I have a build plan in Atlassian Bamboo that builds a Docker image of a PHP project. The image includes Apache2, PHP and dependencies, and of course the project itself. When I try to run the Docker image generated by this build plan, I get a permission denied error to the project.
I am using root as the primary user in the Docker container. I also tried to include a chown command in the Dockerfile for www-data:www-data for the PHP project directory but the problem did not go away.
This is what happens to the permission of the indicated file:
--w------- 1 root root 582 Feb 18 12:17 index.php
The contents of the Dockerfile
FROM php:apache
RUN apt-get update && export DEBIAN_FRONTEND=noninteractive && ln -fs /usr/share/zoneinfo/Asia/Manila /etc/localtime \
&& apt-get install -y libzip-dev libpng-dev unzip git tzdata libpq-dev && dpkg-reconfigure --frontend noninteractive tzdata \
&& docker-php-ext-configure pgsql -with-pgsql=/usr/local/pgsql \
&& docker-php-ext-install pdo_pgsql pgsql zip gd \
&& rm -rf /var/lib/apt
WORKDIR /var/www/html
COPY composer.json .
COPY composer.lock .
COPY composer.phar .
RUN php composer.phar install
RUN chmod 775 -R /var/www/html
COPY . .
I came across this post indicating that the problem was an internal change in Atlassian Bamboo. What I did then was to use 771 as the permission for all the files in the PHP project and changed the ownership as well through chown. This combination was the correct one apparently and allowed the application to run.
Related
I have a project with separate frontend and backend (ReactJS + Laravel) and now I need the docker image of them also separate, the problem is that I can't create a docker image for Laravel smaller than 100mb.
My React directory is 700mb (with node_modules), but for production I do the "build" and just use the build on a Nginx docker image, generating a .tar of 50mb (the docker .tar is bigger than the normal, but 50mb is fine).
My Laravel directory has 240mb (with Vendor) and all the ways I used to create an image for production generate a .tar (final image) between 600mb and 1gb. How to make a "build" of laravel and use only it in Nginx like I did with Reactjs?
Important: If it's possible to use only one file (Dockerfile) as I do it will be PERFECT, I don't want to involve external configuration files or docker_composer, but if it's not possible I accept these alternatives.
My Nginx image using only reactjs build (52mb):
FROM node:16-alpine as build
ENV PATH /app/node_modules/.bin:$PATH
WORKDIR /app
COPY . /app
RUN yarn
RUN yarn add react-scripts#5.0 -g
RUN yarn build
# -----------------------------------------------------------------------------
FROM fitiavana07/nginx-react
COPY --from=build /app/build /usr/share/nginx/html
EXPOSE 80
CMD nginx -g 'daemon off;'
My Laravel image (1gb):
FROM webdevops/php-nginx:8.0
# Get latest Composer
# COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
RUN curl -sS https://getcomposer.org/installer | \
php -- --install-dir=/usr/local/bin --filename=composer
RUN apt-get update
RUN apt-get -y install git libicu-dev libonig-dev libzip-dev \
unzip locales libpng-dev libonig-dev libxml2-dev
RUN apt-get clean
RUN rm -rf /var/lib/apt/lists/*
RUN locale-gen en_US.UTF-8
RUN localedef -f UTF-8 -i en_US en_US.UTF-8
RUN mkdir /var/run/php-fpm
RUN docker-php-ext-install intl pdo_mysql zip bcmath mbstring \
exif pcntl bcmath gd
ENV WEB_DOCUMENT_ROOT /app/public
ENV APP_ENV production
WORKDIR /app
COPY . .
RUN composer install --no-interaction --optimize-autoloader --no-dev
# Optimizing Configuration loading
RUN php artisan config:cache
# Optimizing Route loading
RUN php artisan route:cache
# Optimizing View loading
# RUN php artisan view:cache
RUN chown -R application:application .
I am trying to deploy my Laravel application on AWS using docker image by following given tutorial:
https://medium.com/#okekedesmond/deploying-containerized-laravel-application-using-aws-ec2-instances-with-docker-and-rds-883e8f6d6245
I am stuck at first point while building docker image. Here is my Dockerfile:
# Defining the base image for our project, if you understand how docker images and layers work, this should not be difficult to understand.
FROM php:7.3-cli
# We need to update the image and install some import packages
RUN apt-get update -y && apt-get install -y openssl zip unzip git curl libpng-dev libonig-dev libxml2-dev
# cleaning packages and install scripts
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
# Installing composer which is used to install Laravel
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin –filename=composer
#Creating a configuration file for apache and linking
ADD 000-default.conf /etc/apache2/sites-available/
RUN ln -sf /etc/apache2/sites-available/000-default.conf /etc/apache2/sites-enabled/000-default.conf
#Restarting Apache
RUN a2enmod rewrite
RUN service apache2 restart
# Create a work directory and copy all project file into the
WORKDIR /var/www/app/
COPY . /var/www/app
#Granting permissions to files and folders
RUN chmod -R o+w /var/www/app/storage
RUN chown -R www-data:www-data ./storage
RUN chgrp -R www-data storage bootstrap/cache
RUN chmod -R ug+rwx storage bootstrap/cache
RUN chmod -R 755 /var/www/app/
RUN find /var/www/app/ -type d -exec chmod 775 {} \;
RUN chown -R www-data:www-data /var/www
# Installing dependencies from laravel package
RUN composer install --no-scripts --no-autoloader --no-ansi --no-interaction --working-dir=/var/www/app
#Running some packages
RUN docker-php-ext-install mbstring pdo pdo_mysql mbstring exif pcntl bcmath gd opcache
#Running Laravel on docker, because we are using the php-7.3-cli so we have to use a php server in our docker image
CMD php artisan serve --host=0.0.0.0 --port=80
EXPOSE 80`
It is giving error at step no. 5:
Step 5/21 : ADD 000-default.conf /etc/apache2/sites-available/
ADD failed: file not found in build context or excluded by .dockerignore: stat 000-default.conf: file does not exist
How do I solve it on windows? any help will be appreciated
I think the best solution is to manually make a new one, here is an example file:
https://gist.github.com/tjtoml/942d696c868b22a25259
And it should be located in:
/etc/apache2/sites-available/000-default.conf
It could be that you have to customize it for your needs
Running Laravel on an appache server.
Upon building the image with docker-compose up --build with the following Dockerfile
FROM php:7.3-apache-stretch
RUN apt-get update -y && apt-get install -y libpng-dev
RUN docker-php-ext-install pdo pdo_mysql gd
FROM composer:1.9.0 as build
WORKDIR /app
COPY . /app
RUN composer global require hirak/prestissimo && composer install
I am getting the error message:
phpoffice/phpspreadsheet 1.13.0 requires ext-gd * -> the requested PHP extension gd is missing from your system.
This happens when the composer install command runs.
As you can see up, I am actually installing gd from php, so it should not give me this error message.
Do you have any idea how I can solve it?
Thanks!
It's happen, because you are using multistage building and your composer second stage have nothing to do with previous build using PHP container. Primary use case with multistaging is to produce some useful artefacts which can be used later.
So what I suggest is to copy composer file from composer image, then place it somewhere in your php container.
I will give you my solution which is working perfectly for me with laravel/symfony etc.
FROM php:7.4.4-fpm
# We copy composer from it's original image to our php container to use it later.
COPY --from=composer:1.9 /usr/bin/composer /usr/bin/composer
WORKDIR /var/www
ARG USER_ID
RUN useradd -s /bin/bash -d /home/user/ -m -G sudo,www-data user -u $USER_ID
RUN apt update && apt install -y zip unzip wget zlib1g-dev libicu-dev
RUN docker-php-ext-install pdo_mysql intl opcache gd
USER user
RUN wget https://get.symfony.com/cli/installer -O - | bash
ENV PATH="/home/user/.symfony/bin:${PATH}"
COPY php.ini /usr/local/etc/php
# You can also run here composer install, depends on your use case
You can change your docker image. For example try this:
FROM richarvey/nginx-php-fpm
WORKDIR /app
RUN php ./artisan config:cache && composer install
I am trying to install OCI8 extension on my Alpine Linux Docker environment. Although there are several places saying it won't work, there are some which say it actually does. I have a 3.4 version and for corporate reasons it is staying like that for now.
I have done this within my Docker conf:
# Install Oracle Client and build OCI8 (Oracel Command Interface 8 - PHP extension)
USER root
ENV LD_LIBRARY_PATH=/usr/local/instantclient
ENV ORACLE_HOME=/usr/local/instantclient
RUN apk update && apk upgrade
RUN apk add musl-dev libaio autoconf && apk add --update make
## Unzip Instant Client v12
RUN pecl channel-update pecl.php.net
COPY instantclient_12_2.zip /var/www/html/instantclient_12_2.zip
RUN unzip -d /usr/local/ /var/www/html/instantclient_12_2.zip
RUN ln -s /usr/local/instantclient_12_2 /${ORACLE_HOME} && \
ln -s /${ORACLE_HOME}/libclntsh.so.* /${ORACLE_HOME}/libclntsh.so && \
ln -s /${ORACLE_HOME}/libocci.so.* /${ORACLE_HOME}/libocci.so && \
ln -s /${ORACLE_HOME}/lib* /usr/lib && \
ln -s /${ORACLE_HOME}/sqlplus /usr/bin/sqlplus &&\
ln -s /usr/lib/libnsl.so.2.0.0 /usr/lib/libnsl.so.1
RUN apk add gcc; exit 0 # This has a history of failing sometimes
RUN echo "instantclient,/usr/local/instantclient" | pecl install oci8 &&\
echo 'extension=oci8.so' > /usr/local/etc/php/conf.d/30-oci8.ini &&\
rm -rf /tmp/*.zip /var/cache/apk/* /tmp/pear/
Now the build passes, and it looks okay, however when I do a php -v I am getting the following:
PHP Warning: PHP Startup: Unable to load dynamic library
'/usr/local/lib/php/extensions/no-debug-non-zts-20160303/oci8.so' -
Error loading shared library libnsl.so.1: No such file or directory
(needed by /usr/local/instantclient/libclntsh.so.12.1) in Unknown on
line 0
PHP version is 7.1.12.
What I've tried is doing apk add libnsl but this returns me this error:
ERROR: unsatisfiable constraints: so:libtirpc.so.3 (missing):
So I tried also adding apk add libtirpc-dev (the 'plain' libtirpc isn't available for my version or something), but that changed nothing.
Any clues?
I share my version of docker that I made to work with the latest version of alpine and instantclient basiclite. The size of the docker image is 124 mb.
I share my github where you can download it
Docker + alpine + Instantclient Basiclite
Or you can see below the content of the dockerfile
FROM alpine:latest
# Install Instantclient Basic Light Oracle and Dependencies
RUN apk --no-cache add libaio libnsl libc6-compat curl && \
cd /tmp && \
curl -o instantclient-basiclite.zip https://download.oracle.com/otn_software/linux/instantclient/instantclient-basiclite-linuxx64.zip -SL && \
unzip instantclient-basiclite.zip && \
mv instantclient*/ /usr/lib/instantclient && \
rm instantclient-basiclite.zip && \
ln -s /usr/lib/instantclient/libclntsh.so.19.1 /usr/lib/libclntsh.so && \
ln -s /usr/lib/instantclient/libocci.so.19.1 /usr/lib/libocci.so && \
ln -s /usr/lib/instantclient/libociicus.so /usr/lib/libociicus.so && \
ln -s /usr/lib/instantclient/libnnz19.so /usr/lib/libnnz19.so && \
ln -s /usr/lib/libnsl.so.2 /usr/lib/libnsl.so.1 && \
ln -s /lib/libc.so.6 /usr/lib/libresolv.so.2 && \
ln -s /lib64/ld-linux-x86-64.so.2 /usr/lib/ld-linux-x86-64.so.2
ENV ORACLE_BASE /usr/lib/instantclient
ENV LD_LIBRARY_PATH /usr/lib/instantclient
ENV TNS_ADMIN /usr/lib/instantclient
ENV ORACLE_HOME /usr/lib/instantclient
I might be late to answer this. I got the same problem of having a alpine base image and add oracle client to that. So i came up with this solution -
https://github.com/Shrinidhikulkarni7/OracleClient_Alpine
Here is the Dockerfile, but you would also need the shell script in it for it to work.
FROM alpine:latest
ENV LD_LIBRARY_PATH=/lib
RUN wget https://download.oracle.com/otn_software/linux/instantclient/193000/instantclient-basic-linux.x64-19.3.0.0.0dbru.zip && \
unzip instantclient-basic-linux.x64-19.3.0.0.0dbru.zip && \
cp -r instantclient_19_3/* /lib && \
rm -rf instantclient-basic-linux.x64-19.3.0.0.0dbru.zip && \
apk add libaio
ADD script.sh /root/script.sh
RUN /root/script.sh
Over here I'm directly downloading the oracle client inside image, setting the path, adding packages and finally using the shell script for creating symbolic link.
I'd recommend using an operating system supported by Oracle, thus avoiding the headache of hacking Alpine and the uncertainty that it won't fall over at a critical time. And thus giving you some confidence your business won't be negatively impacted. Try https://github.com/oracle/docker-images/tree/master/OracleInstantClient
Other comments
Don't set ORACLE_HOME when using Instant Client. That variable is
for full software installs.
Use ldconfig to set the system library path, see
the Instant Client installation instructions e.g. here.
Use Instant Client 19, which can connect to the same DB versions that 12.2 can. (19 is really the renamed terminal 12.2 release in the new versioning system)
Using Oracle Linux Docker images has the advantage that it will download and install the 19 Instant Client without you having to manually do the download.
See this blog for info about the 'slim' Oracle Linux container it uses.
Here is the Dockerfile For Golang With ORACLE-CLIENT
FROM golang:alpine
RUN apk update
ENV CLIENT_FILENAME instantclient-basic-linux.x64-12.1.0.1.0.zip
WORKDIR /opt/oracle/lib
ADD https://github.com/bumpx/oracle-instantclient/raw/master/${CLIENT_FILENAME} .
RUN echo "http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
apk add --update libaio libnsl && \
ln -s /usr/lib/libnsl.so.2 /usr/lib/libnsl.so.1
RUN LIBS="*/libociei.so */libons.so */libnnz12.so */libclntshcore.so.12.1 */libclntsh.so.12.1" && \
unzip ${CLIENT_FILENAME} ${LIBS} && \
for lib in ${LIBS}; do mv ${lib} /usr/lib; done && \
ln -s /usr/lib/libclntsh.so.12.1 /usr/lib/libclntsh.so && \
rm ${CLIENT_FILENAME}
RUN mkdir /app
ADD . /app
WORKDIR /app
RUN apk add git
RUN apk add libc-dev
RUN apk add gcc
RUN go mod tidy
RUN go build -o main .
CMD ["/app/main"]
I was just tackling a similar problem to this using the Godror Golang Driver for Oracle. I was never able to solve this on using an Alpine image. The problem eventually came that libint.sh, would never fully install to be recognized by the system. Even changing the docker file to using the Glibc library.
How i eventually fixed the issue was to use the images from Oracle itself. The full version not the slim images that can be seen here: https://github.com/oracle/docker-images/tree/master/OracleLinuxDevelopers
you then have to install golang and then your Instant client and Oracle dependencies if you need it.
FROM oraclelinux:7 as builder
RUN yum install -y oracle-golang-release-el7 && \
yum install -y git && \
yum install -y golang unzip
COPY . /app
RUN go version
WORKDIR /app
{Your Docker Specific Commands Here}
{Insert Build Specific Environment Variables here}
#Oracle Specific Environment Variables
{Insert Oracle Env Variables here}
WORKDIR /root/
#Install oracle dependencies
RUN yum install -y wget unzip libaio && \
rm -rf /var/cache/yum
#install Oracle Instant Client
RUN wget https://download.oracle.com/otn_software/linux/instantclient/199000/instantclient-basic-linux.x64-19.9.0.0.0dbru.zip -O /tmp/instantclient.zip && \
unzip /tmp/instantclient.zip -d /usr/lib/instantclient && \
rm /tmp/instantclient.zip
#Install Oracle SDK
RUN wget https://download.oracle.com/otn_software/linux/instantclient/199000/instantclient-sdk-linux.x64-19.9.0.0.0dbru.zip -O /tmp/instantclient-sdk-linux.x64-19.9.0.0.0.zip && \
unzip /tmp/instantclient-sdk-linux.x64-19.9.0.0.0.zip -d /usr/lib/ && \
rm /tmp/instantclient-sdk-linux.x64-19.9.0.0.0.zip
#Install Oracle Tools through SQLPlus
RUN wget https://download.oracle.com/otn_software/linux/instantclient/199000/instantclient-sqlplus-linux.x64-19.9.0.0.0dbru.zip -O /tmp/instantclient-sqlplus-linux.x64-19.9.0.0.0.zip && \
unzip /tmp/instantclient-sqlplus-linux.x64-19.9.0.0.0.zip -d /usr/lib/ && \
rm /tmp/instantclient-sqlplus-linux.x64-19.9.0.0.0.zip
WORKDIR /app
COPY --from=builder /app/cmd/svr .
EXPOSE 8000
CMD ["./app"]
Again this is how i solved the problem for a Golang API. There may be others that solved the Alpine issue but i was never able to get it to work, even using older version of the Oracle Instant Client.
Try this Docker file. Start from the basic alpine linux image and add the required packages.
FROM alpine:3.13
WORKDIR /project
RUN wget https://download.oracle.com/otn_software/linux/instantclient/211000/instantclient-basiclite-linux.x64-21.1.0.0.0.zip -qO- | busybox unzip -q - && \
wget https://download.oracle.com/otn_software/linux/instantclient/211000/instantclient-sqlplus-linux.x64-21.1.0.0.0.zip -qO- | busybox unzip -q - && \
wget https://github.com/sgerrand/alpine-pkg-glibc/releases/download/2.33-r0/glibc-2.33-r0.apk -q
RUN apk add --allow-untrusted libaio glibc-2.33-r0.apk
RUN cd instantclient_21_1 && cp /usr/lib/libaio.so.1 /lib/libc.musl-x86_64.so.1 . && chmod +x sqlplus
ENV LD_LIBRARY_PATH=/project/instantclient_21_1
I'm tring to create an Docker image to bootstrap Symfony project.
Here is my Dockerfile:
FROM php:7-apache
LABEL Description = "This image is used to start Symfony3 project"
ENV DIRPATH /var/www/html
# apt-get command
RUN apt-get update && apt-get install -y \
vim \
git
RUN apt-get install -y zlib1g-dev && docker-php-ext-install zip
# Install Composer
RUN curl -sS https://getcomposer.org/installer | php
RUN mv composer.phar /usr/local/bin/composer
# Install the Symfony Installer
RUN curl -LsS http://symfony.com/installer -o /usr/local/bin/symfony
RUN chmod a+x /usr/local/bin/symfony
# Create the php.ini file
RUN cp /usr/src/php/php.ini-development /usr/local/etc/php/php.ini
The build and the container creation works well but I have a permission issue in my container.
When I'm going to my app_dev.php, I have this message:
You are not allowed to access this file. Check app_dev.php for more information.
Apparently, I can access this file only with localhost.
Also, PHP can't delete or create anything in my container.
For exemple I have the following error when I'm running:
$php app/console cache:clear
Failed to remove directory "/var/www/html/app/cache/dev_old/doctrine
How can I solved that in my Dockerfile?
Finally found it after weeks:
Add that in you Dockerfile. It solved the permission issue.
# Workaround for write permission on write to MacOS X volumes
# See https://github.com/boot2docker/boot2docker/pull/534
RUN usermod -u 1000 www-data