Remove curl (#518)

* Remove curl + improve Dockerfile readability * Use wget instead of curl * Use renamed command, execute-wp-cron * Use wget * Add empty line * Trim code * Prod nginx tidy - user already nginx * Remove variable * Update wording * Change dir
ministryofjustice · Apr 11, 2024 · 57e9d95 · 57e9d95
1 parent 057bb02
commit 57e9d95
Show file tree

Hide file tree

Showing 6 changed files with 163 additions and 97 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -1,80 +1,123 @@
+#░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+#░░
+#░░     ▒█▀▄▀█ █▀▀█ ░░░▒█ 　 ▀█▀ █▀▀▄ ▀▀█▀▀ █▀▀█ █▀▀█ █▀▀▄ █▀▀ ▀▀█▀▀
+#░░     ▒█▒█▒█ █░░█ ░▄░▒█ 　 ▒█░ █░░█ ░░█░░ █▄▄▀ █▄▄█ █░░█ █▀▀ ░░█░░
+#░░     ▒█░░▒█ ▀▀▀▀ ▒█▄▄█ 　 ▄█▄ ▀░░▀ ░░▀░░ ▀░▀▀ ▀░░▀ ▀░░▀ ▀▀▀ ░░▀░░
+#░░
+#░░     ▀█▀ █▀▄▀█ █▀▀█ █▀▀▀ █▀▀ 　 ▒█▀▀█ █▀▀█ █▀▀▄ █▀▀ ░▀░ █▀▀▀
+#░░     ▒█░ █░▀░█ █▄▄█ █░▀█ █▀▀ 　 ▒█░░░ █░░█ █░░█ █▀▀ ▀█▀ █░▀█
+#░░     ▄█▄ ▀░░░▀ ▀░░▀ ▀▀▀▀ ▀▀▀ 　 ▒█▄▄█ ▀▀▀▀ ▀░░▀ ▀░░ ▀▀▀ ▀▀▀▀
+#░░
+#░░    (¯`v´¯)
+#░░     `.¸.[Code]
+#░░
+#░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+
+
+#    ▄▄  ▄▄     █▀▀  █▀█  █▀▄▀█     ▄▄  ▄▄    #
+#    ░░  ░░     █▀░  █▀▀  █░▀░█     ░░  ░░    #
+
 FROM ministryofjustice/wordpress-base-fpm:latest AS base-fpm
 
+# Make the Nginx user available in this container
 RUN addgroup -g 101 -S nginx; adduser -u 101 -S -D -G nginx nginx
 
 RUN mkdir /sock && \
-    chown nginx:nginx /sock && \
-    rm /usr/local/etc/php-fpm.d/zz-docker.conf && \
-    rm /usr/local/etc/php-fpm.d/www.conf.default && \
-    rm /usr/local/etc/php-fpm.d/www.conf
-
-# Create FPM pool
-RUN { \
-        echo '[www]'; \
-        echo 'user = nginx'; \
-        echo 'group = nginx'; \
-        echo 'listen = /sock/fpm.sock'; \
-        echo 'listen.owner = nginx'; \
-        echo 'listen.group = nginx'; \
-        echo 'listen.mode = 0660'; \
-        echo 'pm = dynamic'; \
-        echo 'pm.start_servers = 10'; \
-        echo 'pm.min_spare_servers = 5'; \
-        echo 'pm.max_spare_servers = 10'; \
-        echo 'pm.max_requests = 500'; \
-        echo 'pm.max_children = 50'; \
-        echo ''; \
-        echo '[global]'; \
-        echo 'daemonize = no'; \
-        echo 'emergency_restart_threshold = 10'; \
-        echo 'emergency_restart_interval = 1m'; \
-        echo 'process_control_timeout = 10s'; \
-    } > /usr/local/etc/php-fpm.d/pool.conf
-
-
-###
+    chown nginx:nginx /sock
+
+## Change directory
+WORKDIR /usr/local/etc/php-fpm.d
+
+## Clean PHP pools; leave docker.conf in situe
+RUN rm zz-docker.conf && \
+    rm www.conf.default && \
+    rm www.conf
+
+## Set our pool configuration
+COPY deploy/config/php-pool.conf pool.conf
 
 
+#    ▄▄  ▄▄     █▄░█  █▀▀  █  █▄░█  ▀▄▀     ▄▄  ▄▄    #
+#    ░░  ░░     █░▀█  █▄█  █  █░▀█  █░█     ░░  ░░    #
+
 FROM nginxinc/nginx-unprivileged:1.25-alpine AS base-nginx
 
