I have my own php image, which I would like to use for my project to run tests on.
container: rela589n/doctrine-event-sourcing-php:latest
services:
test_db:
image: postgres:13-alpine
env:
POSTGRES_DB: des
POSTGRES_USER: des_user
POSTGRES_PASSWORD: p#$$w0rd
steps:
- uses: actions/checkout#v2
- whatever_needed_to_run_tests_inside_container
This fails on checkout action with such error:
EACCES: permission denied, open '/__w/doctrine-event-sourcing/doctrine-event-sourcing/6977c4d4-3881-44e9-804e-ae086752556e.tar.gz'
And this is logical as in fresh docker container there's no such folder structure. What i thought to do is run checkout action inside virtual machine provided runs-on: ubuntu-20.04 and configure volume for docker so that it will have access to code. However I have no idea neither is it a good practice to do this way nor how to implement this. I guess even if it is possible to do this way it won't work for other actions.
Had the same issue when trying to use my own Docker image. In my case, installing everything I need on the fly was not an option, so I had to fix this issue.
It appears that GitHub runs the Docker image with user 1001 named runner and group 121 named docker. After adding the group, adding the user and adding the user to sudoers the problem was solved.
Notice that the checkout path starts with /_w which is strange. If I perform actions/checkout#v2 without my container, the path is /home/runner. Not sure how to solve that yet.
Thanks, this really helped me to find the issue when trying to deploy a CDK project from within a Docker container on Github Actions.
I was getting a permission denied error after checking out the code, and trying to deploy it.
Error: EACCES: permission denied, mkdir '/__w/arm-test/arm-test/cdk.out/asset.7d21b14f781f8b0e4ebb3b30c66614a80f71a2c1637298e5557a97662fce0abe'
This issue had the workaround of running the container with the same user and group as the Github Actions runner, so that it matched with the permissions of the source code directory: https://github.com/actions/runner/issues/691
jobs:
configure:
runs-on: ubuntu-latest
outputs:
uid_gid: ${{ steps.get-user.outputs.uid_gid }}
steps:
- id: get-user
run: echo "::set-output name=uid_gid::$(id -u):$(id -g)"
clone-and-install:
needs: configure
runs-on: ubuntu-latest
container:
image: mcr.microsoft.com/vscode/devcontainers/base:ubuntu
options: --user ${{ needs.configure.outputs.uid_gid }}
steps:
- uses: actions/checkout#v2
Related
I have a problem to deploy a symfony project with github action. I can connect with ssh and execute a git pull or a php bin/console doctrine:migrations:migrate, but it's impossible to use the compose command.
I followed the various explanations of ionos (https://www.ionos.com/digitalguide/websites/web-development/using-php-composer-in-ionos-webhosting-packages/) but github actions tells me "Could not open input file: composer.phar".
Here is my script if anyone has an idea
name: CD
on:
push:
branches: [ develop ]
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: SSH and Deploy
uses: appleboy/ssh-action#master
with:
host: ${{ secrets.APP_HOST }}
username: ${{ secrets.APP_USER }}
password: ${{ secrets.APP_PASS }}
port: 22
script: |
cd /homepages/14/d800745077/htdocs/clickandbuilds/dashJob
git pull
/usr/bin/php8.0-cli composer.phar i
/usr/bin/php8.0-cli bin/console d:m:m -n
It depends on your current working directory.
If the repository has composer.phar in your remote repository you just pulled, then the command would work.
If not, replace it with a find . -name "composer.phar" to check where that file is in the repository.
IONOS is offering a tooling named Deploy Now that should ease your setup. For PHP you can find docs here.
If you've worked with Laravel and Lando together, you probably know that Lando gives you its own artisan shortcut. So instead of having to run lando php artisan ..., you can run lando artisan ....
However, when I do that, I get this error:
Could not open input file: /app/./../artisan
This forces me to have to run lando php artisan to run any artisan commands, and that does work fine. So far, this is all that's going wrong with my project in Lando. Everything else is running smoothly.
Here's what my lando config looks like:
name: laravel-project
recipe: laravel
config:
php: '7.4'
composer_version: '2.0.12'
database: mysql:8.0
services:
appserver:
webroot: public
xdebug: true
config:
php: .vscode/php.ini
node:
type: node:14
tooling:
node:
service: node
yarn:
service: node
Also, this does look a bit different from Lando's sample config on their website. This is because I was trying to configure xdebug according to their "Using Lando with VSCode" instructions (see Lando rc.2+ version).
Appreciate any help figuring this weird issue out. It's not debilitating, but it does get in the way when I forget the workaround.
Other notes:
"webroot" is set to "public" because that's where the public-facing directory is for a Laravel app. The example Lando config for Laravel has this part wrong and it causes the project root to be visible to the browser.
