@fishawack/lab-env 1.15.0 → 1.18.0

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 ## Changelog
 
+### 1.18.0 (2022-02-28)
+* [Feature] Can now pass container name to rebuild/build commands
+* [Feature] Craftcms now a supported tech stack
+* [Change] Laravel now installs ghostscript and imagemagick by default
+* [Change] Drupal now installs ghostscript and imagemagick by default
+* [Misc] No longer rename clone folders when testing lab-env itself
+
+### 1.17.0 (2022-01-27)
+* [Feature] Drupals php image now contains imagemagick and imagick
+* [Change] Drupals php image is now labelled and tagged
+
+### 1.16.0 (2022-01-25)
+* [Feature] lab-env now checks if docker process is running. Only `origin` and `--version` commands allowed if not
+
 ### 1.15.0 (2022-01-17)
 * [Feature] Docker images are now pulled from docker hub if lab-env not running with devDependencies installed
 * [Feature] Added a package.json to the core package in lab-env for more streamlined docker hub publishes

package/_Test/boilerplate-craftcms.js

@@ -0,0 +1,29 @@
+'use strict';
+
+const repo = `boilerplate-craftcms`;
+const opts = {encoding: 'utf8', stdio: 'inherit', cwd: `_Test/_fixtures/${repo}`};
+
+const expect = require('chai').expect;
+const execSync = require('child_process').execSync;
+
+describe('deploy', () => {
+    before(function(){
+        this.timeout(60000 * 10);
+
+        execSync(`git -C _Test/_fixtures clone git@bitbucket.org:fishawackdigital/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
+
+        execSync('fw setup', opts);
+
+        execSync('fw prod', opts);
+    });
+    
+    it(`All ${repo} tests should pass`, async () => {
+        expect(execSync('fw test', opts)).to.not.equal(Error);
+    });
+
+    after(() => {
+        execSync('fw nuke', opts)
+
+        execSync(`rm -rf _Test/_fixtures/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
+    });
+});

package/_Test/boilerplate-drupal.js

@@ -1,6 +1,6 @@
 'use strict';
 
-const repo = `lab-env_boilerplate-drupal`;
+const repo = `boilerplate-drupal`;
 const opts = {encoding: 'utf8', stdio: 'inherit', cwd: `_Test/_fixtures/${repo}`};
 
 const expect = require('chai').expect;
@@ -10,14 +10,14 @@ describe('deploy', () => {
     before(function(){
         this.timeout(60000 * 10);
 
-        execSync(`git clone git@bitbucket.org:fishawackdigital/boilerplate-drupal _Test/_fixtures/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
+        execSync(`git -C _Test/_fixtures clone git@bitbucket.org:fishawackdigital/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
 
         execSync('fw setup', opts);
 
         execSync('fw prod', opts);
     });
     
-    it('All boilerplate-drupal tests should pass', async () => {
+    it(`All ${repo} tests should pass`, async () => {
         expect(execSync('fw test', opts)).to.not.equal(Error);
     });
 

package/_Test/boilerplate-laravel.js

@@ -1,6 +1,6 @@
 'use strict';
 
-const repo = `lab-env_boilerplate-laravel`;
+const repo = `boilerplate-laravel`;
 const opts = {encoding: 'utf8', stdio: 'inherit', cwd: `_Test/_fixtures/${repo}`};
 
 const expect = require('chai').expect;
@@ -10,14 +10,14 @@ describe('deploy', () => {
     before(function(){
         this.timeout(60000 * 10);
 
-        execSync(`git clone git@bitbucket.org:fishawackdigital/boilerplate-laravel _Test/_fixtures/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
+        execSync(`git -C _Test/_fixtures clone git@bitbucket.org:fishawackdigital/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
 
         execSync('fw setup', opts);
 
         execSync('fw prod', opts);
     });
     
-    it('All boilerplate-laravel tests should pass', async () => {
+    it(`All ${repo} tests should pass`, async () => {
         expect(execSync('fw test', opts)).to.not.equal(Error);
     });
 

package/_Test/boilerplate-wordpress.js

@@ -1,6 +1,6 @@
 'use strict';
 