 USER root
 
 COPY deploy/config/init/nginx-* /docker-entrypoint.d/
 
-RUN chmod +x /docker-entrypoint.d/*
-RUN echo "# This file is configured at runtime." > /etc/nginx/real_ip.conf
+RUN chmod +x /docker-entrypoint.d/*; \
+    echo "# This file is configured at runtime." > /etc/nginx/real_ip.conf
 
 USER 101
 
 
-## target: dev
-FROM base-fpm AS dev
+
+
+#
+#   ▒█▀▀▄ █▀▀ ▀█░█▀ █▀▀ █░░ █▀▀█ █▀▀█ █▀▄▀█ █▀▀ █▀▀▄ ▀▀█▀▀
+#   ▒█░▒█ █▀▀ ░█▄█░ █▀▀ █░░ █░░█ █░░█ █░▀░█ █▀▀ █░░█ ░░█░░
+#   ▒█▄▄▀ ▀▀▀ ░░▀░░ ▀▀▀ ▀▀▀ ▀▀▀▀ █▀▀▀ ▀░░░▀ ▀▀▀ ▀░░▀ ░░▀░░
+#
+#   ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+
+#   █▀▀  █▀█  █▀▄▀█
+#   █▀░  █▀▀  █░▀░█
+
+FROM base-fpm AS fpm-dev
 
 COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
 
+VOLUME ["/sock"]
 # nginx
 USER 101
 
-VOLUME ["/sock"]
 
+#  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+
+#  █▄░█  █▀▀  █  █▄░█  ▀▄▀
+#  █░▀█  █▄█  █  █░▀█  █░█
+
+FROM base-nginx AS nginx-dev
+
+RUN echo "# This is a placeholder because the file is included in php-fpm.conf." > /etc/nginx/server_name.conf
+
+
+#  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+
+#  ▀█▀  █▀▀  █▀  ▀█▀
+#  ░█░  ██▄  ▄█  ░█░
+
+FROM build-fpm AS test
+RUN make test
+
+
+
+
+#
+#   ▒█▀▀█ █▀▀█ █▀▀█ █▀▀▄ █░░█ █▀▀ ▀▀█▀▀ ░▀░ █▀▀█ █▀▀▄
+#   ▒█▄▄█ █▄▄▀ █░░█ █░░█ █░░█ █░░ ░░█░░ ▀█▀ █░░█ █░░█
+#   ▒█░░░ ▀░▀▀ ▀▀▀▀ ▀▀▀░ ░▀▀▀ ▀▀▀ ░░▀░░ ▀▀▀ ▀▀▀▀ ▀░░▀
+#
+#   ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+
+#   █▀▀  █▀█  █▀▄▀█  █▀█  █▀█  █▀  █▀▀  █▀█
+#   █▄▄  █▄█  █░▀░█  █▀▀  █▄█  ▄█  ██▄  █▀▄
 
-###
 
-## target: production
 FROM base-fpm AS build-fpm-composer
 
 ARG COMPOSER_USER
 ARG COMPOSER_PASS
 
-WORKDIR /var/www/html
-
 COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
 
-COPY ./bin/composer-auth.sh /var/www/html/composer-auth.sh
-RUN chmod +x /var/www/html/composer-auth.sh && \
-    /var/www/html/composer-auth.sh
+WORKDIR /var/www/html
+
+COPY ./bin/composer-auth.sh composer-auth.sh
+RUN chmod +x composer-auth.sh && \
+    ./composer-auth.sh
 
-# non-root
 USER 101
 
 COPY composer.json composer.lock /var/www/html/
@@ -87,7 +130,11 @@ RUN mkdir -p ./vendor-assets && \
     find public/ -regex "public\/${regex_path}.*\.${regex_files}" -exec cp --parent "{}" vendor-assets/  \;
 
 
-###
+#  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+
+#  ▄▀█  █▀  █▀  █▀▀  ▀█▀  █▀
+#  █▀█  ▄█  ▄█  ██▄  ░█░  ▄█
+
 
 FROM node:20 AS assets-build
 
@@ -99,90 +146,90 @@ RUN npm run production
 RUN rm -rf node_modules
 
 
-###
+#  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+
+#  █▀▀  █▀█  █▀▄▀█
+#  █▀░  █▀▀  █░▀░█
+
 