I got it working. I moved the webroot key back under the top-level config. Not sure what the difference is, but as long as it works... I guess the only thing I really need to specify in the appserver service is the Xdebug settings.
name: laravel-project
recipe: laravel
config:
php: '7.4'
composer_version: '2.0.12'
webroot: public
database: mysql:8.0
services:
appserver:
xdebug: true
config:
php: .vscode/php.ini
node:
type: node:14
tooling:
node:
service: node
yarn:
service: node
I am using sonarqube to analyze the code of my project in PHP, everything is set up and partially working, the problem is as follows, I do a check with the Sonar scanner on my pull-requests and merge with the branch master, the analysis it is being carried out, but only in the modified files. I would need to analyze all the code at least on the merge with the master branch. When I go to Project -> code, I only have a few files in the master branch.
I would like to know if there is any parameter that can be passed in the scanner so that it always analyzes all files as it is done with the scanner run locally.
Code scanner
name: Analyze pull request
on:
pull_request:
types: [opened, edited, reopened, synchronize]
branches:
- master
jobs:
SonarQube-Scanner-pull_request:
runs-on: ubuntu-latest
steps:
- name: Setup sonarqube
uses: warchant/setup-sonar-scanner#v1
- name: 'Checkout repository on branch: ${{ github.REF }}'
uses: actions/checkout#v2
with:
ref: ${{ github.HEAD_REF }}
- name: Retrieve entire repository history
run: |
git fetch --prune --unshallow
- name: Run an analysis of the PR
env:
# to get access to secrets.SONAR_TOKEN, provide GITHUB_TOKEN
GITHUB_TOKEN:
run: sonar-scanner
-Dsonar.host.url=
-Dsonar.login=
-Dsonar.projectKey=Project
-Dsonar.qualitygate.wait=true
-Dsonar.pullrequest.key=${{ github.event.number }}
-Dsonar.pullrequest.branch=${{ github.HEAD_REF }}
-Dsonar.pullrequest.base=${{ github.BASE_REF }}
-Dsonar.pullrequest.github.repository=${{ github.repository }}
-Dsonar.scm.provider=git
-Dsonar.java.binaries=/tmp
enter image description here
Thank you for your help
Can you try by giving sonar.projectBaseDir and sonar.sources in sonar analysis properties.
Find more details here Alternate Analysis Directory
I'm using Symfony 5.0.7
My live deploy ansible after-symlink-shared.yaml file:
---
- name: Set up infrastructure-related parameters
template:
src: '{{ playbook_dir }}/templates/.env_live.dist'
dest: '{{ ansistrano_release_path.stdout }}/.env'
- name: Install Composer dependencies
composer:
command: install
arguments: --classmap-authoritative
no_dev: no
optimize_autoloader: yes
working_dir: '{{ ansistrano_release_path.stdout }}'
- name: Clear the cache
command: 'php {{ release_console_path }} cache:clear --no-warmup --env=prod'
- name: Warm up the cache
command: 'php {{ release_console_path }} cache:warmup --env=prod'
- name: Create DB if not exists
command: 'php {{ release_console_path }} doctrine:database:create --if-not-exists --env=prod'
register: create_db_output
changed_when: create_db_output.stdout is not search('already exists. Skipped')
- name: Run migrations
command: 'php {{ release_console_path }} doctrine:migrations:migrate --no-interaction --env=prod'
register: run_migrations_output
changed_when: run_migrations_output.stdout is not search('No migrations to execute')
- name: Install bundle assets
command: 'php {{ release_console_path }} assets:install --symlink --env=prod {{ ansistrano_release_path.stdout }}/public'
- name: Copy build directory
command: 'cp -a {{ ansistrano_release_path.stdout }}/public/build /var/www/project/public'
tags:
- deploy
The deployment works perfectly, however every time I deploy to the server, my production environment hits a 500 error.
