apache/root/etc/services.d/200-apache2/run b/src/servers/fpm-apache/root/etc/services.d/200-apache2/run
@@ -1,2 +1,5 @@
 #!/command/with-contenv bash
+timeout 10 bash -c -- '\
+while [ ! -e "${PHPFPM_SOCK_PATH}" ]; do sleep 0.1; done;\
+echo "Found ${PHPFPM_SOCK_PATH}!"'
 exec apache2ctl -DFOREGROUND
diff --git a/src/servers/fpm-nginx/root/etc/cont-init.d/900-nginx b/src/servers/fpm-nginx/root/etc/cont-init.d/900-nginx
@@ -10,6 +10,10 @@ if [ ! -z "$PHP_MAX_EXECUTION_TIME" ]; then
     echo "proxy_read_timeout ${PHP_MAX_EXECUTION_TIME};"  >/etc/nginx/extra.d/proxy-timeout.conf
 fi
 
+if [ ! -z "$PHPFPM_SOCK_PATH" ]; then
+    sed -i "s# unix:.*;# unix:${PHPFPM_SOCK_PATH};#g" /etc/nginx/sites-available/default
+fi
+
 find /etc/nginx/sites-available -type f | \
     xargs -I {} sed -i "s#root \/var\/www\/html;#root ${WEBROOT};#g" {}
 

diff --git a/src/servers/fpm-nginx/root/etc/php/fpm/pool.d/y-override-phpfpm-defaults.conf b/src/servers/fpm-nginx/root/etc/php/fpm/pool.d/y-override-phpfpm-defaults.conf
@@ -1,4 +1,4 @@
 [${PHP_POOL_NAME}]
-listen = /var/run/php/php-fpm.sock
+listen = ${PHPFPM_SOCK_PATH}
 listen.owner = webuser
 listen.group = webgroup
diff --git a/src/servers/fpm-nginx/root/etc/services.d/200-nginx/run b/src/servers/fpm-nginx/root/etc/services.d/200-nginx/run
@@ -1,2 +1,5 @@
 #!/command/with-contenv bash
+timeout 10 bash -c -- '\
+while [ ! -e "${PHPFPM_SOCK_PATH}" ]; do sleep 0.1; done;\
+echo "Found ${PHPFPM_SOCK_PATH}!"'
 exec nginx -g 'daemon off;'
diff --git a/tests/common.yml b/tests/common.yml
@@ -19,13 +19,15 @@ services:
       - S6_CMD_WAIT_FOR_SERVICES_MAXTIME=0
       - TZ=Asia/Tokyo
       - WEBHOME=/opt/www
-      - PHP_DEFAULT_CHARSET=UTF-8
 
   common-php:
     extends: common
     build:
       args:
         - IMAGE_SUFFIX=
         - PHP_VERSION=${PHP_VERSION:-8.2}
+    environment:
+      - PHP_DEFAULT_CHARSET=UTF-8
+      - PHPFPM_SOCK_PATH=/var/run/php/run.sock
 
 ################################################################################