Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade symfony to 5.4 & separate EntityMapper #174

Merged
merged 8 commits into from
May 5, 2023
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 13 additions & 6 deletions .github/workflows/build-3.x.yml
Original file line number Diff line number Diff line change
Expand Up @@ -29,12 +29,12 @@ jobs:
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Checkout code
uses: actions/checkout@v2
uses: actions/checkout@v3
with:
path: build_dir

- name: Checkout islandora_ci
uses: actions/checkout@v2
uses: actions/checkout@v3
with:
repository: islandora/islandora_ci
ref: github-actions
Expand All @@ -50,11 +50,18 @@ jobs:
run: |
echo "SCRIPT_DIR=$GITHUB_WORKSPACE/islandora_ci" >> $GITHUB_ENV

- name: Get composer cache directory
id: composer-cache
run: |
cd $GITHUB_WORKSPACE/build_dir/Milliner
echo "composer-cache-dir=$(composer config cache-files-dir)" >> $GITHUB_ENV

- name: Cache Composer dependencies
uses: actions/cache@v2
uses: actions/cache@v3
with:
path: /tmp/composer-cache
key: ${{ runner.os }}-${{ hashFiles('**/composer.lock') }}
path: ${{ env.composer-cache-dir }}
key: ${{ runner.os }}-composer-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }}
restore-keys: ${{ runner.os }}-composer-${{ matrix.php-version }}

- name: composer install
run: |
Expand All @@ -70,5 +77,5 @@ jobs:
.scripts/tester

- name: codecov
uses: codecov/codecov-action@v1
uses: codecov/codecov-action@v3

81 changes: 81 additions & 0 deletions .github/workflows/build-4.x.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,81 @@
# This is a basic workflow to help you get started with Actions

name: CI - 4.x

# Controls when the action will run.
on:
# Triggers the workflow on push or pull request events but only for the 7.x branch
push:
branches: [ 4.x ]
pull_request:
branches: [ 4.x ]

# Allows you to run this workflow manually from the Actions tab
workflow_dispatch:

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "build"
build:
# The type of runner that the job will run on
runs-on: ubuntu-latest
strategy:
matrix:
php-versions: ["7.4", "8.0", "8.1"]

name: PHP ${{ matrix.php-versions }}

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
# Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
- name: Checkout code
uses: actions/checkout@v3
with:
path: build_dir

- name: Checkout islandora_ci
uses: actions/checkout@v3
with:
repository: islandora/islandora_ci
ref: github-actions
path: islandora_ci

- name: Setup PHP
uses: shivammathur/setup-php@v2
with:
php-version: ${{ matrix.php-versions }}
tools: composer:v2

- name: Set environment variables
run: |
echo "SCRIPT_DIR=$GITHUB_WORKSPACE/islandora_ci" >> $GITHUB_ENV

- name: Get composer cache directory
id: composer-cache
run: |
cd $GITHUB_WORKSPACE/build_dir/Milliner
echo "composer-cache-dir=$(composer config cache-files-dir)" >> $GITHUB_ENV

- name: Cache Composer dependencies
uses: actions/cache@v3
with:
path: ${{ env.composer-cache-dir }}
key: ${{ runner.os }}-composer-${{ matrix.php-version }}-${{ hashFiles('**/composer.lock') }}
restore-keys: ${{ runner.os }}-composer-${{ matrix.php-version }}

- name: composer install
run: |
cd $GITHUB_WORKSPACE/build_dir
for D in */; do (cd $D; composer install) done

- name: line endings
run: $SCRIPT_DIR/line_endings.sh $GITHUB_WORKSPACE

- name: test scripts
run: |
cd $GITHUB_WORKSPACE/build_dir
.scripts/tester

- name: codecov
uses: codecov/codecov-action@v3

9 changes: 8 additions & 1 deletion Homarus/.env
Original file line number Diff line number Diff line change
Expand Up @@ -9,13 +9,20 @@
# Real environment variables win over .env files.
#
# DO NOT DEFINE PRODUCTION SECRETS IN THIS FILE NOR IN ANY OTHER COMMITTED FILES.
# https://symfony.com/doc/5.4/configuration/secrets.html
#
# Run "composer dump-env prod" to compile .env files for production use (requires symfony/flex >=1.2).
# https://symfony.com/doc/current/best_practices.html#use-environment-variables-for-infrastructure-configuration
# https://symfony.com/doc/5.4/best_practices.html#use-environment-variables-for-infrastructure-configuration

###> symfony/framework-bundle ###
APP_ENV=dev
APP_SECRET=2debbf0f3bc4a9484b577b8952dc3477
#TRUSTED_PROXIES=127.0.0.0/8,10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
#TRUSTED_HOSTS='^(localhost|example\.com)$'
###< symfony/framework-bundle ###

###> lexik/jwt-authentication-bundle ###
JWT_SECRET_KEY=%kernel.project_dir%/config/jwt/private.pem
JWT_PUBLIC_KEY=%kernel.project_dir%/config/jwt/public.pem
JWT_PASSPHRASE=900bcb1e6df36b802204915dbe1c2f6a
###< lexik/jwt-authentication-bundle ###
10 changes: 5 additions & 5 deletions Homarus/README.md
Original file line number Diff line number Diff line change
Expand Up @@ -49,9 +49,6 @@ the `app.executable` parameter in [`/path/to/Homarus/config/services.yaml`](./co
You also need to set your Fedora Base Url to allow the Fedora Resource to be pulled in automatically.
This is done in the `/path/to/Homarus/config/packages/crayfish_commons.yaml`.