I take a look at my prod.log file to understand what is causing the error and I get the following:
[2020-05-09 21:40:59] request.CRITICAL: Uncaught PHP Exception RuntimeException: "Unable to create the storage directory (/var/www/project/symfony/releases/20200509213543Z/var/cache/prod/profiler)." at /var/www/project/symfony/releases/20200509213543Z/vendor/symfony/http-kernel/Profiler/FileProfilerStorage.php line 43 {"exception":"[object] (RuntimeException(code: 0): Unable to create the storage directory (/var/www/project/symfony/releases/20200509213543Z/var/cache/prod/profiler). at /var/www/project/symfony/releases/20200509213543Z/vendor/symfony/http-kernel/Profiler/FileProfilerStorage.php:43)"} []
[2020-05-09 21:40:59] php.CRITICAL: Uncaught Exception: Unable to create the storage directory (/var/www/project/symfony/releases/20200509213543Z/var/cache/prod/profiler). {"exception":"[object] (RuntimeException(code: 0): Unable to create the storage directory (/var/www/project/symfony/releases/20200509213543Z/var/cache/prod/profiler). at /var/www/project/symfony/releases/20200509213543Z/vendor/symfony/http-kernel/Profiler/FileProfilerStorage.php:43)"} []
[2020-05-09 21:40:59] request.CRITICAL: Uncaught PHP Exception RuntimeException: "Unable to create the storage directory (/var/www/project/symfony/releases/20200509213543Z/var/cache/prod/profiler)." at /var/www/project/symfony/releases/20200509213543Z/vendor/symfony/http-kernel/Profiler/FileProfilerStorage.php line 43 {"exception":"[object] (RuntimeException(code: 0): Unable to create the storage directory (/var/www/project/symfony/releases/20200509213543Z/var/cache/prod/profiler). at /var/www/project/symfony/releases/20200509213543Z/vendor/symfony/http-kernel/Profiler/FileProfilerStorage.php:43)"} []
[2020-05-09 21:40:59] php.CRITICAL: Uncaught Exception: Unable to create the storage directory (/var/www/project/symfony/releases/20200509213543Z/var/cache/prod/profiler). {"exception":"[object] (RuntimeException(code: 0): Unable to create the storage directory (/var/www/project/symfony/releases/20200509213543Z/var/cache/prod/profiler). at /var/www/project/symfony/releases/20200509213543Z/vendor/symfony/http-kernel/Profiler/FileProfilerStorage.php:43)"}
This looks like a permissions issue because every time I deploy, this error comes up. Is is possible I can do something from the NGINX perspective to ensure this functions properly? Or is this an ansible solution? I'm trying to avoid manually fixing these errors with each deployment.
The user running the deployment seems to be different than the one that runs php, that's why the user doesn't have permissions to the cache directory after cache:warmup is run.
You have several options:
Change the user the app runs under:
Since you say you are using nginx I guess you are running php-fpm. You can change the user and group parameters in your php-fpm.conf to the one running the deployment. If you are running multiple applications, create a new pool. (Here's slightly outdated guide to fpm and pools to get you going, and the FPM reference).
Adjust primary groups and umask or acls so both users have access.
Run the cache tasks as the php user using become.
Fix permissions as part of the deploy process by running an ansible task. You can use the file module for this. You can either use open permissions or use become.
Keep in mind that using become (the last two options) requires changing the sudoers file so the deploy user can act as the php user.
If you have an uploads directory under public that needs write access by the php process, you need to fix those permissions too.
I figured out the issue.
It was purely a permissions issue that I had to firstly go to the highest level folder of where the var prod folder was and updated the permissions using chown then updated the permissions for all folder below recursively using chmod to ensure everything else moving forward would be written just as the parent was.
Issue happens probably because ansible runs on root user, but PHP server didn't
Try to add the last step for change ownership of directory in the playbook
- name: Fix user rights
command: 'chown -R www-data: /var/www/project/public'
tags:
- deploy
in my example ownership grants to user www-data (default), but in your case it can be different.
For check right user, use command
cd /var/www/project && ls -la
I am trying to integrate sonarcloud with Bitbucket pipeline. I have a simple test project with single file named index.php consisting few lines.
I am exactly not sure what method should I follow.
I have created sonar-project.properties files that consists following lines.
sonar.sourceEncoding=UTF-8
sonar.host.url=https://sonarcloud.io/dashboard?id=first_ftp
sonar.projectKey=first_ftp
Here is my yml file
image: aariacarterweir/lamp-gitftp:latest
clone:
depth: full # SonarCloud scanner needs the full history to assign issues properly
definitions:
caches:
sonar: ~/.sonar/cache # Caching SonarCloud artifacts will speed up your build
steps:
- step: &build-test-sonarcloud
name: Build, test and analyze on SonarCloud
caches:
- node
- sonar
script:
- npm install --quiet
- npm run test -- --code-coverage --no-watch --no-progress --browsers=ChromeHeadlessNoSandbox
- pipe: sonarsource/sonarcloud-scan:0.1.5
variables:
SONAR_TOKEN: ${SONAR_TOKEN}
EXTRA_ARGS: '-Dsonar.sources=src -Dsonar.tests=src -Dsonar.test.inclusions="**/testing/**,**/*.spec.ts" -Dsonar.typescript.lcov.reportPaths=coverage/lcov.info'
When I check into sonarcloud website, It tells
The main branch has no lines of code
Can anybody help me how to configure properly sonarcloud with bitbucket for php project.
I've had the same issue - in my case it was because of the name of the project - it was called ---------Test, and apparently, by default, Sonar will treat that as a test assembly and will exclude it from analysis.
Before running code analysis in bitbucket pipelines, you would have to first manually run analysis(only once). By following below steps.