-const repo = `lab-env_boilerplate-wordpress`;
+const repo = `boilerplate-wordpress`;
 const opts = {encoding: 'utf8', stdio: 'inherit', cwd: `_Test/_fixtures/${repo}`};
 
 const expect = require('chai').expect;
@@ -10,14 +10,14 @@ describe('deploy', () => {
     before(function(){
         this.timeout(60000 * 10);
 
-        execSync(`git clone git@bitbucket.org:fishawackdigital/boilerplate-wordpress _Test/_fixtures/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
+        execSync(`git -C _Test/_fixtures clone git@bitbucket.org:fishawackdigital/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
 
         execSync('fw setup', opts);
 
         execSync('fw prod', opts);
     });
     
-    it('All boilerplate-wordpress tests should pass', async () => {
+    it(`All ${repo} tests should pass`, async () => {
         expect(execSync('fw test', opts)).to.not.equal(Error);
     });
 

package/_Test/boilerplate.js

@@ -1,6 +1,6 @@
 'use strict';
 
-const repo = `lab-env_boilerplate`;
+const repo = `boilerplate`;
 const opts = {encoding: 'utf8', stdio: 'inherit', cwd: `_Test/_fixtures/${repo}`};
 
 const expect = require('chai').expect;
@@ -10,14 +10,14 @@ describe('deploy', () => {
     before(function(){
         this.timeout(60000 * 10);
 
-        execSync(`git clone git@bitbucket.org:fishawackdigital/boilerplate _Test/_fixtures/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
+        execSync(`git -C _Test/_fixtures clone git@bitbucket.org:fishawackdigital/${repo}`, {encoding: 'utf8', stdio: 'inherit'});
 
         execSync('fw setup', opts);
 
         execSync('fw prod', opts);
     });
     
-    it('All boilerplate tests should pass', async () => {
+    it(`All ${repo} tests should pass`, async () => {
         expect(execSync('fw test', opts)).to.not.equal(Error);
     });
 

package/cli.js

@@ -15,6 +15,9 @@ const { hideBin } = require('yargs/helpers');
 
 const args = hideBin(process.argv);
 
+// Stop here if docker process not running and command isn't version or origin which don't require docker
+if(!_.services && !(args[0] === 'origin' || args[0] === '--version')) return;
+
 (async () => {
     process.env.REPO = _.repo;
     
@@ -33,12 +36,16 @@ const args = hideBin(process.argv);
         if(_.platform === "laravel"){
             commands.push('artisan');
         }
+        
+        if(_.platform === "craftcms"){
+            commands.push('craft');
+        }
 
         if(_.platform === "drupal"){
             commands.push('drush');
         }
 
-        if(_.platform === "laravel" || _.platform === "drupal"){
+        if(_.platform === "laravel" || _.platform === "drupal" || _.platform === "craftcms"){
             commands.push('composer', 'php');
         }
 

package/commands/artisan.js

@@ -12,4 +12,4 @@ module.exports = [
             });
     },
     argv => _.up(() => execSync(`${_.docker} ${_.exec} php bash -lc "php artisan ${argv.command.join(' ')}"`, _.opts))
-];
+];

package/commands/check.js

@@ -15,8 +15,8 @@ module.exports = [
     argv => {
         execSync(`${_.docker} ${_.run}c "check-dependencies ${argv.v ? '' : '&>/dev/null'} && echo -e '\\033[0;32mNpm deps OK\\033[0m' || { echo -e '\\033[0;31mNpm deps missing or outdated\\033[0m'; }"`, _.opts);
 
