Upgrading to Version 5.2.2+211115

Update entrypoint to enable an empty table prefix

 - Who are we to dictate a table prefix
 - Makes it easier to migrate existing databases that don't have a prefix

.github/workflows/build-latest-container-images.yaml

@@ -0,0 +1,96 @@
+name: Publish Latest Container Images
+on:
+  push:
+    tags:
+      - '5.*'
+
+jobs:
+  lint_dockerfiles:
+    name: Lint Dockerfile with hadolint
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        dockerfile:
+          - 5.0/apache/Dockerfile
+          - 5.0/fpm-alpine/Dockerfile
+          - 5.0/fpm/Dockerfile
+    steps:
+      - uses: actions/checkout@v2
+      - uses: hadolint/hadolint-action@v1.5.0
+        with:
+          dockerfile: ${{ matrix.dockerfile }}
+          ignore: DL4006 DL3008 DL3018
+
+  push_images_to_registries:
+    name: Push Container Images to registries
+    runs-on: ubuntu-latest
+    needs: [lint_dockerfiles]
+    environment: docker-build
+    permissions:
+      packages: write
+      contents: read
+    steps:
+      - name: 'Check out the repo'
+        uses: actions/checkout@v2
+      - name: 'Set up Docker Buildx'
+        uses: docker/setup-buildx-action@v1
+        with:
+          buildkitd-flags: --debug
+      - name: 'Log in to DockerHub'
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_TOKEN }}
+      - name: 'Apache variant metadata'
+        id: metadata-apache
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            docker.io/martialblog/limesurvey
+          tags: |
+            type=semver,pattern={{raw}},suffix=-apache
+            type=semver,pattern={{major}},suffix=-apache
+          flavor: |
+            latest=false
+      - name: 'Build and push latest Apache container images'
+        uses: docker/build-push-action@v2
+        with:
+          context: 5.0/apache
+          push: true
+          tags: ${{ steps.metadata-apache.outputs.tags }}
+          labels: ${{ steps.metadata-apache.outputs.labels }}
+
+      - name: 'FPM variant metadata'
+        id: metadata-fpm
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            docker.io/martialblog/limesurvey
+          tags: |
+            type=semver,pattern={{version}},suffix=-fpm
+            type=semver,pattern={{major}},suffix=-fpm
+      - name: 'Build and push latest fpm container images'
+        uses: docker/build-push-action@v2
+        with:
+          context: 5.0/fpm
+          push: true
+          tags: ${{ steps.metadata-fpm.outputs.tags }}
+          labels: ${{ steps.metadata-fpm.outputs.labels }}
+
+      - name: 'FPM Alpine variant metadata'
+        id: metadata-fpm-alpine
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            docker.io/martialblog/limesurvey
+          tags: |
+            type=semver,pattern={{version}},suffix=-fpm-alpine
+            type=semver,pattern={{major}},suffix=-fpm-alpine
+      - name: 'Build and push latest fpm-alpine container images'
+        uses: docker/build-push-action@v2
+        with:
+          context: 5.0/fpm-alpine
+          push: true
+          tags: ${{ steps.metadata-fpm-alpine.outputs.tags }}
+          labels: ${{ steps.metadata-fpm-alpine.outputs.labels }}

.github/workflows/build-lts-container-images.yaml

@@ -0,0 +1,96 @@
+name: Publish LTS Container Images
+on:
+  push:
+    tags:
+      - '3.*'
+
+jobs:
+  lint_dockerfiles:
+    name: 'Lint Dockerfile with hadolint'
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        dockerfile:
+          - 3.0/apache/Dockerfile
+          - 3.0/fpm-alpine/Dockerfile
+          - 3.0/fpm/Dockerfile
+    steps:
+      - uses: actions/checkout@v2
+      - uses: hadolint/hadolint-action@v1.5.0
+        with:
+          dockerfile: ${{ matrix.dockerfile }}
+          ignore: DL4006 DL3008 DL3018
+
+  push_images_to_registries:
+    name: 'Push container images to registries'
+    runs-on: ubuntu-latest
+    needs: [lint_dockerfiles]
+    environment: docker-build
+    permissions:
+      packages: write
+      contents: read
+    steps:
+      - name: 'Check out the repo'
+        uses: actions/checkout@v2
+      - name: 'Set up Docker Buildx'
+        uses: docker/setup-buildx-action@v1
+        with:
+          buildkitd-flags: --debug
+      - name: 'Log in to DockerHub'
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_TOKEN }}
+      - name: 'Apache variant metadata'
+        id: metadata-apache
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            docker.io/martialblog/limesurvey
+          tags: |
+            type=semver,pattern={{raw}},suffix=-apache
+            type=semver,pattern={{major}},suffix=-apache
+          flavor: |
+            latest=false
+      - name: 'Build and push LTS apache container images'
+        uses: docker/build-push-action@v2
+        with:
+          context: 3.0/apache
+          push: true
+          tags: ${{ steps.metadata-apache.outputs.tags }}
+          labels: ${{ steps.metadata-apache.outputs.labels }}
+
+      - name: 'FPM variant metadata'
+        id: metadata-fpm
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            docker.io/martialblog/limesurvey
+          tags: |
+            type=semver,pattern={{version}},suffix=-fpm
+            type=semver,pattern={{major}},suffix=-fpm
+      - name: 'Build and push LTS fpm container images'
+        uses: docker/build-push-action@v2
+        with:
+          context: 3.0/fpm
+          push: true
+          tags: ${{ steps.metadata-fpm.outputs.tags }}
+          labels: ${{ steps.metadata-apache.outputs.labels }}
+
+      - name: 'FPM Alpine variant metadata'
+        id: metadata-fpm-alpine
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            docker.io/martialblog/limesurvey
+          tags: |
+            type=semver,pattern={{version}},suffix=-fpm-alpine
+            type=semver,pattern={{major}},suffix=-fpm-alpine
+      - name: 'Build and push LTS fpm-alpine container images'
+        uses: docker/build-push-action@v2
+        with:
+          context: 3.0/fpm-alpine
+          push: true
+          tags: ${{ steps.metadata-fpm-alpine.outputs.tags }}
+          labels: ${{ steps.metadata-apache.outputs.labels }}

.github/workflows/lint-dockerfiles.yaml

@@ -0,0 +1,24 @@
+---
+name: Lint Dockerfile
+
+on: [push, pull_request]
+
+jobs:
+  lint:
+    name: Lint Dockerfile with hadolint
+    strategy:
+      matrix:
+        dockerfile:
+          - 3.0/apache/Dockerfile
+          - 3.0/fpm-alpine/Dockerfile
+          - 3.0/fpm/Dockerfile
+          - 5.0/apache/Dockerfile
+          - 5.0/fpm-alpine/Dockerfile
+          - 5.0/fpm/Dockerfile
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - uses: hadolint/hadolint-action@v1.5.0
+        with:
+          dockerfile: ${{ matrix.dockerfile }}
+          ignore: DL4006 DL3008 DL3018

.github/workflows/test-latest-container-images.yaml

@@ -0,0 +1,34 @@
+name: Test Latest Container Images
+
+on: [push, pull_request]
+
+jobs:
+  test_images:
+    name: Test Latest Container Images with Trivy
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        context:
+          - apache
+          - fpm-alpine
+          - fpm
+    steps:
+      - name: 'Check out the repo'
+        uses: actions/checkout@v2
+
+      - name: 'Set up Docker Buildx'
+        uses: docker/setup-buildx-action@v1
+
+      - name: 'Build Container images'
+        uses: docker/build-push-action@v2
+        with:
+          context: 5.0/${{ matrix.context }}
+          push: false
+          load: true
+          tags: docker.io/martialblog/limesurvey:5-${{ matrix.context }}
+
+      - name: 'Run Structure tests'
+        uses: plexsystems/container-structure-test-action@v0.2.0
+        with:
+          image: docker.io/martialblog/limesurvey:5-${{ matrix.context }}
+          config: tests/${{ matrix.context }}-tests.yaml

.github/workflows/test-lts-container-images.yaml

@@ -0,0 +1,34 @@
+name: Test LTS Container Images
+
+on: [push, pull_request]
+
+jobs:
+  test_images:
+    name: Test LTS Container Images with Trivy
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        context:
+          - apache
+          - fpm-alpine
+          - fpm
+    steps:
+      - name: 'Check out the repo'
+        uses: actions/checkout@v2
+
+      - name: 'Set up Docker Buildx'
+        uses: docker/setup-buildx-action@v1
+
+      - name: 'Build Container images'
+        uses: docker/build-push-action@v2
+        with:
+          context: 3.0/${{ matrix.context }}
+          push: false
+          load: true
+          tags: docker.io/martialblog/limesurvey:3-${{ matrix.context }}
+
+      - name: 'Run Structure tests'
+        uses: plexsystems/container-structure-test-action@v0.2.0
+        with:
+          image: docker.io/martialblog/limesurvey:3-${{ matrix.context }}
+          config: tests/${{ matrix.context }}-tests.yaml

.travis.yml

@@ -1,18 +0,0 @@
-sudo: required
-language: bash
-services:
-  - docker
-install:
-jobs:
-  include:
-    - env: HADOLINT="${HOME}/hadolint"
-      script:
-          - curl -sL -o ${HADOLINT} "https://github.com/hadolint/hadolint/releases/download/v1.23.0/hadolint-$(uname -s)-$(uname -m)"
-          - chmod 700 ${HADOLINT}
-          - git ls-files --exclude='Dockerfile*' --ignored | xargs --max-lines=1 ${HADOLINT} --ignore DL4006 --ignore DL3008 --ignore DL3018
-    - env: TAG=martialblog/limesurvey-apache
-      script: cd 5.0/apache; docker build -q -t $TAG . && cd ../..; ./tests/run.sh $TAG
-    - env: TAG=martialblog/limesurvey-fpm
-      script: cd 5.0/fpm; docker build -q -t $TAG . && cd ../..; ./tests/run.sh $TAG
-    - env: TAG=martialblog/limesurvey-alpine
-      script: cd 5.0/fpm; docker build -q -t $TAG . && cd ../..; ./tests/run.sh $TAG

3.0/apache/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:7.4-apache
 LABEL maintainer="markus@martialblog.de"
-ARG version='3.27.1+210531'
-ARG sha256_checksum='229019839642239d14b11b443bafee59e1fadf0c5e7718f101b8fb789de81e4a'
+ARG version='3.27.25+211116'
+ARG sha256_checksum='91ecfecffc3a437dbb14dec19054d64f07849fe1de00a1322699bd1f50185582'
 ARG USER=root
 ARG LISTEN_PORT=80
 
@@ -76,6 +76,7 @@ RUN set -ex; \
 
 WORKDIR /var/www/html
 COPY entrypoint.sh entrypoint.sh
+COPY vhosts-access-log.conf /etc/apache2/conf-enabled/other-vhosts-access-log.conf
 USER $USER
 ENTRYPOINT ["/var/www/html/entrypoint.sh"]
 CMD ["apache2-foreground"]