 FROM base-fpm AS build-fpm
 
 WORKDIR /var/www/html
 COPY --chown=nginx:nginx ./config ./config
 COPY --chown=nginx:nginx ./public ./public
-COPY --from=build-fpm-composer --chown=nginx:nginx /var/www/html/public/app/mu-plugins /var/www/html/public/app/mu-plugins
-COPY --from=build-fpm-composer --chown=nginx:nginx /var/www/html/public/app/plugins /var/www/html/public/app/plugins
-COPY --from=build-fpm-composer --chown=nginx:nginx /var/www/html/public/app/languages /var/www/html/public/app/languages
-COPY --from=build-fpm-composer --chown=nginx:nginx /var/www/html/public/wp /var/www/html/public/wp
-COPY --from=build-fpm-composer --chown=nginx:nginx /var/www/html/vendor /var/www/html/vendor
+
+# Replace paths with dependanies from build-fpm-composer
+ARG path="/var/www/html"
+COPY --from=build-fpm-composer ${path}/public/app/mu-plugins public/app/mu-plugins
+COPY --from=build-fpm-composer ${path}/public/app/plugins public/app/plugins
+COPY --from=build-fpm-composer ${path}/public/app/languages public/app/languages
+COPY --from=build-fpm-composer ${path}/public/wp public/wp
+COPY --from=build-fpm-composer ${path}/vendor vendor
 
 # non-root
 USER 101
 
-###
 
-FROM build-fpm AS test
-RUN make test
+#  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
 
+#  █▄░█  █▀▀  █  █▄░█  ▀▄▀
+#  █░▀█  █▄█  █  █░▀█  █░█
 
-###
-
-
-FROM base-nginx AS nginx-dev
-
-RUN echo "# This is a placeholder, because the file is included in `php-fpm.conf`." > /etc/nginx/server_name.conf
-
-
-
-###
 
 FROM base-nginx AS build-nginx
 
 # Grab server configurations
 COPY deploy/config/php-fpm.conf /etc/nginx/php-fpm.conf
 COPY deploy/config/server.conf /etc/nginx/conf.d/default.conf
 
+WORKDIR /var/www/html
+
 # Get bootstraper for WordPress
-COPY public/index.php /var/www/html/public/index.php
-COPY public/app/themes/clarity/style.css /var/www/html/public/app/themes/clarity/
+COPY public/index.php public/index.php
+COPY public/app/themes/clarity/style.css public/app/themes/clarity/
+
+# Only take what Nginx needs (cached configuration)
+COPY --from=build-fpm-composer /var/www/html/public/wp/wp-admin/index.php public/wp/wp-admin/index.php
+COPY --from=build-fpm-composer /var/www/html/vendor-assets ./
 
 # Grab assets for Nginx
-COPY --from=assets-build /node/dist /var/www/html/public/app/themes/clarity/dist/
+COPY --from=assets-build /node/dist public/app/themes/clarity/dist/
 
-# Only take what Nginx needs (current configuration)
-COPY --from=build-fpm-composer --chown=nginx:nginx /var/www/html/public/wp/wp-admin/index.php /var/www/html/public/wp/wp-admin/index.php
-COPY --from=build-fpm-composer --chown=nginx:nginx /var/www/html/vendor-assets /var/www/html/
 
+#  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
 
-###
+#  █▀▀  █▀█  █▀█  █▄░█
+#  █▄▄  █▀▄  █▄█  █░▀█
 
 
 FROM alpine:3.19.1 as build-cron
 
-
-#  ░█████╗░██████╗░░█████╗░░█████╗░███╗░░██╗███████╗██████╗░
-#  ██╔══██╗██╔══██╗██╔══██╗██╔══██╗████╗░██║██╔════╝██╔══██╗
-#  ██║░░╚═╝██████╔╝██║░░██║██║░░██║██╔██╗██║█████╗░░██████╔╝
-#  ██║░░██╗██╔══██╗██║░░██║██║░░██║██║╚████║██╔══╝░░██╔══██╗
-#  ╚█████╔╝██║░░██║╚█████╔╝╚█████╔╝██║░╚███║███████╗██║░░██║
-#  ░╚════╝░╚═╝░░╚═╝░╚════╝░░╚════╝░╚═╝░░╚══╝╚══════╝╚═╝░░╚═╝
-#
-#  🅣🅗🅔 🅢🅜🅞🅞🅣🅗 🅝🅞🅝-🅡🅞🅞🅣 🅒🅡🅞🅝 🅤🅢🅔🅡
+#  ▒█▀▀█ █▀▀█ █▀▀█ █▀▀█ █▀▀▄ █▀▀ █▀▀█ 　 █
+#  ▒█░░░ █▄▄▀ █░░█ █░░█ █░░█ █▀▀ █▄▄▀ 　 ▀
+#  ▒█▄▄█ ▀░▀▀ ▀▀▀▀ ▀▀▀▀ ▀░░▀ ▀▀▀ ▀░▀▀ 　 ▄
+#  𝕋𝕙𝕖 𝕊𝕞𝕠𝕠𝕥𝕙 ℕ𝕠𝕟-ℝ𝕠𝕠𝕥 𝕌𝕤𝕖𝕣
 