-        if(_.platform === "laravel" || _.platform === "drupal"){
+        if(_.platform === "laravel" || _.platform === "drupal" || _.platform === "craftcms" ){
             execSync(`${_.docker} ${_.method} php bash -lc "composer install --dry-run ${argv.v ? '' : '2>&1'} | grep -q 'Nothing to install, update or remove' && echo -e '\\033[0;32mComposer deps OK\\033[0m' || echo -e '\\033[0;31mComposer deps missing or outdated\\033[0m'"`, _.opts);
         }
     }
-];
+];

package/commands/clean.js

@@ -9,8 +9,8 @@ module.exports = [
     argv => {
         execSync(`${_.docker} ${_.run}c "git clean -xfd node_modules/ 2>/dev/null || true"`, _.opts);
 
-        if(_.platform === "laravel" || _.platform === "drupal"){
+        if(_.platform === "laravel" || _.platform === "drupal" || _.platform === "craftcms"){
             execSync(`${_.docker} ${_.method} php bash -lc "git clean -xfd vendor/ 2>/dev/null || true"`, _.opts);
         }
     }
-];
+];

package/commands/craft.js

@@ -0,0 +1,15 @@
+const _ = require('../globals.js');
+
+const execSync = require('child_process').execSync;
+
+module.exports = [
+    ['craft [command...]', 'craft'],
+    'run craft command',
+    yargs => {
+        yargs.positional('command', {
+                describe: 'command to run',
+                default: ''
+            });
+    },
+    argv => _.up(() => execSync(`${_.docker} ${_.exec} php bash -lc "php craft ${argv.command.join(' ')}"`, _.opts))
+];

package/commands/docker/build.js

@@ -3,8 +3,13 @@ const _ = require('../../globals.js');
 const execSync = require('child_process').execSync;
 
 module.exports = [
-    'build',
+    'build [image]',
     false,
-    yargs => {},
-    argv => execSync(`${_.docker} build`, _.opts)
+    yargs => {
+        yargs.positional('image', {
+                describe: 'image to build',
+                default: ''
+            });
+    },
+    argv => execSync(`${_.docker} build ${argv.image}`, _.opts)
 ];

package/commands/docker/rebuild.js

@@ -3,8 +3,13 @@ const _ = require('../../globals.js');
 const execSync = require('child_process').execSync;
 
 module.exports = [
-    'rebuild',
+    'rebuild [image]',
     false,
-    yargs => {},
-    argv => execSync(`${_.docker} build --no-cache`, _.opts)
+    yargs => {
+        yargs.positional('image', {
+                describe: 'image to rebuild',
+                default: ''
+            });
+    },
+    argv => execSync(`${_.docker} build ${argv.image} --no-cache`, _.opts)
 ];

package/commands/docker/volumes.js

@@ -9,7 +9,7 @@ module.exports = [
             'node_modules'
         ];
 
-        if(_.platform === "laravel" || _.platform === "wordpress" || _.platform === "drupal"){
+        if(_.platform === "laravel" || _.platform === "wordpress" || _.platform === "drupal" || _.platform === "craftcms"){
             volumes.push(
                 'mysql'
             );
@@ -27,7 +27,7 @@ module.exports = [
             );
         }
 
-        if(_.platform === "laravel" || _.platform === "drupal"){
+        if(_.platform === "laravel" || _.platform === "drupal" ||  _.platform === "craftcms"){
             volumes.push(
                 'vendor'
             );
@@ -35,4 +35,4 @@ module.exports = [
 
         console.log(`${volumes.map(d => `${_.repo_safe}_${d}`).join('\n')}`);
     }
-];
+];

package/commands/regenerate.js

@@ -9,8 +9,8 @@ module.exports = [
     argv => {
         execSync(`${_.docker} ${_.run}c "rm package-lock.json; git clean -xfd node_modules/ 2>/dev/null || true; npm install"`, _.opts);
 
-        if(_.platform === "laravel" || _.platform === "drupal"){
+        if(_.platform === "laravel" || _.platform === "drupal" || _.platform === "craftcms"){
             execSync(`${_.docker} ${_.method} php bash -lc "rm composer.lock; git clean -xfd vendor/ 2>/dev/null || true; composer install"`, _.opts)
         }
     }
-];
+];

package/commands/setup.js

@@ -7,10 +7,10 @@ module.exports = [
     'runs the initial setup',
     yargs => {},
     argv => {
-        if(_.platform === "laravel" || _.platform === "wordpress" || _.platform === "drupal"){
+        if(_.platform === "laravel" || _.platform === "wordpress" || _.platform === "drupal" || _.platform === "craftcms"){
             _.up(() => execSync(`source ${__dirname}/../intercept.sh && /bin/bash ./_Scripts/setup.sh`, _.opts));
         } else {
             execSync(`${_.docker} ${_.run}c "npm run setup"`, _.opts);
         }
     }
-];
+];

package/commands/start.js

@@ -14,7 +14,7 @@ module.exports = [
     argv => {
         _.ports.get();
         
-        if(_.platform === "laravel" || _.platform === "wordpress" || _.platform === "drupal"){
+        if(_.platform === "laravel" || _.platform === "wordpress" || _.platform === "drupal" || _.platform === "craftcms"){
             _.up(() => execSync(`${_.docker} ${_.exec} core bash -lc "npm start -- -- ${argv.flags.join(' ')}" 2>/dev/null`, _.opts));
         } else {
             execSync(`${_.docker} ${_.run}c "npm start -- -- ${argv.flags.join(' ')}" 2>/dev/null`, _.opts);

package/craftcms/3/docker-compose.yml

@@ -0,0 +1,44 @@
+services:
+  mysql:
+    image: mysql:5.7
+    networks:
+      - default
+    environment:
+      - MYSQL_ROOT_PASSWORD=password
+      - MYSQL_DATABASE=${DB_DATABASE}
+      - MYSQL_USER=${DB_USER}
+      - MYSQL_PASSWORD=${DB_PASSWORD}
+    ports:
+      - "${PORT_DB:-3306}:3306"
+    volumes:
+      - mysql:/var/lib/mysql
+  nginx:
+    image: nginx:1.19
+    networks:
+      - default
+    volumes:
+      - $CWD/:/app
+      - ./nginx/nginx.conf:/etc/nginx/conf.d/default.conf
+    ports:
+      - "${PORT_WEB:-8000}:80"
+  php:
+    build: 
+      context: ./php/
+      dockerfile: Dockerfile
+    image: lab-env/craftcms/3/php:0.0.1
+    init: true
+    working_dir: /app
+    networks:
+      - default
+    volumes:
+      - $CWD/:/app
+      - ./php/custom.conf:/opt/bitnami/php/etc/custom.conf
+      - vendor:/app/vendor
+networks:
+  default:
+    driver: "bridge"
+volumes:
+  vendor:
+    driver: "local"
+  mysql:
+    driver: "local"

package/craftcms/3/nginx/nginx.conf

@@ -0,0 +1,37 @@
+server {
+	listen         80 default_server;
+    listen         [::]:80 default_server;
+	root           /app/web;
+
+    add_header X-Frame-Options "SAMEORIGIN";
+    add_header X-XSS-Protection "1; mode=block";
+    add_header X-Content-Type-Options "nosniff";
+
+    index index.php;
+
+    charset utf-8;
+
+    location / {
+        try_files $uri $uri/ /index.php?$query_string;
+    }
+
+    location = /favicon.ico { access_log off; log_not_found off; }
+    location = /robots.txt  { access_log off; log_not_found off; }
+
+    error_page 404 /index.php;
+
+    location ~ \.php$ {
+		fastcgi_pass	php:9000;
+		include         fastcgi_params;
+		fastcgi_param   SCRIPT_FILENAME    $document_root$fastcgi_script_name;
+		fastcgi_param   SCRIPT_NAME        $fastcgi_script_name;
+    }
+
+    location ~ \.(bmp|cur|gif|ico|jpe?g|png|svgz?|webp|pdf|dzi)$ {    
+        add_header Access-Control-Allow-Origin *;  
+    }
+
+    location ~ /\.(?!well-known).* {
+        deny all;
+    }
+}