3.0/apache/entrypoint.sh

@@ -19,6 +19,8 @@ ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
 BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
+SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -37,12 +39,12 @@ fi
 
 if [ "$LISTEN_PORT" != "80" ]; then
     echo "Info: Customizing Apache Listen port to $LISTEN_PORT"
-    sed -i "s/80/$LISTEN_PORT/" /etc/apache2/ports.conf /etc/apache2/sites-available/000-default.conf
+    sed -i "s/Listen 80\$/Listen $LISTEN_PORT/" /etc/apache2/ports.conf /etc/apache2/sites-available/000-default.conf
 fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -65,7 +67,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -87,12 +89,17 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
-      'showScriptName' => true,
+      'showScriptName' => $SHOW_SCRIPT_NAME,
     ),
     'request' => array(
       'baseUrl' => '$BASE_URL',
@@ -109,17 +116,25 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
 
 # Check if LimeSurvey database is provisioned
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

3.0/apache/vhosts-access-log.conf

@@ -0,0 +1,3 @@
+SetEnvIF User-Agent "(?i)(check|health|probe)" dontlog
+ErrorLog ${APACHE_LOG_DIR}/error.log
+CustomLog ${APACHE_LOG_DIR}/access.log combined env=!dontlog

3.0/fpm-alpine/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:7.4-fpm-alpine
 LABEL maintainer="markus@martialblog.de"
-ARG version='3.27.1+210531'
-ARG sha256_checksum='229019839642239d14b11b443bafee59e1fadf0c5e7718f101b8fb789de81e4a'
+ARG version='3.27.25+211116'
+ARG sha256_checksum='91ecfecffc3a437dbb14dec19054d64f07849fe1de00a1322699bd1f50185582'
 
 # Install OS dependencies
 RUN set -ex; \

3.0/fpm-alpine/entrypoint.sh

@@ -19,6 +19,8 @@ ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
 BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
+SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -35,7 +37,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -58,7 +60,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -80,12 +82,17 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
-      'showScriptName' => true,
+      'showScriptName' => $SHOW_SCRIPT_NAME,
     ),
     'request' => array(
       'baseUrl' => '$BASE_URL',
@@ -102,17 +109,25 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
 
 # Check if LimeSurvey database is provisioned
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

3.0/fpm/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:7.4-fpm
 LABEL maintainer="markus@martialblog.de"
-ARG version='3.27.1+210531'
-ARG sha256_checksum='229019839642239d14b11b443bafee59e1fadf0c5e7718f101b8fb789de81e4a'
+ARG version='3.27.25+211116'
+ARG sha256_checksum='91ecfecffc3a437dbb14dec19054d64f07849fe1de00a1322699bd1f50185582'
 
 # Install OS dependencies
 RUN set -ex; \

3.0/fpm/entrypoint.sh

@@ -19,6 +19,8 @@ ADMIN_PASSWORD=${ADMIN_PASSWORD:-}
 BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
+SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -35,7 +37,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -58,7 +60,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -80,12 +82,17 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
-      'showScriptName' => true,
+      'showScriptName' => $SHOW_SCRIPT_NAME,
     ),
     'request' => array(
       'baseUrl' => '$BASE_URL',
@@ -102,17 +109,25 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
 
 # Check if LimeSurvey database is provisioned
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

4.0/apache/entrypoint.sh

@@ -10,6 +10,7 @@ DB_NAME=${DB_NAME:-'limesurvey'}
 DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
 DB_USERNAME=${DB_USERNAME:-'limesurvey'}
 DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
 
 ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
 ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
@@ -41,12 +42,12 @@ fi
 
 if [ "$LISTEN_PORT" != "80" ]; then
     echo "Info: Customizing Apache Listen port to $LISTEN_PORT"
-    sed -i "s/80/$LISTEN_PORT/" /etc/apache2/ports.conf /etc/apache2/sites-available/000-default.conf
+    sed -i "s/Listen 80\$/Listen $LISTEN_PORT/" /etc/apache2/ports.conf /etc/apache2/sites-available/000-default.conf
 fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -69,7 +70,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -106,6 +107,7 @@ return array(
     'publicurl'=>'$PUBLIC_URL',
     'debug'=>$DEBUG,
     'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
   )
 );
 
@@ -118,7 +120,7 @@ if [ -f application/config/security.php ]; then
     echo 'Info: security.php already provisioned'
 else
     echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
 
         cat <<EOF > application/config/security.php
 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
@@ -139,12 +141,14 @@ fi
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

4.0/fpm-alpine/entrypoint.sh

@@ -10,6 +10,7 @@ DB_NAME=${DB_NAME:-'limesurvey'}
 DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
 DB_USERNAME=${DB_USERNAME:-'limesurvey'}
 DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
 
 ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
 ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
@@ -39,7 +40,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -62,7 +63,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -99,6 +100,7 @@ return array(
     'publicurl'=>'$PUBLIC_URL',
     'debug'=>$DEBUG,
     'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
   )
 );
 
@@ -111,7 +113,7 @@ if [ -f application/config/security.php ]; then
     echo 'Info: security.php already provisioned'
 else
     echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
 
         cat <<EOF > application/config/security.php
 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
@@ -132,12 +134,14 @@ fi
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

4.0/fpm/entrypoint.sh

@@ -10,6 +10,7 @@ DB_NAME=${DB_NAME:-'limesurvey'}
 DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
 DB_USERNAME=${DB_USERNAME:-'limesurvey'}
 DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
 
 ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
 ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
@@ -39,7 +40,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -62,7 +63,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -99,6 +100,7 @@ return array(
     'publicurl'=>'$PUBLIC_URL',
     'debug'=>$DEBUG,
     'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
   )
 );
 
@@ -111,7 +113,7 @@ if [ -f application/config/security.php ]; then
     echo 'Info: security.php already provisioned'
 else
     echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
 
         cat <<EOF > application/config/security.php
 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
@@ -132,12 +134,14 @@ fi
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

5.0/apache/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:8-apache
 LABEL maintainer="markus@martialblog.de"
-ARG version='5.0.0+210526'
-ARG sha256_checksum='b82edc84970b438fdcc63880bb4dee74ee5afb61540f25be8c84a102881c2bc0'
+ARG version='5.2.2+211115'
+ARG sha256_checksum='61148c6131ea99a699d95117d1b53f1ba7971c609c93353e7b6221dd13515659'
 ARG USER=www-data
 ARG LISTEN_PORT=8080
 
@@ -79,6 +79,7 @@ EXPOSE $LISTEN_PORT
 
 WORKDIR /var/www/html
 COPY entrypoint.sh entrypoint.sh
+COPY vhosts-access-log.conf /etc/apache2/conf-enabled/other-vhosts-access-log.conf
 USER $USER
 ENTRYPOINT ["/var/www/html/entrypoint.sh"]
 CMD ["apache2-foreground"]

5.0/apache/entrypoint.sh

@@ -10,10 +10,13 @@ DB_NAME=${DB_NAME:-'limesurvey'}
 DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
 DB_USERNAME=${DB_USERNAME:-'limesurvey'}
 DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
 
 ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
 ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
 ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
+ENCRYPT_NONCE=${ENCRYPT_NONCE:-}
+ENCRYPT_SECRET_BOX_KEY=${ENCRYPT_SECRET_BOX_KEY:-}
 
 ADMIN_USER=${ADMIN_USER:-'admin'}
 ADMIN_NAME=${ADMIN_NAME:-'admin'}
@@ -24,6 +27,7 @@ BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
 SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -42,12 +46,12 @@ fi
 
 if [ "$LISTEN_PORT" != "80" ]; then
     echo "Info: Customizing Apache Listen port to $LISTEN_PORT"
-    sed -i "s/80/$LISTEN_PORT/" /etc/apache2/ports.conf /etc/apache2/sites-available/000-default.conf
+    sed -i "s/Listen 80\$/Listen $LISTEN_PORT/" /etc/apache2/ports.conf /etc/apache2/sites-available/000-default.conf
 fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -70,7 +74,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -92,8 +96,13 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
@@ -107,6 +116,7 @@ return array(
     'publicurl'=>'$PUBLIC_URL',
     'debug'=>$DEBUG,
     'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
   )
 );
 
@@ -114,12 +124,19 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
+
 # Check if security config already provisioned
 if [ -f application/config/security.php ]; then
     echo 'Info: security.php already provisioned'
 else
     echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
 
         cat <<EOF > application/config/security.php
 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
@@ -127,6 +144,8 @@ else
 \$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
 \$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
 \$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
+\$config['encryptionnonce'] = '$ENCRYPT_NONCE';
+\$config['encryptionsecretboxkey'] = '$ENCRYPT_SECRET_BOX_KEY';
 return \$config;
 EOF
     else
@@ -140,12 +159,14 @@ fi
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

5.0/apache/vhosts-access-log.conf

@@ -0,0 +1,3 @@
+SetEnvIF User-Agent "(?i)(check|health|probe)" dontlog
+ErrorLog ${APACHE_LOG_DIR}/error.log
+CustomLog ${APACHE_LOG_DIR}/access.log combined env=!dontlog

5.0/fpm-alpine/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:8-fpm-alpine
 LABEL maintainer="markus@martialblog.de"
-ARG version='5.0.0+210526'
-ARG sha256_checksum='b82edc84970b438fdcc63880bb4dee74ee5afb61540f25be8c84a102881c2bc0'
+ARG version='5.2.2+211115'
+ARG sha256_checksum='61148c6131ea99a699d95117d1b53f1ba7971c609c93353e7b6221dd13515659'
 ARG USER=www-data
 
 # Install OS dependencies

5.0/fpm-alpine/entrypoint.sh

@@ -10,10 +10,13 @@ DB_NAME=${DB_NAME:-'limesurvey'}
 DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
 DB_USERNAME=${DB_USERNAME:-'limesurvey'}
 DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
 
 ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
 ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
 ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
+ENCRYPT_NONCE=${ENCRYPT_NONCE:-}
+ENCRYPT_SECRET_BOX_KEY=${ENCRYPT_SECRET_BOX_KEY:-}
 
 ADMIN_USER=${ADMIN_USER:-'admin'}
 ADMIN_NAME=${ADMIN_NAME:-'admin'}
@@ -24,6 +27,7 @@ BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
 SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -40,7 +44,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -63,7 +67,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -85,8 +89,13 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
@@ -100,6 +109,7 @@ return array(
     'publicurl'=>'$PUBLIC_URL',
     'debug'=>$DEBUG,
     'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
   )
 );
 
