From ca6cecb47fb3b056fc9c8215e1f320e70ffa102c Mon Sep 17 00:00:00 2001 From: teutat3s Date: Thu, 16 Nov 2023 19:51:26 +0100 Subject: [PATCH] feat: refactor Dockerfile, optimize for size & less layers, also check sha256sums --- Dockerfile | 38 +++++++++++++++++++++++--------------- 1 file changed, 23 insertions(+), 15 deletions(-) diff --git a/Dockerfile b/Dockerfile index 5df3534..3b70e3c 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,21 +1,29 @@ -FROM mediawiki:stable +FROM mediawiki:1.40.1 -RUN apt-get update && apt-get install -y wget tar unzip libpq-dev -RUN docker-php-ext-configure pgsql --with-pgsql=/usr/local/pgsql -RUN docker-php-ext-install pgsql +RUN apt-get update && apt-get install --yes curl libpq-dev tar unzip +RUN docker-php-ext-configure pgsql --with-pgsql=/usr/local/pgsql && \ + docker-php-ext-install pgsql -RUN wget https://extdist.wmflabs.org/dist/extensions/PluggableAuth-REL1_40-eb10a76.tar.gz -RUN tar -xzf PluggableAuth-REL1_40-eb10a76.tar.gz -C /var/www/html/extensions -RUN rm PluggableAuth-REL1_40-eb10a76.tar.gz +ENV PLUGGABLE_AUTH_VERSION=REL1_40-eb10a76 +ENV OPENID_CONNECT_VERSION=REL1_40-e97e0b1 -RUN wget https://extdist.wmflabs.org/dist/extensions/OpenIDConnect-REL1_40-e97e0b1.tar.gz -RUN tar -xzf OpenIDConnect-REL1_40-e97e0b1.tar.gz -C /var/www/html/extensions -RUN rm OpenIDConnect-REL1_40-e97e0b1.tar.gz +RUN export PLUGGABLE_AUTH_SHA256SUM=d412cb788d8a931cb3fee5b89354d6f5ef6f3c544d340a63f1cb61cad08b524a && \ + export archive=PluggableAuth-${PLUGGABLE_AUTH_VERSION}.tar.gz && \ + curl --location --silent --output /tmp/${archive} https://extdist.wmflabs.org/dist/extensions/${archive} && \ + echo "${PLUGGABLE_AUTH_SHA256SUM} /tmp/${archive}" | sha256sum --check && \ + tar --extract --gzip --file /tmp/${archive} --directory /var/www/html/extensions && \ + rm /tmp/${archive} -RUN echo '{ "extra": { "merge-plugin": { "include": [ "extensions/OpenIDConnect/composer.json" ] } } }' > /var/www/html/composer.local.json +RUN export OPENID_CONNECT_SHA256SUM=0797347c1ee3cab55de2debb63c85b1a7679c647ecba0f97dd62ff6f7a336f9e && \ + export archive=OpenIDConnect-${OPENID_CONNECT_VERSION}.tar.gz && \ + curl --location --silent --output /tmp/${archive} https://extdist.wmflabs.org/dist/extensions/${archive} && \ + echo "${OPENID_CONNECT_SHA256SUM} /tmp/${archive}" | sha256sum --check && \ + tar --extract --gzip --file /tmp/${archive} --directory /var/www/html/extensions && \ + rm /tmp/${archive} -RUN php -r "copy('https://getcomposer.org/installer', '/tmp/composer-setup.php');" -RUN php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer - -RUN composer update +RUN echo '{ "extra": { "merge-plugin": { "include": [ "extensions/OpenIDConnect/composer.json" ] } } }' \ + > /var/www/html/composer.local.json && \ + php -r "copy('https://getcomposer.org/installer', '/tmp/composer-setup.php');" && \ + php /tmp/composer-setup.php --install-dir=/usr/local/bin --filename=composer && \ + composer update