Also in the `/path/to/Homarus/config/packages/crayfish_commons.yaml` file you can point to the location of your `syn-settings.xml`.
If you don't have a `syn-settings.xml` look at the [Syn](http://github.com/Islandora/Syn) documentation.

### Logging

To change your log settings, edit the `/path/to/Homarus/config/packages/monolog.yaml` file.
Expand All @@ -62,10 +59,13 @@ environment directory will take precedence over those in the `/path/to/Homarus/c

The location specified in the configuration file for the log must be writable by the web server.

### Disabling Syn
### Enabling JWT authentication

There are instructions in the `/path/to/Homarus/config/packages/security.yaml` file describing what to change and what lines
to comment out to disable Syn.
to comment out to enable authentication.

We use the Lexik JWT Authentication Bundle for Symfony, more information here
https://github.com/lexik/LexikJWTAuthenticationBundle

## Usage
This will return the an AVI file for the test video file in Fedora.
Expand Down
37 changes: 37 additions & 0 deletions Homarus/UPGRADE.md
Original file line number Diff line number Diff line change
@@ -1,5 +1,42 @@
This document guides you through the process of upgrading Homarus. First, check if a section named "Upgrade to x.x.x" exists, with x.x.x being the version you are planning to upgrade to.

## Upgrade to 4.0.0

4.0.0 uses Symfony 5.4, which has differences from 3.x.x which used Symfony 4.4.
This makes it non-backwards compatible and requires testing of any custom changes you
may have made.

Homarus relies on Crayfish-Commons `^4.0` which no longer includes our own JWT authentication,
to perform JWT authentication we use the [Lexik JWT Bundle](https://github.com/lexik/LexikJWTAuthenticationBundle).

### Upgrade from version 3.x.x

You can remove the `syn_config:` line from the `./config/packages/crayfish_commons.yaml` file.

You can add a line like `apix_middleware_enabled: false` to the `./config/packages/crayfish_commons.yaml` file.
This disables the ApixMiddleware as we pass the full URL to ffmpeg instead of downloading the file and passing
it directly.

You will need to make a file in `./config/packages` called `lexik_jwt_authentication.yaml`.

The file needs to contain (at a minimum) or you can copy the file from the Github repository:
```yaml
lexik_jwt_authentication:
# This is the public key from the pair generated by Drupal and is required to validate the JWTs
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
# By default lexik_jwt looks for the username key in the payload, we use sub
user_identity_field: sub
```

You can either:
* define an [environment variables](https://symfony.com/doc/5.4/configuration.html#configuration-based-on-environment-variables) for
the `JWT_PUBLIC_KEY` variable defined above and pointed to the Drupal public key file

_or_
* explicitly overwrite the `'%env(resolve:JWT_PUBLIC_KEY)%'` in
the above file and specify the path to the Drupal public key


## Upgrade to 3.0.0

Homarus (and all of Crayfish) adheres to [semantic versioning](https://semver.org), which makes a distinction between "major", "minor", and "patch" versions. The upgrade path will be different depending on which previous version from which you are migrating.
Expand Down
25 changes: 15 additions & 10 deletions Homarus/composer.json
Original file line number Diff line number Diff line change
Expand Up @@ -6,22 +6,26 @@
"require": {
"ext-ctype": "*",
"ext-iconv": "*",
"islandora/crayfish-commons": "^3.0",
"symfony/dotenv": "4.4.*",
"islandora/crayfish-commons": "^4.0",
"lexik/jwt-authentication-bundle": "^2.18",
"symfony/dotenv": "5.4.*",
"symfony/flex": "^1.3.1",
"symfony/framework-bundle": "4.4.*",
"symfony/yaml": "4.4.*"
"symfony/framework-bundle": "5.4.*",
"symfony/runtime": "5.4.*",
"symfony/string": "5.4.*",
"symfony/translation": "5.4.*",
"symfony/yaml": "5.4.*"
},
"require-dev": {
"phpspec/prophecy-phpunit": "^2.0",
"phpunit/phpunit": "^9.5",
"sebastian/phpcpd": "^6.0",
"squizlabs/php_codesniffer": "^3.0",
"symfony/var-dumper": "4.4.*",
"symfony/browser-kit": "4.4.*",
"symfony/css-selector": "4.4.*",
"symfony/var-dumper": "5.4.*",
"symfony/browser-kit": "5.4.*",
"symfony/css-selector": "5.4.*",
"symfony/maker-bundle": "^1.0",
"symfony/phpunit-bridge": "4.4.*"
"symfony/phpunit-bridge": "5.4.*"
},
"minimum-stability": "dev",
"prefer-stable": true,
Expand All @@ -31,7 +35,8 @@
},
"sort-packages": true,
"allow-plugins": {
"symfony/flex": true
"symfony/flex": true,
"symfony/runtime": true
}
},
"autoload": {
Expand Down Expand Up @@ -68,7 +73,7 @@
"extra": {
"symfony": {
"allow-contrib": false,
"require": "4.4.*"
"require": "5.4.*"
}
},
"authors": [
Expand Down
23 changes: 0 additions & 23 deletions Homarus/config/bootstrap.php

