forked from Langres-App/opsign
-
Notifications
You must be signed in to change notification settings - Fork 1
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
changed compose, added the gha dockerfiles, update the gha scritp
- Loading branch information
Showing
11 changed files
with
484 additions
and
72 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,9 @@ | ||
MYSQL_ROOT_PASSWORD=root | ||
MYSQL_DATABASE=posigndb | ||
MYSQL_USER=user | ||
MYSQL_PASSWORD=pass | ||
HOSTNAME=slanlp0033.ad.ponet | ||
|
||
###> symfony/framework-bundle ### | ||
APP_ENV=dev | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -18,8 +18,8 @@ env: | |
# Use docker.io for Docker Hub if empty | ||
REGISTRY: ghcr.io | ||
# github.repository as <account>/<repo> | ||
API_IMAGE_NAME: ${{ github.repository }}-API | ||
FRONT_IMAGE_NAME: ${{ github.repository }}-FRONT | ||
API_IMAGE_NAME: ${{ github.repository }}api | ||
FRONT_IMAGE_NAME: ${{ github.repository }}front | ||
|
||
|
||
jobs: | ||
|
@@ -41,9 +41,7 @@ jobs: | |
# https://github.com/sigstore/cosign-installer | ||
- name: Install cosign | ||
if: github.event_name != 'pull_request' | ||
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1 | ||
with: | ||
cosign-release: 'v2.1.1' | ||
uses: sigstore/[email protected] | ||
|
||
# Set up BuildKit Docker container builder to be able to build | ||
# multi-platform images and export cache | ||
|
@@ -61,13 +59,24 @@ jobs: | |
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
# Extract Pull Request Number | ||
- name: Get Pull Request number | ||
id: pr_number | ||
run: echo "PR_NUMBER=$(echo ${GITHUB_REF#refs/pull/} | cut -d'/' -f1)" >> $GITHUB_ENV | ||
if: github.event_name == 'pull_request' | ||
|
||
# Extract metadata (tags, labels) for Docker | ||
# https://github.com/docker/metadata-action | ||
- name: Extract Docker metadata | ||
id: meta | ||
uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 | ||
with: | ||
images: ${{ env.REGISTRY }}/${{ env.API_IMAGE_NAME }} | ||
images: ${{ env.REGISTRY }}/${{ env.API_IMAGE_NAME }}api | ||
tags: | | ||
type=ref,event=branch | ||
type=ref,event=tag | ||
type=sha | ||
type=raw,value=${{ env.API_IMAGE_NAME }}:pr-${{ steps.pr_number.outputs.number }},enable=${{ github.event_name == 'pull_request' }} | ||
# Build and push Docker image with Buildx (don't push on PR) | ||
# https://github.com/docker/build-push-action | ||
|
@@ -92,7 +101,7 @@ jobs: | |
env: | ||
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable | ||
TAGS: ${{ steps.meta.outputs.tags }} | ||
DIGEST: ${{ steps.build-and-push.outputs.digest }} | ||
DIGEST: ${{ steps.build-and-push-API.outputs.digest }} | ||
# This step uses the identity token to provision an ephemeral certificate | ||
# against the sigstore community Fulcio instance. | ||
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} | ||
|
@@ -115,9 +124,8 @@ jobs: | |
# https://github.com/sigstore/cosign-installer | ||
- name: Install cosign | ||
if: github.event_name != 'pull_request' | ||
uses: sigstore/cosign-installer@6e04d228eb30da1757ee4e1dd75a0ec73a653e06 #v3.1.1 | ||
with: | ||
cosign-release: 'v2.1.1' | ||
uses: sigstore/[email protected] | ||
|
||
|
||
# Set up BuildKit Docker container builder to be able to build | ||
# multi-platform images and export cache | ||
|
@@ -134,18 +142,29 @@ jobs: | |
registry: ${{ env.REGISTRY }} | ||
username: ${{ github.actor }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
# Extract Pull Request Number | ||
- name: Get Pull Request number | ||
id: pr_number | ||
run: echo "PR_NUMBER=$(echo ${GITHUB_REF#refs/pull/} | cut -d'/' -f1)" >> $GITHUB_ENV | ||
if: github.event_name == 'pull_request' | ||
|
||
# Extract metadata (tags, labels) for Docker | ||
# https://github.com/docker/metadata-action | ||
- name: Extract Docker metadata | ||
id: meta | ||
uses: docker/metadata-action@96383f45573cb7f253c731d3b3ab81c87ef81934 # v5.0.0 | ||
with: | ||
images: ${{ env.REGISTRY }}/${{ env.FRONT_IMAGE_NAME }} | ||
images: ${{ env.REGISTRY }}/${{ env.FRONT_IMAGE_NAME }}prod | ||
tags: | | ||
type=ref,event=branch | ||
type=ref,event=tag | ||
type=sha | ||
type=raw,value=${{ env.FRONT_IMAGE_NAME }}:pr-${{ steps.pr_number.outputs.number }},enable=${{ github.event_name == 'pull_request' }} | ||
# Build and push Docker image with Buildx (don't push on PR) | ||
# https://github.com/docker/build-push-action | ||
- name: Build and push Docker image API | ||
- name: Build and push Docker image FRONT | ||
id: build-and-push-FRONT | ||
uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0 | ||
with: | ||
|
@@ -166,7 +185,7 @@ jobs: | |
env: | ||
# https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-an-intermediate-environment-variable | ||
TAGS: ${{ steps.meta.outputs.tags }} | ||
DIGEST: ${{ steps.build-and-push.outputs.digest }} | ||
DIGEST: ${{ steps.build-and-push-FRONT.outputs.digest }} | ||
# This step uses the identity token to provision an ephemeral certificate | ||
# against the sigstore community Fulcio instance. | ||
run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -4,4 +4,4 @@ | |
/database* | ||
/API/Docs/ | ||
.vscode | ||
config.user.inc.php | ||
docker-compose.override.yml |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,21 @@ | ||
# Fetching the minified node image on apline linux | ||
FROM node:21-bookworm | ||
|
||
# Setting up the work directory | ||
WORKDIR /var/www | ||
|
||
# Get Timezone data Package | ||
RUN apt-get install tzdata | ||
|
||
# Set the timezone (2 ways) | ||
ENV TZ=Europe/Paris | ||
RUN rm /etc/localtime | ||
RUN ln -s /usr/share/zoneinfo/Europe/Paris /etc/localtime | ||
|
||
COPY . . | ||
|
||
# Install the dependencies | ||
RUN npm install | ||
|
||
# Exposing server port | ||
EXPOSE 52200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
#!/bin/sh | ||
|
||
export NODE_ENV=development; | ||
|
||
npm install; | ||
|
||
npm start; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,17 @@ | ||
# Fetching the minified node image on apline linux | ||
FROM httpd:alpine | ||
|
||
# Setting up the work directory | ||
WORKDIR /usr/local/apache2/htdocs/ | ||
|
||
# Get Timezone data Package | ||
RUN apk add --no-cache tzdata | ||
|
||
# Set the timezone (2 ways) | ||
ENV TZ=Europe/Paris | ||
RUN ln -s /usr/share/zoneinfo/Europe/Paris /etc/localtime | ||
|
||
COPY . . | ||
|
||
# Exposing server port | ||
EXPOSE 80 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
<?php | ||
|
||
require '/etc/phpmyadmin/config.secret.inc.php'; | ||
|
||
$cfg['Servers'][$i]['auth_type'] = 'http'; |
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.