fix tags

* Move entrypoint to /usr/local/bin

 - so that it's not served by the webserver

.github/workflows/build-latest-container-images.yaml

@@ -1,30 +1,10 @@
 name: Publish Latest Container Images
-on:
+on: [push, pull_request]
-  push:
-    tags:
-      - '5.*'
 
 jobs:
-  lint_dockerfiles:
-    name: Lint Dockerfile with hadolint
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        dockerfile:
-          - 5.0/apache/Dockerfile
-          - 5.0/fpm-alpine/Dockerfile
-          - 5.0/fpm/Dockerfile
-    steps:
-      - uses: actions/checkout@v2
-      - uses: hadolint/hadolint-action@v1.5.0
-        with:
-          dockerfile: ${{ matrix.dockerfile }}
-          ignore: DL4006 DL3008 DL3018
-
   push_images_to_registries:
     name: Push Container Images to registries
     runs-on: ubuntu-latest
-    needs: [lint_dockerfiles]
     environment: docker-build
     permissions:
       packages: write
@@ -49,48 +29,8 @@ jobs:
           images: |
             docker.io/martialblog/limesurvey
           tags: |
-            type=semver,pattern={{raw}},suffix=-apache
+            type=match,pattern=(.+),group=1
-            type=semver,pattern={{major}},suffix=-apache
+            type=match,pattern=^(\d+),group=1
           flavor: |
             latest=false
-      - name: 'Build and push latest Apache container images'
+            suffix=-apache
-        uses: docker/build-push-action@v2
-        with:
-          context: 5.0/apache
-          push: true
-          tags: ${{ steps.metadata-apache.outputs.tags }}
-          labels: ${{ steps.metadata-apache.outputs.labels }}
-
-      - name: 'FPM variant metadata'
-        id: metadata-fpm
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=semver,pattern={{version}},suffix=-fpm
-            type=semver,pattern={{major}},suffix=-fpm
-      - name: 'Build and push latest fpm container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 5.0/fpm
-          push: true
-          tags: ${{ steps.metadata-fpm.outputs.tags }}
-          labels: ${{ steps.metadata-fpm.outputs.labels }}
-
-      - name: 'FPM Alpine variant metadata'
-        id: metadata-fpm-alpine
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=semver,pattern={{version}},suffix=-fpm-alpine
-            type=semver,pattern={{major}},suffix=-fpm-alpine
-      - name: 'Build and push latest fpm-alpine container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 5.0/fpm-alpine
-          push: true
-          tags: ${{ steps.metadata-fpm-alpine.outputs.tags }}
-          labels: ${{ steps.metadata-fpm-alpine.outputs.labels }}

.github/workflows/build-lts-container-images.yaml

@@ -1,96 +0,0 @@
-name: Publish LTS Container Images
-on:
-  push:
-    tags:
-      - '3.*'
-
-jobs:
-  lint_dockerfiles:
-    name: 'Lint Dockerfile with hadolint'
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        dockerfile:
-          - 3.0/apache/Dockerfile
-          - 3.0/fpm-alpine/Dockerfile
-          - 3.0/fpm/Dockerfile
-    steps:
-      - uses: actions/checkout@v2
-      - uses: hadolint/hadolint-action@v1.5.0
-        with:
-          dockerfile: ${{ matrix.dockerfile }}
-          ignore: DL4006 DL3008 DL3018
-
-  push_images_to_registries:
-    name: 'Push container images to registries'
-    runs-on: ubuntu-latest
-    needs: [lint_dockerfiles]
-    environment: docker-build
-    permissions:
-      packages: write
-      contents: read
-    steps:
-      - name: 'Check out the repo'
-        uses: actions/checkout@v2
-      - name: 'Set up Docker Buildx'
-        uses: docker/setup-buildx-action@v1
-        with:
-          buildkitd-flags: --debug
-      - name: 'Log in to DockerHub'
-        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v1
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_TOKEN }}
-      - name: 'Apache variant metadata'
-        id: metadata-apache
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=semver,pattern={{raw}},suffix=-apache
-            type=semver,pattern={{major}},suffix=-apache
-          flavor: |
-            latest=false
-      - name: 'Build and push LTS apache container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 3.0/apache
-          push: true
-          tags: ${{ steps.metadata-apache.outputs.tags }}
-          labels: ${{ steps.metadata-apache.outputs.labels }}
-
-      - name: 'FPM variant metadata'
-        id: metadata-fpm
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=semver,pattern={{version}},suffix=-fpm
-            type=semver,pattern={{major}},suffix=-fpm
-      - name: 'Build and push LTS fpm container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 3.0/fpm
-          push: true
-          tags: ${{ steps.metadata-fpm.outputs.tags }}
-          labels: ${{ steps.metadata-apache.outputs.labels }}
-
-      - name: 'FPM Alpine variant metadata'
-        id: metadata-fpm-alpine
-        uses: docker/metadata-action@v3
-        with:
-          images: |
-            docker.io/martialblog/limesurvey
-          tags: |
-            type=semver,pattern={{version}},suffix=-fpm-alpine
-            type=semver,pattern={{major}},suffix=-fpm-alpine
-      - name: 'Build and push LTS fpm-alpine container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 3.0/fpm-alpine
-          push: true
-          tags: ${{ steps.metadata-fpm-alpine.outputs.tags }}
-          labels: ${{ steps.metadata-apache.outputs.labels }}