@@ -107,12 +117,19 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
+
 # Check if security config already provisioned
 if [ -f application/config/security.php ]; then
     echo 'Info: security.php already provisioned'
 else
     echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
 
         cat <<EOF > application/config/security.php
 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
@@ -120,6 +137,8 @@ else
 \$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
 \$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
 \$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
+\$config['encryptionnonce'] = '$ENCRYPT_NONCE';
+\$config['encryptionsecretboxkey'] = '$ENCRYPT_SECRET_BOX_KEY';
 return \$config;
 EOF
     else
@@ -133,12 +152,14 @@ fi
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME" "$ADMIN_EMAIL"
 fi
 
 exec "$@"

5.0/fpm/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:8-fpm
 LABEL maintainer="markus@martialblog.de"
-ARG version='5.0.0+210526'
-ARG sha256_checksum='b82edc84970b438fdcc63880bb4dee74ee5afb61540f25be8c84a102881c2bc0'
+ARG version='5.2.2+211115'
+ARG sha256_checksum='61148c6131ea99a699d95117d1b53f1ba7971c609c93353e7b6221dd13515659'
 ARG USER=www-data
 
 # Install OS dependencies

5.0/fpm/entrypoint.sh

@@ -10,10 +10,13 @@ DB_NAME=${DB_NAME:-'limesurvey'}
 DB_TABLE_PREFIX=${DB_TABLE_PREFIX:-'lime_'}
 DB_USERNAME=${DB_USERNAME:-'limesurvey'}
 DB_PASSWORD=${DB_PASSWORD:-}
+DB_MYSQL_ENGINE=${DB_MYSQL_ENGINE:-'MyISAM'}
 
 ENCRYPT_KEYPAIR=${ENCRYPT_KEYPAIR:-}
 ENCRYPT_PUBLIC_KEY=${ENCRYPT_PUBLIC_KEY:-}
 ENCRYPT_SECRET_KEY=${ENCRYPT_SECRET_KEY:-}
+ENCRYPT_NONCE=${ENCRYPT_NONCE:-}
+ENCRYPT_SECRET_BOX_KEY=${ENCRYPT_SECRET_BOX_KEY:-}
 
 ADMIN_USER=${ADMIN_USER:-'admin'}
 ADMIN_NAME=${ADMIN_NAME:-'admin'}
@@ -24,6 +27,7 @@ BASE_URL=${BASE_URL:-}
 PUBLIC_URL=${PUBLIC_URL:-}
 URL_FORMAT=${URL_FORMAT:-'path'}
 SHOW_SCRIPT_NAME=${SHOW_SCRIPT_NAME:-'true'}
+TABLE_SESSION=${TABLE_SESSION:-}
 
 DEBUG=${DEBUG:-0}
 DEBUG_SQL=${DEBUG_SQL:-0}
@@ -40,7 +44,7 @@ fi
 
 # Check if database is available
 if [ -z "$DB_SOCK" ]; then
-    until nc -z -v -w30 $DB_HOST $DB_PORT
+    until nc -z -v -w30 "$DB_HOST" "$DB_PORT"
     do
         echo "Info: Waiting for database connection..."
         sleep 5
@@ -63,7 +67,7 @@ else
         DB_CHARSET=${DB_CHARSET:-'utf8'}
     fi
 
-    if [ ! -z "$DB_SOCK" ]; then
+    if [ -n "$DB_SOCK" ]; then
         echo 'Info: Using unix socket'
         DB_CONNECT='unix_socket'
     else
@@ -85,8 +89,13 @@ return array(
       'username' => '$DB_USERNAME',
       'password' => '$DB_PASSWORD',
       'charset' => '$DB_CHARSET',
-      'tablePrefix' => '$DB_TABLE_PREFIX',
+      'tablePrefix' => '${DB_TABLE_PREFIX//[[:space:]]/}',
     ),
+    //'session' => array (
+    //   'class' => 'application.core.web.DbHttpSession',
+    //   'connectionID' => 'db',
+    //   'sessionTableName' => '{{sessions}}',
+    //),
     'urlManager' => array(
       'urlFormat' => '$URL_FORMAT',
       'rules' => array(),
@@ -100,6 +109,7 @@ return array(
     'publicurl'=>'$PUBLIC_URL',
     'debug'=>$DEBUG,
     'debugsql'=>$DEBUG_SQL,
+    'mysqlEngine' => '$DB_MYSQL_ENGINE',
   )
 );
 
@@ -107,12 +117,19 @@ EOF
 
 fi
 
+# Enable Table Sessions if required
+if [ -n "$TABLE_SESSION" ]; then
+    echo 'Info: Setting Table Session'
+    # Remove the comments in the config
+    sed -i "s/\/\///g" application/config/config.php
+fi
+
 # Check if security config already provisioned
 if [ -f application/config/security.php ]; then
     echo 'Info: security.php already provisioned'
 else
     echo 'Info: Creating security.php'
-    if [ ! -z "$ENCRYPT_KEYPAIR" ]; then
+    if [ -n "$ENCRYPT_KEYPAIR" ]; then
 
         cat <<EOF > application/config/security.php
 <?php if (!defined('BASEPATH')) exit('No direct script access allowed');
@@ -120,6 +137,8 @@ else
 \$config['encryptionkeypair'] = '$ENCRYPT_KEYPAIR';
 \$config['encryptionpublickey'] = '$ENCRYPT_PUBLIC_KEY';
 \$config['encryptionsecretkey'] = '$ENCRYPT_SECRET_KEY';
+\$config['encryptionnonce'] = '$ENCRYPT_NONCE';
+\$config['encryptionsecretboxkey'] = '$ENCRYPT_SECRET_BOX_KEY';
 return \$config;
 EOF
     else
@@ -133,12 +152,14 @@ fi
 echo 'Info: Check if database already provisioned. Nevermind the Stack trace.'
 php application/commands/console.php updatedb
 