package/craftcms/3/php/Dockerfile

@@ -0,0 +1,17 @@
+FROM chialab/php:7.4-fpm
+
+MAINTAINER Mike Mellor
+
+# Install mysql client
+RUN apt-get update && \
+    apt-get install -y mariadb-client
+
+# Install Imagemagick
+RUN apt-get install -y libmagickwand-dev --no-install-recommends
+
+# PHP Imagick ext
+RUN pecl install imagick && docker-php-ext-enable imagick
+
+# Cleanup apt-get install folders
+RUN apt-get clean && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

package/craftcms/3/php/custom.conf

@@ -0,0 +1,9 @@
+[www]
+user = www-data
+group = www-data
+ 
+listen.owner = www-data
+listen.group = www-data
+listen.mode = 0660
+
+extension=oauth.so

package/drupal/9/docker-compose.yml

@@ -33,6 +33,7 @@ services:
     build: 
       context: ./php/
       dockerfile: Dockerfile
+    image: lab-env/drupal/9/php:0.0.2
     init: true
     working_dir: /app
     networks:
@@ -42,6 +43,7 @@ services:
     volumes:
       - $CWD/:/app
       - ./php/custom.ini:/usr/local/etc/php/conf.d/custom.ini
+      - ./php/policy.xml:/etc/ImageMagick-6/policy.xml
       - $CWD/themes:/app/web/themes
       - $CWD/modules:/app/web/modules
       - $CWD/sites:/app/web/sites

package/drupal/9/php/Dockerfile

@@ -6,6 +6,15 @@ MAINTAINER Mike Mellor
 RUN apt-get update && \
     apt-get install -y mariadb-client
 
+# Install Imagemagick
+RUN apt-get install -y libmagickwand-dev --no-install-recommends
+
+# PHP Imagick ext
+RUN pecl install imagick && docker-php-ext-enable imagick
+
+# Install ghostscript
+RUN apt-get install -y ghostscript
+
 # Cleanup apt-get install folders
 RUN apt-get clean && \
     rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