This file was deleted.

1 change: 1 addition & 0 deletions Homarus/config/bundles.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,4 +5,5 @@
Islandora\Crayfish\Commons\CrayfishCommonsBundle::class => ['all' => true],
Symfony\Bundle\SecurityBundle\SecurityBundle::class => ['all' => true],
Symfony\Bundle\MonologBundle\MonologBundle::class => ['all' => true],
Lexik\Bundle\JWTAuthenticationBundle\LexikJWTAuthenticationBundle::class => ['all' => true],
];
2 changes: 1 addition & 1 deletion Homarus/config/packages/crayfish_commons.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
crayfish_commons:
fedora_base_uri: 'http://localhost:8080/fcrepo/rest'
#syn_config: '/path/to/syn-settings.xml'
apix_middleware_enabled: false
11 changes: 9 additions & 2 deletions Homarus/config/packages/framework.yaml
Original file line number Diff line number Diff line change
@@ -1,17 +1,24 @@
# see https://symfony.com/doc/current/reference/configuration/framework.html
# see https://symfony.com/doc/5.4/reference/configuration/framework.html
framework:
secret: '%env(APP_SECRET)%'
#csrf_protection: true
#http_method_override: true
http_method_override: false

# Enables session support. Note that the session will ONLY be started if you read or write from it.
# Remove or comment this section to explicitly disable session support.
session:
handler_id: null
cookie_secure: auto
cookie_samesite: lax
storage_factory_id: session.storage.factory.native

#esi: true
#fragments: true
php_errors:
log: true

when@test:
framework:
test: true
session:
storage_factory_id: session.storage.factory.mock_file
9 changes: 9 additions & 0 deletions Homarus/config/packages/lexik_jwt_authentication.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
lexik_jwt_authentication:
# Need secret key to generate a token, this is not necessary for normal usage as the key is generated by Drupal.
secret_key: '%env(resolve:JWT_SECRET_KEY)%'
# This is required if you have set a passphrase on the secret key, this is generally not needed.
pass_phrase: '%env(resolve:JWT_PASSPHRASE)%'
# This is the public key from the pair generated by Drupal and is required to validate the JWTs
public_key: '%env(resolve:JWT_PUBLIC_KEY)%'
# By default lexik_jwt looks for the username key in the payload, we use sub
user_identity_field: sub
27 changes: 12 additions & 15 deletions Homarus/config/packages/security.yaml
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
security:

# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
enable_authenticator_manager: true
# https://symfony.com/doc/5.4/security.html#where-do-users-come-from-user-providers
providers:
jwt_user_provider:
id: Islandora\Crayfish\Commons\Syn\JwtUserProvider

users_in_memory: { memory: null }
jwt:
lexik_jwt: ~
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
Expand All @@ -15,21 +15,18 @@ security:
# Need stateless or it reloads the User based on a token.
stateless: true

# To enable Syn, uncomment the below 4 lines and change anonymous to false above.
#provider: jwt_user_provider
#guard:
# authenticators:
# - Islandora\Crayfish\Commons\Syn\JwtAuthenticator
# To enable JWT authentication, uncomment the below 2 lines and change anonymous to false above.
#provider: jwt
#jwt: ~

# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#firewalls-authentication
# https://symfony.com/doc/5.4/security.html#firewalls-authentication

# https://symfony.com/doc/current/security/impersonating_user.html
# https://symfony.com/doc/5.4/security/impersonating_user.html
# switch_user: true


# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
# - { path: ^/admin, roles: ROLE_ADMIN }
# - { path: ^/profile, roles: ROLE_USER }
4 changes: 0 additions & 4 deletions Homarus/config/preload.php
Original file line number Diff line number Diff line change
@@ -1,9 +1,5 @@
<?php

if (file_exists(dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php')) {
require dirname(__DIR__).'/var/cache/prod/srcApp_KernelProdContainer.preload.php';
}

if (file_exists(dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php')) {
require dirname(__DIR__).'/var/cache/prod/App_KernelProdContainer.preload.php';
}
Loading