-if [ $? -eq 0 ]; then
+PHP_UPDATEDB_EXIT_CODE=$?
+
+if [ $PHP_UPDATEDB_EXIT_CODE -eq 0 ]; then
     echo 'Info: Database already provisioned'
 else
     echo ''
     echo 'Running console.php install'
-    php application/commands/console.php install $ADMIN_USER $ADMIN_PASSWORD $ADMIN_NAME $ADMIN_EMAIL
+    php application/commands/console.php install "$ADMIN_USER" "$ADMIN_PASSWORD" "$ADMIN_NAME $ADMIN_EMAIL"
 fi
 
 exec "$@"

CONTRIBUTING.md

@@ -24,15 +24,29 @@ It is best to use the upgrade shell script:
 # Check if sha256 is correct
 
 git add 4.0/ && git commit -m 'Upgrading to Version 4.3.13+200824'
-git tag 4.3.13+200824
+git tag 4.3.13-200824
 ```
 
 ## Testing
 
-In order to make sure the image works as promised, some tests are provided:
-
-```bash
-./tests/run.sh
-```
+In order to make sure the image works as promised, some container-structure-tests are provided. The tests require the `container-structure-test` tool to be installed.
 
 For further information:  https://github.com/GoogleContainerTools/container-structure-test
+
+```bash
+make apache-latest
+
+container-structure-test test --image docker.io/martialblog/limesurvey:5-apache --config tests/apache-tests.yaml
+```
+
+```bash
+make fpm-latest
+
+container-structure-test test --image  docker.io/martialblog/limesurvey:5-fpm-alpine --config tests/fpm-alpine-tests.yaml
+```
+
+```bash
+make fpm-alpine-latest
+
+container-structure-test test --image  docker.io/martialblog/limesurvey:5-fpm --config tests/fpm-tests.yaml
+```

Makefile

@@ -1,14 +1,14 @@
 # .PHONY: apache fpm fpm-alpine
 
 apache-lts:
-	docker build --pull -t martialblog/limesurvey:3-apache 3.0/apache
+	docker build --pull -t docker.io/martialblog/limesurvey:3-apache 3.0/apache
 apache-latest:
-	docker build --pull -t martialblog/limesurvey:5-apache 5.0/apache
+	docker build --pull -t docker.io/martialblog/limesurvey:5-apache 5.0/apache
 fpm-alpine-lts:
-	docker build --pull -t martialblog/limesurvey:3-fpm-alpine 3.0/fpm-alpine
+	docker build --pull -t docker.io/martialblog/limesurvey:3-fpm-alpine 3.0/fpm-alpine
 fpm-alpine-latest:
-	docker build --pull -t martialblog/limesurvey:5-fpm-alpine 5.0/fpm-alpine
+	docker build --pull -t docker.io/martialblog/limesurvey:5-fpm-alpine 5.0/fpm-alpine
 fpm-lts:
-	docker build --pull -t martialblog/limesurvey:3-fpm 3.0/fpm
+	docker build --pull -t docker.io/martialblog/limesurvey:3-fpm 3.0/fpm
 fpm-latest:
-	docker build --pull -t martialblog/limesurvey:5-fpm 5.0/fpm
+	docker build --pull -t docker.io/martialblog/limesurvey:5-fpm 5.0/fpm

README.md

@@ -1,4 +1,6 @@
-[![Build Status](https://travis-ci.com/martialblog/docker-limesurvey.svg?branch=master)](https://travis-ci.com/martialblog/docker-limesurvey)
+[![Lint Dockerfile](https://github.com/martialblog/docker-limesurvey/actions/workflows/lint-dockerfiles.yaml/badge.svg)](https://github.com/martialblog/docker-limesurvey/actions/workflows/lint-dockerfiles.yaml)
+[![Test LTS Container Images](https://github.com/martialblog/docker-limesurvey/actions/workflows/test-lts-container-images.yaml/badge.svg)](https://github.com/martialblog/docker-limesurvey/actions/workflows/test-lts-container-images.yaml)
+[![Test Latest Container Images](https://github.com/martialblog/docker-limesurvey/actions/workflows/test-latest-container-images.yaml/badge.svg)](https://github.com/martialblog/docker-limesurvey/actions/workflows/test-latest-container-images.yaml)
 [![](https://images.microbadger.com/badges/image/martialblog/limesurvey.svg)](https://microbadger.com/images/martialblog/limesurvey "Get your own image badge on microbadger.com")
 
 # LimeSurvey Docker
@@ -101,7 +103,8 @@ For further details on the settings see: https://manual.limesurvey.org/Data_encr
 | DB_PORT         | Database server port                      |
 | DB_SOCK         | Database unix socket instead of host/port |
 | DB_NAME         | Database name                             |
-| DB_TABLE_PREFIX | Database table prefix                     |
+| DB_TABLE_PREFIX | Database table prefix; set this to a single whitespace if you don't want a table prefix. |
+| DB_MYSQL_ENGINE | MySQL engine used for survey tables (values: MyISAM, InnoDB, default: MyISAM)       |
 | DB_USERNAME     | Database user                             |
 | DB_PASSWORD     | Database user's password                  |
 | ADMIN_USER      | Initial LimeSurvey Admin User             |
@@ -111,17 +114,20 @@ For further details on the settings see: https://manual.limesurvey.org/Data_encr
 | PUBLIC_URL      | Public URL for public scripts             |
 | BASE_URL        | Application Base URL                      |
 | URL_FORMAT      | URL Format. path or get                   |
+| TABLE_SESSION   | Enable table sessions (true)              |
 | SHOW_SCRIPT_NAME | Script name in URL (true|false). Default: true |
 | DEBUG           | Debug level (0, 1, 2). Default: 0         |
 | DEBUG_SQL       | SQL Debug level (0, 1, 2). Default 0      |
 | ENCRYPT_KEYPAIR  | Data encryption keypair                  |
 | ENCRYPT_PUBLIC_KEY | Data encryption public key             |
 | ENCRYPT_SECRET_KEY | Data encryption secret key             |
+| ENCRYPT_NONCE      | Data encryption nonce (used in 5.0)    |
+| ENCRYPT_SECRET_BOX_KEY | Data encryption secret box key (used in 5.0)             |
 | LISTEN_PORT     | Apache: Listen port. Default: 8080        |
 
 For further details on the settings see: https://manual.limesurvey.org/Optional_settings#Advanced_Path_Settings
 
-# Running this Image with docker-compose
+# Running LimeSurvey with docker-compose
 
 The easiest way to get a fully featured and functional setup is using a docker-compose file. Several examples are provided in the [repository](https://github.com/martialblog/docker-limesurvey).
 
@@ -135,6 +141,12 @@ http://localhost:8080/
 http://localhost:8080/index.php/admin
 ```
 
+# Running LimeSurvey with Helm
+
+A Helm Chart for this Image can be used for deployments. Please refer to the Helm Repository for further details:
+
+https://github.com/martialblog/helm-charts
+
 # Upgrade Guide
 
 These guides are only referring to the Docker Image, for details on the application users should consult the [official LimeSurvey documentation](https://manual.limesurvey.org/Upgrading_from_a_previous_version) for details.

docker-compose.pgsql.yml

@@ -2,6 +2,7 @@ version: "3.0"
 services:
   limesurvey:
     build:
+      # Hint: Change it to 3.0/apache/ if you want to use LimeSurvey 3.*
       context: 5.0/apache/
       dockerfile: Dockerfile
     volumes:
@@ -12,6 +13,7 @@ services:
     depends_on:
       - lime-db
     ports:
+      # Hint: Change it to 80:8080 if you are using LimeSurvey 3.*
       - "8080:8080"
     environment:
       - "DB_TYPE=pgsql"

docker-compose.yml

@@ -17,6 +17,8 @@ services:
       - "DB_HOST=lime-db"
       - "DB_PASSWORD=secret"
       - "ADMIN_PASSWORD=foobar"
+      # If you require an empty table prefix, use a space as the DB_TABLE_PREFIX
+      # - "DB_TABLE_PREFIX= "
   lime-db:
     image: mysql:5.7
     environment:

nginx-certbot/entrypoint.sh

@@ -1,25 +1,25 @@
 #!/bin/sh
 
-cert_path=/etc/letsencrypt/live/$(echo $HOSTNAMES | awk '{print $1}')
-mkdir -p cert_path
+cert_path=/etc/letsencrypt/live/$(echo "$HOSTNAMES" | awk '{print $1}')
+mkdir -p $cert_path
 
 # if there is no certificate yet, get one
 email="--email $CERT_EMAIL"
-if [ -z $CERT_EMAIL ]
+if [ -z "$CERT_EMAIL" ]
 then
     email='--register-unsafely-without-email'
 fi
-if [ ! -e $cert_path/privkey.pem ]
+if [ ! -e "$cert_path/privkey.pem" ]
 then
     names=""
     for h in $HOSTNAMES
     do
-        names=$(echo "$names -d $h")
+        names="$names -d $h"
     done
     echo "Getting new certificate..."
     /usr/bin/curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot-nginx/certbot_nginx/_internal/tls_configs/options-ssl-nginx.conf > /etc/letsencrypt/options-ssl-nginx.conf
     /usr/bin/curl -s https://raw.githubusercontent.com/certbot/certbot/master/certbot/certbot/ssl-dhparams.pem > /etc/letsencrypt/ssl-dhparams.pem
-    /usr/bin/certbot certonly --standalone $names --agree-tos $email
+    /usr/bin/certbot certonly --standalone $names --agree-tos "$email"
 fi
 
-nginx -g "daemon off;"
+nginx -g "daemon off;"

