CDPT 1528 - install wp offload media pro (#545)

* Add AS3CF_PRO * Fix unused var * Server name not generated locally * New command: make composer-update * Include composer auth * Use correct var names
ministryofjustice · Apr 23, 2024 · 61690e7 · 61690e7
1 parent 9bd26d3
commit 61690e7
Show file tree

Hide file tree

Showing 16 changed files with 320 additions and 152 deletions.
diff --git a/.env.example b/.env.example
@@ -10,6 +10,10 @@ COMPOSER_PASS=some_password
 # used so composer can access repos
 COMPOSER_TOKEN=some_token
 
+AS3CF_PRO_LICENCE=license
+AS3CF_PRO_USER=username
+AS3CF_PRO_PASS=password
+
 # used for wp-cron
 NGINX_SERVICE_PORT=http://nginx:8080
 

diff --git a/.github/README.md b/.github/README.md
@@ -18,7 +18,7 @@ https://intranet.justice.gov.uk/
 
 ## Summary
 
-> Nb. `README.md` is located in `.github/`, the preferred location for a clean repository.
+> Nb. `README.md` is located in `.github/`
 
 
 ## Installation for development
@@ -28,7 +28,7 @@ The application uses Docker. This repository provides two separate local test en
 1. Docker Compose
 2. Kubernetes
 
-Where `docker compose` provides a pre-production environment to develop features and apply upgrades, Kubernetes allows
+Where `docker compose` provides a pre-production environment to apply upgrades and develop features, Kubernetes allows
 us to test and debug our deployments to the Cloud Platform.
 
 ### Setup
@@ -45,7 +45,11 @@ Change directories:
 cd intranet
 ```
 
-Next, depending on the environment you would like to launch, do one of the following.
+Next, depending on the environment you would like to launch, choose one of the following:
+
+- [Docker Compose](#1-docker-compose)
+- [Kubernetes](#2-kubernetes)
+
 
 ### 1. Docker Compose
 
@@ -58,7 +62,7 @@ This environment has been set up to develop and improve the application.
 
 The following make command will get you up and running.
 
-It creates the environment, starts all services and opens a command prompt on the container that houses our PHP code,
+It creates the environment and starts all services,
 the service is called `php-fpm`:
 
 ```bash
@@ -69,23 +73,17 @@ During the `make` process, the Dory proxy will attempt to install. You will be g
 
 ### Services
 
-You will have five services running with different access points. They are:
+You will have ten services running in total, all with different access points. They are:
 
 **Nginx**<br>
 http://intranet.docker/
 
-**PHP-FPM**<br>
+**PHP-FPM**
 
 ```bash
 make bash
 ```
 
-On first use, the application will need initializing with the following command.
-
-```bash
-composer install
-```
-
 **Node**<br>
 This service watches and compiles our assets, no need to access. The output of this service is available on STDOUT.
 
@@ -102,10 +100,53 @@ Internally accessed by PHP-FPM on port 3306
 
 **PHPMyAdmin**<br>
 http://intranet.docker:9191/ <br>
-Login details located in `docker-compose.yml`
+Login information can be found in [.env](https://github.com/ministryofjustice/intranet/blob/develop/.env.example#L16)
+
+
+**Opensearch**
+
+We use this 
+
+**Opensearch Dashboard**
+
+Dashboards that allow us to query indexed data.
+
+**Minio**
+
+Minio acts just like an AWS S3 bucket. 
+
+**CDN**
+
+This service acts like a distributed CloudFront service allowing us to imitate a CDN.  
+
+**CRON**
+
+In production we have a scalable cron container. It's only job right now is to make a head request to `wp-cron.php`
+There is no need to access this container. However, with every running container you can reach the OS.
+
+```bash
+docker compose exec -it wp-cron ash
+```
+
+---
 
 > There is no need to install application software on your computer.<br>
-> All required software is built within the services and all services are ephemeral.
+> All required software is built within the services - all services are ephemeral.
+
+**Composer**
+
+We match the process that occurs in production CI locally to ensure we test against the same criteria.
+As such, during development it will be necessary to rebuild directories when updating composer.
+
+**After making changes to `composer.json`**...
+
+```bash
+make composer-update
+```
+
+This will fire off a set of checks, ensuring composer updates and all static assets are distributed correctly.
+For more information, review [Dockerfile](https://github.com/ministryofjustice/intranet/blob/develop/Dockerfile#L125) 
+and [local assets files](https://github.com/ministryofjustice/intranet/blob/develop/bin/local-composer-assets.sh#L10).
 
 #### Volumes
 
@@ -130,7 +171,7 @@ Once the above requirements have been met, we are able to launch our application
 command:
 
 ```bash
-make local-kube
+make kube
 ```
 
 The following will take place:

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -32,15 +32,35 @@ jobs:
 
