Initial commit.

Author: spencercrose

.github/matrix.php

@@ -0,0 +1,129 @@
+<?php
+/**
+ * This script generates the matrix for the Docker image build job
+ *
+ * It checks if changes in the DokuWiki branch, the upstream PHP image or the docker repo have been made
+ * since it ran last time (using the github action cache for persistence). This allows us to run this every
+ * day to catch any updates to the upstream images, while avoiding unnecessary rebuilds.
+ */
+
+
+/**
+ * Get the list of DokuWiki versions from the download server
+ *
+ * @return array
+ */
+function getVersions()
+{
+    $data = file_get_contents('https://download.dokuwiki.org/version');
+    return json_decode($data, true);
+}
+
+/**
+ * Get the last commit of a branch
+ *
+ * @param string $repo
+ * @param string $branch
+ * @return string
+ */
+function getLastCommit($repo, $branch)
+{
+    $opts = [
+        'http' => [
+            'method' => "GET",
+            'header' => join("\r\n", [
+                "Accept: application/vnd.github.v3+json",
+                "User-Agent: PHP"
+            ])
+        ]
+    ];
+    $context = stream_context_create($opts);
+
+    $data = file_get_contents("https://api.github.com/repos/dokuwiki/$repo/commits/$branch", false, $context);
+    $json = json_decode($data, true);
+    return $json['sha'];
+}
+
+/**
+ * Get the image id of a given PHP image tag
+ *
+ * @param string $tag
+ * @return string
+ */
+function getImageId($tag)
+{
+    $repo = 'library/php';
+    $data = file_get_contents('https://auth.docker.io/token?service=registry.docker.io&scope=repository:' . $repo . ':pull');
+    $token = json_decode($data, true)['token'];
+
+
+    $opts = [
+        'http' => [
+            'method' => "GET",
+            'header' => join("\r\n", [
+                "Authorization: Bearer $token",
+                "Accept: application/vnd.docker.distribution.manifest.v2+json",
+            ])
+        ]
+    ];
+    $context = stream_context_create($opts);
+
+    $data = file_get_contents('https://index.docker.io/v2/' . $repo . '/manifests/' . $tag, false, $context);
+    $json = json_decode($data, true);
+    return $json['config']['digest'];
+}
+
+/**
+ * Get the image tag used in the current Dockerfile
+ *
+ * @return string
+ */
+function getImageTag()
+{
+    $df = file_get_contents('Dockerfile');
+    preg_match('/FROM php:(?<tag>\S*)/', $df, $matches);
+    return $matches['tag'];
+}
+
+
+$result = [];
+$self = getLastCommit('docker', 'main');
+$upstreamTag = getImageTag();
+$image = getImageId($upstreamTag);
+
+foreach (getVersions() as $release => $info) {
+    $branch = $release === 'oldstable' ? 'old-stable' : $release;
+    $commit = getLastCommit('dokuwiki', $branch);
+    $ident = join('-', [$release, $commit, $image, $self]);
+    $cache = '.github/matrix.cache/' . $release;
+
+    $last = @file_get_contents($cache);
+    fwrite(STDERR, "Old: $last\n");
+    fwrite(STDERR, "New: $ident\n");
+    if ($last === $ident) {
+        // this combination has been built before
+        fwrite(STDERR, "No change. Skipping $release\n");
+        continue;
+    }
+
+    // this branch needs to be built
+    $result[] = [
+        'version' => $info['version'],
+        'date' => $info['date'],
+        'name' => $info['name'],
+        'type' => $release,
+    ];
+    // update the cache
+    if (!is_dir('.github/matrix.cache')) {
+        mkdir('.github/matrix.cache');
+    }
+    file_put_contents($cache, $ident);
+}
+
+// output the result
+if ($result) {
+    echo "matrix=" . json_encode(['release' => $result]);
+} else {
+    echo "matrix=[]";
+}
+

