本文的翻译是在“ Symfony框架”课程开始之前准备的。
您是否不厌倦在每次更改应用程序秘密文件以部署应用程序以满足安全要求时将应用程序秘密文件保存在密码管理器中并将其复制到CI / CD环境中?
启动Symfony
在项目根目录中创建docker-compose.yml并添加以下内容:
version: '3'
services:
php:
image: webdevops/php-nginx-dev:7.4
working_dir: /app
environment:
- WEB_DOCUMENT_ROOT=/app/public
- PHP_DISPLAY_ERRORS=1
- PHP_MEMORY_LIMIT=2048M
- PHP_MAX_EXECUTION_TIME=-1
- XDEBUG_REMOTE_AUTOSTART=1
- XDEBUG_REMOTE_PORT=9000
- XDEBUG_PROFILER_ENABLE=0
- XDEBUG_REMOTE_CONNECT_BACK=0
- XDEBUG_REMOTE_HOST=docker.for.mac.localhost
- php.xdebug.idekey=PHPSTORM
- php.xdebug.remote_enable=1
- php.xdebug.max_nesting_level=1000
ports:
- "8080:80"
volumes:
- ./:/app:rw,cached
depends_on:
- mysql
mysql:
image: mysql:5.7
ports:
- "3306:3306"
environment:
MYSQL_ROOT_PASSWORD: root
MYSQL_DATABASE: test
MYSQL_USER: test
MYSQL_PASSWORD: test
docker-compose up Symfony 5 :
docker-compose exec php bash -c 'composer create-project symfony/website-skeleton project && mv project/* . && rm -rf project'
Symfony
Symfony 4.4, , (vault) . . , .env:
php bin/console secrets:set DATABASE_URL
, , , . , config/secrets/dev:
, () () , . php-, :
php bin/console:list :
, Symfony , . , , dev- . . :
git add config/secrets
, , Symfony %env%, . doctrine :
config/packages/doctrine.yaml
, :
php bin/console doctrine:query:sql "SHOW VARIABLES LIKE 'max_join_size'"
, .
DATABASE_URL (production vault), :
php bin/console secrets:set --env=prod DATABASE_URL
DATABASE_URL . , . Symfony composer, .gitignore:
/config/secrets/prod/prod.decrypt.private.php
Symfony !
, , secrets:list. , — reveal:
:
php bin/console secrets:list --env=prod --reveal
. !
— . SYMFONY_DECRYPTION_SECRET.
SYMFONY_DECRYPTION_SECRET, , base64, , :
php -r "echo base64_encode(require 'config/secrets/prod/prod.decrypt.private.php');"
, Jenkins Gitlab, . Jenkins :
Jenkins
— , . , .env, :
php bin/console secrets:decrypt-to-local --force --env=prod
.env.prod.local . , Symfony env , - . , . - , .env.prod.local.
? , DATABASE_URL - . :
php bin/console secrets:set DATABASE_URL --local
? .env.dev.local! , , Symfony .gitignore, . , .env , . , , , Symfony env, — . env .
- Env ,
- secret:set dev, local prod env
- Symfony git .gitignore