package/drupal/9/php/policy.xml

@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policymap [
+  <!ELEMENT policymap (policy)*>
+  <!ATTLIST policymap xmlns CDATA #FIXED ''>
+  <!ELEMENT policy EMPTY>
+  <!ATTLIST policy xmlns CDATA #FIXED '' domain NMTOKEN #REQUIRED
+    name NMTOKEN #IMPLIED pattern CDATA #IMPLIED rights NMTOKEN #IMPLIED
+    stealth NMTOKEN #IMPLIED value CDATA #IMPLIED>
+]>
+<!--
+  Configure ImageMagick policies.
+
+  Domains include system, delegate, coder, filter, path, or resource.
+
+  Rights include none, read, write, execute and all.  Use | to combine them,
+  for example: "read | write" to permit read from, or write to, a path.
+
+  Use a glob expression as a pattern.
+
+  Suppose we do not want users to process MPEG video images:
+
+    <policy domain="delegate" rights="none" pattern="mpeg:decode" />
+
+  Here we do not want users reading images from HTTP:
+
+    <policy domain="coder" rights="none" pattern="HTTP" />
+
+  The /repository file system is restricted to read only.  We use a glob
+  expression to match all paths that start with /repository:
+
+    <policy domain="path" rights="read" pattern="/repository/*" />
+
+  Lets prevent users from executing any image filters:
+
+    <policy domain="filter" rights="none" pattern="*" />
+
+  Any large image is cached to disk rather than memory:
+
+    <policy domain="resource" name="area" value="1GP"/>
+
+  Use the default system font unless overwridden by the application:
+
+    <policy domain="system" name="font" value="/usr/share/fonts/favorite.ttf"/>
+
+  Define arguments for the memory, map, area, width, height and disk resources
+  with SI prefixes (.e.g 100MB).  In addition, resource policies are maximums
+  for each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
+  exceeds policy maximum so memory limit is 1GB).
+
+  Rules are processed in order.  Here we want to restrict ImageMagick to only
+  read or write a small subset of proven web-safe image types:
+
+    <policy domain="delegate" rights="none" pattern="*" />
+    <policy domain="filter" rights="none" pattern="*" />
+    <policy domain="coder" rights="none" pattern="*" />
+    <policy domain="coder" rights="read|write" pattern="{GIF,JPEG,PNG,WEBP}" />
+-->
+<policymap>
+  <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
+  <policy domain="resource" name="memory" value="256MiB"/>
+  <policy domain="resource" name="map" value="512MiB"/>
+  <policy domain="resource" name="width" value="16KP"/>
+  <policy domain="resource" name="height" value="16KP"/>
+  <!-- <policy domain="resource" name="list-length" value="128"/> -->
+  <policy domain="resource" name="area" value="128MP"/>
+  <policy domain="resource" name="disk" value="1GiB"/>
+  <!-- <policy domain="resource" name="file" value="768"/> -->
+  <!-- <policy domain="resource" name="thread" value="4"/> -->
+  <!-- <policy domain="resource" name="throttle" value="0"/> -->
+  <!-- <policy domain="resource" name="time" value="3600"/> -->
+  <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
+  <!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->
+  <!-- <policy domain="path" rights="none" pattern="@*" /> -->
+  <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
+  <!-- <policy domain="cache" name="synchronize" value="True"/> -->
+  <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> -->
+  <!-- <policy domain="system" name="max-memory-request" value="256MiB"/> -->
+  <!-- <policy domain="system" name="shred" value="2"/> -->
+  <!-- <policy domain="system" name="precision" value="6"/> -->
+  <!-- <policy domain="system" name="font" value="/path/to/font.ttf"/> -->
+  <!-- <policy domain="system" name="pixel-cache-memory" value="anonymous"/> -->
+  <!-- <policy domain="system" name="shred" value="2"/> -->
+  <!-- <policy domain="system" name="precision" value="6"/> -->
+  <!-- not needed due to the need to use explicitly by mvg: -->
+  <!-- <policy domain="delegate" rights="none" pattern="MVG" /> -->
+  <!-- use curl -->
+  <policy domain="delegate" rights="none" pattern="URL" />
+  <policy domain="delegate" rights="none" pattern="HTTPS" />
+  <policy domain="delegate" rights="none" pattern="HTTP" />
+  <!-- in order to avoid to get image with password text -->
+  <policy domain="path" rights="none" pattern="@*"/>
+  <!-- disable ghostscript format types -->
+  <!-- <policy domain="coder" rights="none" pattern="PS" />
+  <policy domain="coder" rights="none" pattern="PS2" />
+  <policy domain="coder" rights="none" pattern="PS3" />
+  <policy domain="coder" rights="none" pattern="EPS" />
+  <policy domain="coder" rights="none" pattern="PDF" />
+  <policy domain="coder" rights="none" pattern="XPS" /> -->
+</policymap>

package/globals.js

@@ -37,6 +37,8 @@ if(composer && composer.require && composer.require['laravel/framework']){
     platform = 'laravel';
 } else if(composer && composer.require && composer.require['drupal/core-recommended']){
     platform = 'drupal';
+} else if(composer && composer.require && composer.require['craftcms/cms']){
+    platform = 'craftcms';
 } else if(wordpress) {
     platform = 'wordpress';
 } else {
@@ -78,17 +80,28 @@ if(platform === 'laravel'){
     }
     
     docker = `docker-compose --env-file ${path.join(process.cwd(), '.env')} -f ${__dirname}/drupal/9/docker-compose.yml ${core} -p ${repo}`;
+} else if(platform === "craftcms"){
+    if(!existsSync(path.join(process.cwd(), '.env'))){
+        copyFileSync(path.join(process.cwd(), '.env.example'), path.join(process.cwd(), '.env'));
+    }
+
+    docker = `docker-compose --env-file ${path.join(process.cwd(), '.env')} -f ${__dirname}/craftcms/3/docker-compose.yml ${core} -p ${repo}`;
 } else  {
     docker = `docker-compose ${core} -p ${repo}`;
 }
 