       - name: "Build & Push to ECR"
         run: |
-          docker image build -t $REGISTRY/$REPOSITORY:fpm-$IMAGE_TAG --target build-fpm --build-arg COMPOSER_USER="$COMPOSER_USER" --build-arg COMPOSER_PASS="$COMPOSER_PASS" .
-          docker image build -t $REGISTRY/$REPOSITORY:nginx-$IMAGE_TAG --target build-nginx --build-arg COMPOSER_USER="$COMPOSER_USER" --build-arg COMPOSER_PASS="$COMPOSER_PASS" .
-          docker image build -t $REGISTRY/$REPOSITORY:cron-$IMAGE_TAG --target build-cron .
+          
+          # ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+               
+          docker image build -t $REGISTRY/$REPOSITORY:fpm-$IMAGE_TAG \
+              --build-arg COMPOSER_USER="$COMPOSER_USER" --build-arg COMPOSER_PASS="$COMPOSER_PASS" \
+              --build-arg AS3CF_PRO_USER="$AS3CF_PRO_USER" --build-arg AS3CF_PRO_PASS="$AS3CF_PRO_PASS" \
+              --target build-fpm .
+          
+          docker image build -t $REGISTRY/$REPOSITORY:nginx-$IMAGE_TAG \
+            --build-arg COMPOSER_USER="$COMPOSER_USER" --build-arg COMPOSER_PASS="$COMPOSER_PASS" \
+            --build-arg AS3CF_PRO_USER="$AS3CF_PRO_USER" --build-arg AS3CF_PRO_PASS="$AS3CF_PRO_PASS" \
+            --target build-nginx .
+          
+          docker image build -t $REGISTRY/$REPOSITORY:cron-$IMAGE_TAG \
+            --target build-cron .
+        
+          # ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+          
           docker push $REGISTRY/$REPOSITORY:fpm-$IMAGE_TAG
           docker push $REGISTRY/$REPOSITORY:nginx-$IMAGE_TAG
           docker push $REGISTRY/$REPOSITORY:cron-$IMAGE_TAG
+          
+          # ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░  ░░
+
         env:
           REGISTRY: ${{ steps.ecr-login.outputs.registry }}
           REPOSITORY: ${{ vars.ECR_REPOSITORY }}
           IMAGE_TAG: ${{ github.sha }}
           COMPOSER_USER: ${{ secrets.COMPOSER_USER }}
           COMPOSER_PASS: ${{ secrets.COMPOSER_PASS }}
+          AS3CF_PRO_USER: ${{ secrets.AS3CF_PRO_USER }}
+          AS3CF_PRO_PASS: ${{ secrets.AS3CF_PRO_PASS }}
diff --git a/.github/workflows/php-composer-test.yml b/.github/workflows/php-composer-test.yml
@@ -40,6 +40,8 @@ jobs:
       env:
         COMPOSER_USER: ${{ secrets.COMPOSER_USER }}
         COMPOSER_PASS: ${{ secrets.COMPOSER_PASS }}
+        AS3CF_PRO_USER: ${{ secrets.AS3CF_PRO_USER }}
+        AS3CF_PRO_PASS: ${{ secrets.AS3CF_PRO_PASS }}
 
     - name: "Run tests"
       run: make test
diff --git a/.github/workflows/snyk-security.yml b/.github/workflows/snyk-security.yml
@@ -46,11 +46,21 @@ jobs:
         # Build the docker images for testing
       - name: Container monitor ~ build FPM & Nginx Docker images
         run: |
-          docker image build --build-arg COMPOSER_USER="$COMPOSER_USER" --build-arg COMPOSER_PASS="$COMPOSER_PASS" -t intranet-fpm:snyk --target build-fpm .
-          docker image build --build-arg COMPOSER_USER="$COMPOSER_USER" --build-arg COMPOSER_PASS="$COMPOSER_PASS" -t intranet-nginx:snyk --target build-nginx .
+          docker image build \
+            --build-arg COMPOSER_USER="$COMPOSER_USER" --build-arg COMPOSER_PASS="$COMPOSER_PASS" \
+            --build-arg AS3CF_PRO_USER="$AS3CF_PRO_USER" --build-arg AS3CF_PRO_PASS="$AS3CF_PRO_PASS" \
+            -t intranet-fpm:snyk --target build-fpm .
+          
+          docker image build \
+            --build-arg COMPOSER_USER="$COMPOSER_USER" --build-arg COMPOSER_PASS="$COMPOSER_PASS" \
+            --build-arg AS3CF_PRO_USER="$AS3CF_PRO_USER" --build-arg AS3CF_PRO_PASS="$AS3CF_PRO_PASS" \
+            -t intranet-nginx:snyk --target build-nginx .
+
         env:
           COMPOSER_USER: ${{ secrets.COMPOSER_USER }}
           COMPOSER_PASS: ${{ secrets.COMPOSER_PASS }}
+          AS3CF_PRO_USER: ${{ secrets.AS3CF_PRO_USER }}
+          AS3CF_PRO_PASS: ${{ secrets.AS3CF_PRO_PASS }}
 
         # Runs Snyk Container (Container and SCA) analysis.
       - name: Container monitor ~ analyse

diff --git a/.gitignore b/.gitignore
@@ -18,8 +18,7 @@ public/app/mu-plugins/*/
 public/app/upgrade
 public/app/languages/*
 public/app/uploads/*
-vendor
-vendor-assets
+vendor*
 .dory.yml
 !deploy/config/local/.dory.yml
 auth.json

diff --git a/Dockerfile b/Dockerfile
@@ -66,6 +66,8 @@ USER 101
 
 FROM base-fpm AS fpm-dev
 
+RUN apk add zip
+
 WORKDIR /var/www/html
 
 COPY --from=composer:2 /usr/bin/composer /usr/bin/composer
@@ -111,6 +113,8 @@ FROM base-fpm AS build-fpm-composer
 
 ARG COMPOSER_USER
 ARG COMPOSER_PASS
+ARG AS3CF_PRO_USER
+ARG AS3CF_PRO_PASS
 
 COPY --from=composer:2 /usr/bin/composer /usr/bin/composer