 ARG user=crooner
 RUN addgroup --gid 3001 ${user} && adduser -D -G ${user} -g "${user} user" -u 3001 ${user}
 
-RUN apk add dpkg curl tzdata
-
-RUN ln -s /usr/share/zoneinfo/Europe/London /etc/localtime
+RUN apk add dpkg tzdata && \
+    ln -s /usr/share/zoneinfo/Europe/London /etc/localtime
 
 ## cron-schedule directory
 RUN mkdir -p /schedule && chown ${user}:${user} /schedule
 
 COPY deploy/config/cron/wp-cron /schedule/wp-cron
-COPY deploy/config/cron/wp-cron-exec.sh /usr/bin/wp-cron-exec
-COPY deploy/config/init/cron-install.sh /usr/bin/cron-install
-COPY deploy/config/init/cron-start.sh /usr/bin/cron-start
 
-RUN chmod +x /usr/bin/wp-cron-exec && \
-    chmod +x /usr/bin/cron-install && \
-    chmod +x /usr/bin/cron-start
+# Change directory for the rest
+WORKDIR /usr/bin
+
+COPY deploy/config/cron/wp-cron-exec.sh ./execute-wp-cron
+COPY deploy/config/init/cron-install.sh ./cron-install
+COPY deploy/config/init/cron-start.sh ./cron-start
+
+RUN chmod +x execute-wp-cron && \
+    chmod +x cron-install && \
+    chmod +x cron-start
 
 RUN cron-install
 
@@ -191,5 +238,3 @@ RUN apk del dpkg
 USER 3001
 
 ENTRYPOINT ["/bin/sh", "-c", "cron-start"]
-
-
diff --git a/deploy/config/cron/wp-cron b/deploy/config/cron/wp-cron
@@ -3,4 +3,4 @@
 ## Every minute
 ##-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#-#
 
-* * * * * sleep `shuf -i0-15 -n1` && wp-cron-exec $HOSTNAME $NGINX_HOST > /dev/null
+* * * * * sleep `shuf -i0-15 -n1` && execute-wp-cron $HOSTNAME $NGINX_HOST > /dev/null
diff --git a/deploy/config/cron/wp-cron-exec.sh b/deploy/config/cron/wp-cron-exec.sh
@@ -4,8 +4,8 @@
 ENV_HOST=$1    # raw hostname of the container
 NGINX_HOST=$2  # hostname of the nginx service
 
-curl_it() {
-  curl http://"$NGINX_HOST":8080/wp/wp-cron.php --silent
+wget_it() {
+  wget --spider --quiet http://"$NGINX_HOST":8080/wp/wp-cron.php
 }
 
 contains() {
@@ -21,10 +21,10 @@ contains() {
 HOST_TEST=$(contains "$ENV_HOST" "-prod")
 
 if [ "$HOST_TEST" = 0 ]; then
-  curl_it
+  wget_it
 else
   NOW=$(date +"%H")
   if [ "$NOW" -gt "6" ] && [ "$NOW" -lt "22" ]; then
-    curl_it
+    wget_it
   fi
 fi
diff --git a/deploy/config/init/cron-install.sh b/deploy/config/init/cron-install.sh
@@ -25,7 +25,7 @@ if [ "$arch" = 'unimplemented' ]; then
     exit 1;
 fi;
 
-curl -fsSLO "https://github.com/aptible/supercronic/releases/download/${SUPERCRONIC_VERSION}/${supercronic}" &&
+wget --quiet "https://github.com/aptible/supercronic/releases/download/${SUPERCRONIC_VERSION}/${supercronic}" &&
 echo "${supercronic_sha}  ${supercronic}" | sha1sum -c - &&
 chmod +x "${supercronic}" &&
 mv "${supercronic}" "/usr/local/bin/${supercronic}" &&

diff --git a/deploy/config/php-pool.conf b/deploy/config/php-pool.conf
@@ -0,0 +1,21 @@
+[www]
+user = nginx
+group = nginx
+
+listen = /sock/fpm.sock
+listen.owner = nginx
+listen.group = nginx
+listen.mode = 0660
+
+pm = dynamic
+pm.start_servers = 10
+pm.min_spare_servers = 5
+pm.max_spare_servers = 10
+pm.max_requests = 500
+pm.max_children = 50
+
+[global]
+daemonize = no
+emergency_restart_threshold = 10
+emergency_restart_interval = 1m
+process_control_timeout = 10s
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -15,7 +15,7 @@ services:
     container_name: intranet-php-fpm
     build:
       context: .
-      target: dev
+      target: fpm-dev
     volumes:
       - .:/var/www/html
       - php-socket:/sock