.github/workflows/lint-dockerfiles.yaml

@@ -1,24 +0,0 @@
----
-name: Lint Dockerfile
-
-on: [push, pull_request]
-
-jobs:
-  lint:
-    name: Lint Dockerfile with hadolint
-    strategy:
-      matrix:
-        dockerfile:
-          - 3.0/apache/Dockerfile
-          - 3.0/fpm-alpine/Dockerfile
-          - 3.0/fpm/Dockerfile
-          - 5.0/apache/Dockerfile
-          - 5.0/fpm-alpine/Dockerfile
-          - 5.0/fpm/Dockerfile
-    runs-on: ubuntu-latest
-    steps:
-      - uses: actions/checkout@v2
-      - uses: hadolint/hadolint-action@v1.5.0
-        with:
-          dockerfile: ${{ matrix.dockerfile }}
-          ignore: DL4006 DL3008 DL3018

.github/workflows/test-latest-container-images.yaml

@@ -1,34 +0,0 @@
-name: Test Latest Container Images
-
-on: [push, pull_request]
-
-jobs:
-  test_images:
-    name: Test Latest Container Images with Trivy
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        context:
-          - apache
-          - fpm-alpine
-          - fpm
-    steps:
-      - name: 'Check out the repo'
-        uses: actions/checkout@v2
-
-      - name: 'Set up Docker Buildx'
-        uses: docker/setup-buildx-action@v1
-
-      - name: 'Build Container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 5.0/${{ matrix.context }}
-          push: false
-          load: true
-          tags: docker.io/martialblog/limesurvey:5-${{ matrix.context }}
-
-      - name: 'Run Structure tests'
-        uses: plexsystems/container-structure-test-action@v0.2.0
-        with:
-          image: docker.io/martialblog/limesurvey:5-${{ matrix.context }}
-          config: tests/${{ matrix.context }}-tests.yaml

.github/workflows/test-lts-container-images.yaml

@@ -1,34 +0,0 @@
-name: Test LTS Container Images
-
-on: [push, pull_request]
-
-jobs:
-  test_images:
-    name: Test LTS Container Images with Trivy
-    runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        context:
-          - apache
-          - fpm-alpine
-          - fpm
-    steps:
-      - name: 'Check out the repo'
-        uses: actions/checkout@v2
-
-      - name: 'Set up Docker Buildx'
-        uses: docker/setup-buildx-action@v1
-
-      - name: 'Build Container images'
-        uses: docker/build-push-action@v2
-        with:
-          context: 3.0/${{ matrix.context }}
-          push: false
-          load: true
-          tags: docker.io/martialblog/limesurvey:3-${{ matrix.context }}
-
-      - name: 'Run Structure tests'
-        uses: plexsystems/container-structure-test-action@v0.2.0
-        with:
-          image: docker.io/martialblog/limesurvey:3-${{ matrix.context }}
-          config: tests/${{ matrix.context }}-tests.yaml

3.0/apache/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:7.4-apache
 LABEL maintainer="markus@martialblog.de"
-ARG version='3.27.23+211102'
+ARG version='3.27.25+211116'
-ARG sha256_checksum='9544dbd18ee66256c1ef1f8047d7d6ffcc70c791f7c040045d6ea65963a45a84'
+ARG sha256_checksum='91ecfecffc3a437dbb14dec19054d64f07849fe1de00a1322699bd1f50185582'
 ARG USER=root
 ARG LISTEN_PORT=80
 
@@ -75,8 +75,8 @@ RUN set -ex; \
         chown -R www-data:www-data /var/www/html /etc/apache2
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
 COPY vhosts-access-log.conf /etc/apache2/conf-enabled/other-vhosts-access-log.conf
 USER $USER
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["apache2-foreground"]

3.0/fpm-alpine/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:7.4-fpm-alpine
 LABEL maintainer="markus@martialblog.de"
-ARG version='3.27.23+211102'
+ARG version='3.27.25+211116'
-ARG sha256_checksum='9544dbd18ee66256c1ef1f8047d7d6ffcc70c791f7c040045d6ea65963a45a84'
+ARG sha256_checksum='91ecfecffc3a437dbb14dec19054d64f07849fe1de00a1322699bd1f50185582'
 