tests/fpm-alpine-tests.yaml

@@ -0,0 +1,57 @@
+schemaVersion: "2.0.0"
+
+globalEnvVars:
+  - key: "PATH"
+    value: "/env/bin:$PATH"
+
+fileContentTests:
+  - name: 'Limesurvey admin file content'
+    path: '/var/www/html/admin/index.php'
+    expectedContents: ['LimeSurvey']
+  - name: 'Entrypoint file content'
+    path: '/var/www/html/entrypoint.sh'
+    expectedContents: ['console.php', 'ADMIN_USER']
+
+fileExistenceTests:
+  - name: 'Limesurvey files'
+    path: '/var/www/html/index.php'
+    shouldExist: true
+    permissions: '-rw-rw-r--'
+  - name: 'Limesurvey admin files'
+    path: '/var/www/html/admin/index.php'
+    shouldExist: true
+    permissions: '-rw-rw-r--'
+  - name:  "Dependencies - PHP - gd"
+    path: '/usr/local/etc/php/conf.d/docker-php-ext-gd.ini'
+    shouldExist: true
+  - name:  "Dependencies - PHP - imap"
+    path: '/usr/local/etc/php/conf.d/docker-php-ext-imap.ini'
+    shouldExist: true
+  - name:  "Dependencies - PHP - ldap"
+    path: '/usr/local/etc/php/conf.d/docker-php-ext-ldap.ini'
+    shouldExist: true
+  - name:  "Dependencies - PHP - pgsql"
+    path: '/usr/local/etc/php/conf.d/docker-php-ext-pgsql.ini'
+    shouldExist: true
+  - name:  "Dependencies - PHP - zip"
+    path: '/usr/local/etc/php/conf.d/docker-php-ext-zip.ini'
+    shouldExist: true
+  - name:  "Dependencies - PHP - sodium"
+    path: '/usr/local/etc/php/conf.d/docker-php-ext-sodium.ini'
+    shouldExist: true
+  - name:  "Dependencies - PHP - pdo_mysql"
+    path: '/usr/local/etc/php/conf.d/docker-php-ext-pdo_mysql.ini'
+    shouldExist: true
+  - name:  "Dependencies - PHP - pdo_pgsql"
+    path: '/usr/local/etc/php/conf.d/docker-php-ext-pdo_pgsql.ini'
+    shouldExist: true
+
+commandTests:
+  - name:  "Dependencies - netcat"
+    command: "apk"
+    args: ["info", "-e", "netcat-openbsd"]
+    exitCode: 0
+  - name:  "Dependencies - PHP Modules"
+    command: "php"
+    args: ["-m"]
+    expectedOutput: ["ldap", "zip", "pdo_mysql", "pdo_sqlite", "gd", "mbstring", "PDO", "imap"]

tests/fpm-tests.yaml

@@ -0,0 +1 @@
+apache-tests.yaml

tests/run.sh

@@ -1,11 +0,0 @@
-#!/usr/bin/env bash
-
-IMAGE=$1
-
-if [ ! -f container-structure-test ]; then
-   curl -LO https://storage.googleapis.com/container-structure-test/latest/container-structure-test-linux-amd64
-   mv container-structure-test-linux-amd64 container-structure-test
-   chmod +x container-structure-test
-fi
-
-./container-structure-test test --image $IMAGE --config tests/image_tests.yaml

upgrade.sh

@@ -11,11 +11,14 @@ if [ $# -eq 0 ]
 fi
 
 NEW_VERSION=$1
-MAJOR_VERSION=$(echo $NEW_VERSION | cut -c 1 | awk '{print $1".0"}')
+MAJOR_VERSION="${NEW_VERSION%%.*}.0"
+NEW_TAG="${NEW_VERSION%+*}-${NEW_VERSION#*+}"
 
-grep -qc $NEW_VERSION $MAJOR_VERSION/apache/Dockerfile $MAJOR_VERSION/fpm/Dockerfile $MAJOR_VERSION/fpm-alpine/Dockerfile
+grep -qc "$NEW_VERSION" "$MAJOR_VERSION/apache/Dockerfile" "$MAJOR_VERSION/fpm/Dockerfile" "$MAJOR_VERSION/fpm-alpine/Dockerfile"
 
-if [ $? -eq 0 ]
+GREP_NEW_VERSION_EXIT_CODE=$?
+
+if [ $GREP_NEW_VERSION_EXIT_CODE -eq 0 ]
    then
        echo "Already at version ${NEW_VERSION}"
        exit 0
@@ -27,9 +30,9 @@ wget -P /tmp "https://github.com/LimeSurvey/LimeSurvey/archive/${NEW_VERSION}.ta
 SHA256_CHECKSUM=$(sha256sum "/tmp/${NEW_VERSION}.tar.gz" | awk '{ print $1 }')
 
 # Update lines in the files
-sed -r -i -e "s/[0-9]+(\.[0-9]+)+\+[0-9]+/$NEW_VERSION/" $MAJOR_VERSION/apache/Dockerfile $MAJOR_VERSION/fpm/Dockerfile $MAJOR_VERSION/fpm-alpine/Dockerfile
-sed -r -i -e "s/[A-Fa-f0-9]{64}/$SHA256_CHECKSUM/" $MAJOR_VERSION/apache/Dockerfile $MAJOR_VERSION/fpm/Dockerfile $MAJOR_VERSION/fpm-alpine/Dockerfile
+sed -r -i -e "s/[0-9]+(\.[0-9]+)+\+[0-9]+/$NEW_VERSION/" "$MAJOR_VERSION/apache/Dockerfile" "$MAJOR_VERSION/fpm/Dockerfile" "$MAJOR_VERSION/fpm-alpine/Dockerfile"
+sed -r -i -e "s/[A-Fa-f0-9]{64}/$SHA256_CHECKSUM/" "$MAJOR_VERSION/apache/Dockerfile" "$MAJOR_VERSION/fpm/Dockerfile" "$MAJOR_VERSION/fpm-alpine/Dockerfile"
 
 # After that, check and commit
-echo "git add 3.0 ; git commit -m 'Upgrading to LTS Version ${NEW_VERSION}' && git tag ${NEW_VERSION}"
-echo "git add 5.0 ; git commit -m 'Upgrading to Version ${NEW_VERSION}' && git tag ${NEW_VERSION}"
+echo "git add 3.0 ; git commit -m 'Upgrading to LTS Version ${NEW_VERSION}' && git tag ${NEW_TAG}"
+echo "git add 5.0 ; git commit -m 'Upgrading to Version ${NEW_VERSION}' && git tag ${NEW_TAG}"