.github/workflows/publish-chart.yaml

@@ -0,0 +1,80 @@
+name: Publish MediaWiki Helm Chart to GHCR
+
+on:
+  push:
+    branches:
+      - main # Or your default branch like 'master' or 'develop'
+    paths:
+      # Adjust these paths to your actual chart location and workflow file
+      - 'helm/**'
+      - '.github/workflows/publish-mediawiki-chart.yaml'
+
+jobs:
+  publish:
+    name: Publish Helm Chart
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read   # Required to checkout the repository code
+      packages: write  # Required to push packages to GHCR
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Install Helm 3 (and verify version)
+        uses: azure/setup-helm@v1
+        with:
+          # Explicitly request a Helm 3 version that supports OCI push
+          version: 'v3.15.0'
+        id: setup_helm
+
+      - name: Verify Helm Version is 3.x
+        run: |
+          helm version --client
+          # Check if the client version string contains "v3."
+          helm version --client | grep "Version:\"v3\." || {
+            echo "Error: Helm 3 was not correctly installed. Found different version."
+            exit 1
+          }
+
+      - name: Clean Helm Cache and Ensure Home Directory
+        run: |
+          echo "Cleaning Helm cache directory: ~/.helm"
+          rm -rf ~/.helm || true # Remove the entire directory, ignore if it doesn't exist
+          mkdir -p ~/.helm/repository
+          touch ~/.helm/repository/repositories.yaml
+          touch ~/.helm/registry.json # This will be populated by helm registry login
+
+      - name: Login to GitHub Container Registry
+        run: |
+          echo "${{ secrets.GITHUB_TOKEN }}" | helm registry login ghcr.io \
+            --username ${{ github.actor }} \
+            --password-stdin
+
+      - name: Get Chart Version and Name
+        id: get_chart_info
+        run: |
+          CHART_NAME=$(yq e '.name' helm/Chart.yaml)
+          CHART_VERSION=$(yq e '.version' helm/Chart.yaml)
+          echo "Chart Name: $CHART_NAME"
+          echo "Chart Version: $CHART_VERSION"
+          echo "chart_name=$CHART_NAME" >> "$GITHUB_OUTPUT"
+          echo "chart_version=$CHART_VERSION" >> "$GITHUB_OUTPUT"
+
+      - name: Add Helm repository
+        run: helm repo add bcgov-crunchy-postgres https://bcgov.github.io/crunchy-postgres/
+
+      # Update the chart dependencies
+      - name: Update Helm dependencies
+        run: helm dependency update ./helm
+
+      # Package the Helm Chart
+      - name: Package Helm Chart
+        run: helm package helm
+
+      - name: Push Helm Chart to GHCR
+        run: |
+          CHART_PACKAGE_NAME="${{ steps.get_chart_info.outputs.chart_name }}-${{ steps.get_chart_info.outputs.chart_version }}.tgz"
+          CHART_OCI_PATH="oci://ghcr.io/${{ github.repository_owner }}/${{ steps.get_chart_info.outputs.chart_name }}"
+          echo "Pushing $CHART_PACKAGE_NAME to $CHART_OCI_PATH"
+          helm push "$CHART_PACKAGE_NAME" "$CHART_OCI_PATH"

.github/workflows/publish-container.yml

@@ -0,0 +1,70 @@
+name: Build and Push Docker Image to GHCR
+
+on:
+  push:
+    branches:
+      - main # Trigger on pushes to the main branch
+  workflow_dispatch: # Allow manual triggering
+
+jobs:
+  build_and_push:
+    name: Build and Push Docker Image
+    runs-on: ubuntu-latest # Using ubuntu-latest for simplicity, consistent with Dockerfile's base image
+    permissions:
+      contents: read
+      packages: write # Necessary for pushing to GHCR
+
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v4
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+        with:
+          platforms: all # Enable building for multiple platforms
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v3
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Prepare Docker Tags
+        id: docker_tags
+        run: |
+          # Define the image name based on the GitHub repository
+          IMAGE_NAME="ghcr.io/${{ github.repository }}"
+          # Use a simple 'latest' tag for pushes to main, or a custom tag for workflow_dispatch if desired.
+          # For a more robust setup, you might use:
+          # - A version tag from a Git tag (e.g., if on: push: tags: )
+          # - A short commit SHA for development builds
+          
+          TAGS="${IMAGE_NAME}:latest"
+          
+          # If you want to use the branch name as a tag (e.g., ghcr.io/user/repo:main)
+          # if [[ "${{ github.ref }}" == "refs/heads/main" ]]; then
+          #   TAGS="${IMAGE_NAME}:main,${TAGS}"
+          # fi
+
+          echo "tags=${TAGS}" >> $GITHUB_OUTPUT
+
+      - name: Build and Push Docker Image
+        uses: docker/build-push-action@v5
+        with:
+          context: . # Build context is the current directory
+          platforms: linux/amd64,linux/arm64 # Building for common architectures
+          push: true
+          tags: ${{ steps.docker_tags.outputs.tags }}
+          # You might need build-args if your Dockerfile relies on them.
+          # For example, if you want to pass DOKUWIKI_VERSION:
+          # build-args: |
+          #    DOKUWIKI_VERSION=stable
+          # Or if you want it dynamic based on a variable:
+          # build-args: |
+          #    DOKUWIKI_VERSION=${{ env.DOKUWIKI_VERSION_ARG }}
+          cache-from: type=gha, scope=${{ github.workflow }}
+          cache-to: type=gha, mode=max, scope=${{ github.workflow }} # Use mode=max for better caching

.gitignore

@@ -0,0 +1,3 @@
+.github/matrix.cache/
+storage/
+.DS_Store

Dockerfile

@@ -0,0 +1,86 @@
+# Start from the official DokuWiki image.
+# Using 'latest' or a specific version like '2024-02-06a' is recommended for stability.
+FROM dokuwiki/dokuwiki:latest
+
+# Define build argument for the SMTP plugin version.
+# Check https://github.com/splitbrain/dokuwiki-plugin-smtp/releases for the latest stable version.
+ARG SMTP_PLUGIN_VERSION="2023-01-20"
+ARG SMTP_PLUGIN_PATH="https://github.com/splitbrain/dokuwiki-plugin-smtp/zipball/master"
+
+# Switch to root user to install system packages and modify configurations.
+USER root
+
+# Install necessary dependencies for downloading and extracting the plugin.
+# --no-install-recommends reduces image size by avoiding recommended but not strictly necessary packages.
+RUN apt-get update && \
+    apt-get install -y --no-install-recommends \
+    curl \
+    unzip && \
+    rm -rf /var/lib/apt/lists/* # Clean up apt cache to keep image small
+
+# --- Apache Port Configuration ---
+# The official DokuWiki image's Apache typically listens on port 80.
+# To align with your Helm charts and previous Dockerfile's EXPOSE 8080,
+# we need to modify Apache's configuration to listen on 8080.
+RUN sed -i 's/^Listen 80/Listen 8080/' /etc/apache2/ports.conf && \
+    sed -i 's/<VirtualHost \*:80>/<VirtualHost \*:8080>/' /etc/apache2/sites-available/000-default.conf
+
+# --- Healthcheck File ---
+# Based on your previous Dockerfile and Helm probe configurations,
+# it's assumed you have a `health.php` file for readiness/liveness checks.
+# This command copies your local `root/var/www/html/health.php` into the image.
+# Ensure this file exists in your Docker build context.
+COPY root/var/www/html/health.php /var/www/html/health.php
+
+# --- DokuWiki SMTP Plugin Installation ---
+# Set the working directory to a temporary location for downloading the plugin.
+WORKDIR /tmp
+
+# --- DokuWiki SMTP Plugin Installation ---
+# Set the working directory to a temporary location for downloading and processing.
+# We create a unique temporary directory to avoid conflicts if /tmp contains other files.
+WORKDIR /tmp/dokuwiki_plugin_install
+
+# Download the SMTP plugin.
+RUN set -eux; \
+    curl -fL -o smtp.zip ${SMTP_PLUGIN_PATH}; \
+
+# Unzip the plugin into the current temporary directory.
+# This will create the plugin's root folder (e.g., 'dokuwiki-plugin-smtp-2023-01-20')
+# inside '/tmp/dokuwiki_plugin_install/'.
+RUN set -eux; \
+    unzip smtp.zip; \
+    # Find the name of the extracted plugin directory.
+    # 'find . -maxdepth 1 -mindepth 1 -type d' looks for directories only one level deep.
+    # '-print -quit' prints the first one found and exits, assuming there's only one.
+    EXTRACTED_DIR=$(find . -maxdepth 1 -mindepth 1 -type d -print -quit); \
+    # Move the detected extracted directory to the final 'smtp' location.
+    # This directly renames the extracted folder to 'smtp' under /dokuwiki/lib/plugins/
+    mv "${EXTRACTED_DIR}" /dokuwiki/lib/plugins/smtp; \
+    # Clean up the downloaded zip file and the temporary working directory.
+    rm smtp.zip; \
+    rm -rf /tmp/dokuwiki_plugin_install # Remove the temporary working directory
+
+# ... (rest of the Dockerfile remains the same) ...
+
+# --- Permissions for added files and directories ---
+# The official `dokuwiki/dokuwiki` image primarily uses the `www-data` user (UID/GID 33).
+# We must ensure that the `health.php` and the newly installed `smtp` plugin directory
+# are owned by this user so DokuWiki can access and execute them.
+RUN chown www-data:www-data /var/www/html/health.php && \
+    chmod +x /var/www/html/health.php && \
+    chown -R www-data:www-data /dokuwiki/lib/plugins/smtp
+
+# Expose the custom port that Apache is now configured to listen on.
+# This matches the `targetPort` in your Helm service definition.
+EXPOSE 8080
+
+# Switch to the non-root user `www-data`.
+# The base image's Dockerfile usually sets this, but it's good practice to be explicit
+# to ensure all subsequent commands (if any) and the container's runtime
+# operate under this non-privileged user.
+USER www-data
+
+# The official dokuwiki/dokuwiki image provides its own ENTRYPOINT.
+# We do not need to define one here unless you require custom startup logic
+# that is not handled by the official image's entrypoint.