 # Install OS dependencies
 RUN set -ex; \
@@ -52,6 +52,6 @@ RUN set -ex; \
 EXPOSE 9000
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["php-fpm"]

3.0/fpm/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:7.4-fpm
 LABEL maintainer="markus@martialblog.de"
-ARG version='3.27.23+211102'
+ARG version='3.27.25+211116'
-ARG sha256_checksum='9544dbd18ee66256c1ef1f8047d7d6ffcc70c791f7c040045d6ea65963a45a84'
+ARG sha256_checksum='91ecfecffc3a437dbb14dec19054d64f07849fe1de00a1322699bd1f50185582'
 
 # Install OS dependencies
 RUN set -ex; \
@@ -62,6 +62,6 @@ RUN set -ex; \
 EXPOSE 9000
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["php-fpm"]

5.0/apache/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:8-apache
 LABEL maintainer="markus@martialblog.de"
-ARG version='5.2.0+211110'
+ARG version='5.2.2+211115'
-ARG sha256_checksum='4f1299a463d72c6eb8d7acf8fbadecd867cf78c13075bafc2524e1842a661a83'
+ARG sha256_checksum='61148c6131ea99a699d95117d1b53f1ba7971c609c93353e7b6221dd13515659'
 ARG USER=www-data
 ARG LISTEN_PORT=8080
 
@@ -78,8 +78,8 @@ RUN set -ex; \
 EXPOSE $LISTEN_PORT
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
 COPY vhosts-access-log.conf /etc/apache2/conf-enabled/other-vhosts-access-log.conf
 USER $USER
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["apache2-foreground"]

5.0/fpm-alpine/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:8-fpm-alpine
 LABEL maintainer="markus@martialblog.de"
-ARG version='5.2.0+211110'
+ARG version='5.2.2+211115'
-ARG sha256_checksum='4f1299a463d72c6eb8d7acf8fbadecd867cf78c13075bafc2524e1842a661a83'
+ARG sha256_checksum='61148c6131ea99a699d95117d1b53f1ba7971c609c93353e7b6221dd13515659'
 ARG USER=www-data
 
 # Install OS dependencies
@@ -54,7 +54,7 @@ RUN set -ex; \
 EXPOSE 9000
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
 USER $USER
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["php-fpm"]

5.0/fpm/Dockerfile

@@ -1,7 +1,7 @@
 FROM php:8-fpm
 LABEL maintainer="markus@martialblog.de"
-ARG version='5.2.0+211110'
+ARG version='5.2.2+211115'
-ARG sha256_checksum='4f1299a463d72c6eb8d7acf8fbadecd867cf78c13075bafc2524e1842a661a83'
+ARG sha256_checksum='61148c6131ea99a699d95117d1b53f1ba7971c609c93353e7b6221dd13515659'
 ARG USER=www-data
 
 # Install OS dependencies
@@ -63,7 +63,7 @@ RUN set -ex; \
 EXPOSE 9000
 
 WORKDIR /var/www/html
-COPY entrypoint.sh entrypoint.sh
+COPY entrypoint.sh /usr/local/bin/entrypoint.sh
 USER $USER
-ENTRYPOINT ["/var/www/html/entrypoint.sh"]
+ENTRYPOINT ["/usr/local/bin/entrypoint.sh"]
 CMD ["php-fpm"]

docker-compose.fpm.alpine.yml

@@ -20,6 +20,8 @@ services:
     image: nginx:alpine
     links:
       - limesurvey
+    depends_on:
+      - limesurvey
     ports:
       - "8080:80"
     volumes:

examples/nginx.conf

@@ -19,7 +19,7 @@ http {
         location / {
             try_files $uri /index.php?$args;
         }
-        location ~ ^/(protected|framework|themes/\w+/views) {
+        location ~ ^/(protected|application|framework|themes/\w+/views) {
             deny  all;
         }
         location ~ \.(js|css|png|jpg|gif|swf|ico|pdf|mov|fla|zip|rar)$ {

tests/apache-tests.yaml

@@ -9,7 +9,7 @@ fileContentTests:
     path: '/var/www/html/admin/index.php'
     expectedContents: ['LimeSurvey']
   - name: 'Entrypoint file content'
-    path: '/var/www/html/entrypoint.sh'
+    path: '/usr/local/bin/entrypoint.sh'
     expectedContents: ['console.php', 'ADMIN_USER']
 
 fileExistenceTests:

tests/fpm-alpine-tests.yaml

@@ -9,7 +9,7 @@ fileContentTests:
     path: '/var/www/html/admin/index.php'
     expectedContents: ['LimeSurvey']
   - name: 'Entrypoint file content'
-    path: '/var/www/html/entrypoint.sh'
+    path: '/usr/local/bin/entrypoint.sh'
     expectedContents: ['console.php', 'ADMIN_USER']
 
 fileExistenceTests: