Developer docker setup (#683)

* Add build context to compose

Signed-off-by: Daniel Ekman <knegge@gmail.com>

* Update Docker documentation with build instructions

Enhance Docker deployment documentation by:
- Adding detailed instructions for building Docker images
- Providing two methods for image building (Docker Compose and manual)
- Clarifying how to use local images with docker-compose.override.yml

* Add development Docker configuration

Introduce development-specific Docker configuration:
- Create docker-compose.dev.yml for local development setup
- Add nginx.dev.conf with development CORS settings
- Update Dockerfile.api to support environment-specific dependency installation
- Configure development services with appropriate volumes and environment variables

* Improve Docker and Development Documentation

- Remove platform-specific ARM64 constraints in docker-compose.dev.yml
- Enhance Nginx configuration with improved proxy and HMR settings
- Update documentation for development setup and Docker deployment
- Add new Docker development documentation page
- Refactor getting started guide with clearer development instructions

* Enhance Docker configuration and CI/CD pipeline

- Update Docker Compose files with improved service configurations
- Add database healthcheck in docker-compose.yml
- Refactor GitHub Actions workflow for Docker image publishing
- Optimize Dockerfile.api with multi-stage build and environment-specific configurations
- Update Nginx configuration for development and production environments

* Add GitHub Actions permissions for Docker image publishing

Configure GitHub Actions workflow with explicit read and write permissions for content and packages to improve security and clarity of Docker image deployment process

---------

Signed-off-by: Daniel Ekman <knegge@gmail.com>
Co-authored-by: Daniel Ekman <knegge@gmail.com>

docker/Dockerfile.api

@@ -1,28 +1,50 @@
+# Stage 1: Composer dependencies
+FROM composer:latest as composer
+WORKDIR /app
+COPY api/composer.* ./
+
+ARG APP_ENV=production
+RUN if [ "$APP_ENV" = "production" ]; then \
+    composer install --ignore-platform-req=php --no-dev --optimize-autoloader; \
+    else \
+    composer install --ignore-platform-req=php --optimize-autoloader; \
+    fi
+
+# Stage 2: Final image
 FROM php:8.3-fpm
 
-# syntax=docker/dockerfile:1.3-labs
-
+# Install system dependencies and PHP extensions
 RUN apt-get update && apt-get install -y \
-    libzip-dev \
+    git \
+    curl \
     libpng-dev \
-    postgresql-client \
+    libonig-dev \
+    libxml2-dev \
+    zip \
+    unzip \
     libpq-dev \
-    && apt-get clean \
-    && rm -rf /var/lib/apt/lists/*
-
-COPY --from=composer:latest /usr/bin/composer /usr/local/bin/composer
-ENV COMPOSER_ALLOW_SUPERUSER=1
-RUN docker-php-ext-install pdo pgsql pdo_pgsql gd bcmath zip \
+    && docker-php-ext-install pdo_pgsql mbstring exif pcntl bcmath gd \
     && pecl install redis \
     && docker-php-ext-enable redis
 
-WORKDIR /usr/share/nginx/html/
+# Install xdebug if not in production
+ARG APP_ENV=production
+RUN if [ "$APP_ENV" != "production" ]; then \
+    pecl install xdebug && \
+    docker-php-ext-enable xdebug; \
+    fi
 
-# Combine multiple ADD commands into one
-COPY api/composer.json api/composer.lock api/artisan ./
-COPY api/app ./app
+# Configure PHP
+COPY docker/php/php.ini /usr/local/etc/php/conf.d/app.ini
+COPY docker/php/php-fpm.conf /usr/local/etc/php-fpm.d/www.conf
+
+WORKDIR /usr/share/nginx/html
+
+# Copy application files
+COPY api/artisan artisan
 COPY api/bootstrap ./bootstrap
 COPY api/config ./config
+COPY api/app ./app
 COPY api/database ./database
 COPY api/public ./public
 COPY api/routes ./routes
@@ -30,15 +52,13 @@ COPY api/tests ./tests
 COPY api/resources ./resources
 COPY api/storage ./storage
 
-RUN sed 's_@php artisan package:discover_/bin/true_;' -i composer.json \
-    && composer install --ignore-platform-req=php --no-dev --optimize-autoloader \
-    && composer clear-cache \
-    && php artisan package:discover --ansi \
-    && chmod -R 775 storage \
-    && chown -R www-data:www-data storage \
-    && mkdir -p storage/framework/sessions storage/framework/views storage/framework/cache \
-    && chown -R www-data:www-data storage \
-    && chmod -R 775 storage
+# Copy vendor directory from composer stage
+COPY --from=composer /app/vendor ./vendor
+
+# Set permissions
+RUN chmod -R 775 storage \
+    && chmod -R 775 bootstrap/cache \
+    && chown -R www-data:www-data /usr/share/nginx/html
 
 COPY docker/php-fpm-entrypoint /usr/local/bin/opnform-entrypoint
 RUN chmod a+x /usr/local/bin/*

docker/nginx.conf

@@ -4,38 +4,36 @@ map $original_uri $api_uri {
 }
 
 server {
-         listen       80;
-         server_name  opnform;
-         root         /app/public;
+    listen       80;
+    server_name  opnform;
+    root         /usr/share/nginx/html/public;
 
-         access_log /dev/stdout;
-         error_log  /dev/stderr error;
+    access_log /dev/stdout;
+    error_log  /dev/stderr error;
 
-         index index.html index.htm index.php;
+    index index.html index.htm index.php;
 
-         location / {
-           proxy_http_version 1.1;
-           proxy_pass http://ui:3000;
-           proxy_set_header X-Real-IP $remote_addr;
-           proxy_set_header X-Forwarded-Host $host;
-           proxy_set_header X-Forwarded-Port $server_port;
-           proxy_set_header Upgrade $http_upgrade;
-           proxy_set_header Connection "Upgrade";
-         }
+    location / {
+        proxy_http_version 1.1;
+        proxy_pass http://ui:3000;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Port $server_port;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+    }
 
-         location ~/(api|open|local\/temp|forms\/assets)/ {
-              set $original_uri $uri;
-              try_files $uri $uri/ /index.php$is_args$args;
-         }
+    location ~/(api|open|local\/temp|forms\/assets)/ {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
 
-         location ~ \.php$ {
-            fastcgi_split_path_info ^(.+\.php)(/.+)$;
-            fastcgi_pass api:9000;
-            fastcgi_index index.php;
-            include fastcgi_params;
-            #fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/$fastcgi_script_name;
-            fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/public/index.php;
-            fastcgi_param REQUEST_URI $api_uri;
-         }
+    location ~ \.php$ {
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass api:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/public/index.php;
+        fastcgi_param REQUEST_URI $api_uri;
+    }
 }
 

docker/nginx.dev.conf

@@ -0,0 +1,73 @@
+map $original_uri $api_uri {
+    ~^/api(/.*$) $1;
+    default $original_uri;
+}
+
+server {
+    listen       80;
+    server_name  opnform;
+    root         /usr/share/nginx/html/public;
+
+    access_log /dev/stdout;
+    error_log  /dev/stderr error;
+
+    index index.html index.htm index.php;
+
+    # Development CORS headers
+    add_header 'Access-Control-Allow-Origin' 'http://localhost:3000' always;
+    add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH' always;
+    add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-XSRF-TOKEN' always;
+    add_header 'Access-Control-Allow-Credentials' 'true' always;
+    add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;
+
+    # Handle preflight requests
+    if ($request_method = 'OPTIONS') {
+        add_header 'Access-Control-Allow-Origin' 'http://localhost:3000' always;
+        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, PATCH' always;
+        add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization,X-XSRF-TOKEN' always;
+        add_header 'Access-Control-Allow-Credentials' 'true' always;
+        add_header 'Access-Control-Max-Age' 1728000;
+        add_header 'Content-Type' 'text/plain charset=UTF-8';
+        add_header 'Content-Length' 0;
+        return 204;
+    }
+
+    # Development proxy settings
+    location / {
+        proxy_http_version 1.1;
+        proxy_pass http://ui:3000;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+        proxy_set_header X-Forwarded-Host $host;
+        proxy_set_header X-Forwarded-Port $server_port;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_read_timeout 86400;
+        proxy_buffering off;
+    }
+
+    # HMR websocket support
+    location /_nuxt {
+        proxy_pass http://ui:3000;
+        proxy_http_version 1.1;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "upgrade";
+        proxy_set_header Host $host;
+        proxy_cache_bypass $http_upgrade;
+    }
+
+    location ~/(api|open|local\/temp|forms\/assets)/ {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    location ~ \.php$ {
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_pass api:9000;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME /usr/share/nginx/html/public/index.php;
+        fastcgi_param REQUEST_URI $api_uri;
+    }
+}