-services = execSync(`${docker} ps --services --filter "status=running"`, {encoding: 'utf8'});
-running = services.trim().length;
-exec = `exec ${process.env.CI_BUILD_ID ? '-T' : ''}`;
-method = running ? exec : 'run --rm --service-ports';
-run = `${method} core bash -l`;
+try{
+    services = execSync(`${docker} ps --services --filter "status=running" 2>/dev/null`, {encoding: 'utf8'});
+    running = services.trim().length;
+    exec = `exec ${process.env.CI_BUILD_ID ? '-T' : ''}`;
+    method = running ? exec : 'run --rm --service-ports';
+    run = `${method} core bash -l`;
+} catch(e){
+    console.log("Docker does not appear to be running...");
+}
 
 module.exports = {
+    services,
     platform,
     repo,
     repo_safe: repo.replace(/\./g, ''),
@@ -105,7 +118,7 @@ module.exports = {
                 process.env.PORT = await getPort({port: getPort.makeRange(3000, 3100)});
                 process.env.PORT_OPT = +process.env.PORT + 1;
         
-                if(platform === "laravel" || platform === "wordpress" || platform === "drupal"){
+                if(platform === "laravel" || platform === "wordpress" || platform === "drupal" || platform === "craftcms"){
                     process.env.PORT_WEB = await getPort({port: getPort.makeRange(8000, 8100)});
                     process.env.PORT_DB = await getPort({port: getPort.makeRange(3306, 3406)});
                 }
@@ -117,7 +130,7 @@ module.exports = {
                     process.env.PORT = ports.PORT;
                     process.env.PORT_OPT = ports.PORT_OPT;
             
-                    if(platform === "laravel" || platform === "wordpress" || platform === "drupal"){
+                    if(platform === "laravel" || platform === "wordpress" || platform === "drupal" || platform === "craftcms"){
                         process.env.PORT_WEB = ports.PORT_WEB;
                         process.env.PORT_DB = ports.PORT_DB;
                     }
@@ -148,4 +161,4 @@ module.exports = {
             if(!running) execSync(`lab-env down`, opts);
         }
     }
-};
+};

package/intercept.sh

@@ -16,6 +16,10 @@ artisan(){
     command lab-env artisan "$@"
 }
 
+craft(){
+    command lab-env craft "$@"
+}
+
 php(){
     command lab-env php "$@"
 }
@@ -36,7 +40,8 @@ export -f npm;
 export -f composer;
 export -f drush;
 export -f artisan;
+export -f craft;
 export -f php;
 export -f chown;
 export -f chmod;
-export -f sed;
+export -f sed;

package/laravel/8/docker-compose.yml

@@ -22,7 +22,10 @@ services:
     ports:
       - "${PORT_WEB:-8000}:80"
   php:
-    image: chialab/php:7.3-fpm
+    build: 
+      context: ./php/
+      dockerfile: Dockerfile
+    image: lab-env/laravel/8/php:0.0.1
     init: true
     working_dir: /app
     networks:
@@ -30,6 +33,7 @@ services:
     volumes:
       - $CWD/:/app
       - ./php/custom.conf:/opt/bitnami/php/etc/custom.conf
+      - ./php/policy.xml:/etc/ImageMagick-6/policy.xml
       - vendor:/app/vendor
   redis:
     image: redis:alpine
@@ -46,4 +50,4 @@ volumes:
   mysql:
     driver: "local"
   redis:
-    driver: "local"
+    driver: "local"

package/laravel/8/php/Dockerfile

@@ -0,0 +1,17 @@
+FROM chialab/php:7.4-fpm
+
+MAINTAINER Mike Mellor
+
+# Install Imagemagick
+RUN apt-get update && \
+    apt-get install -y libmagickwand-dev --no-install-recommends
+
+# PHP Imagick ext
+RUN pecl install imagick && docker-php-ext-enable imagick
+
+# Install ghostscript
+RUN apt-get install -y ghostscript
+
+# Cleanup apt-get install folders
+RUN apt-get clean && \
+    rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*

package/laravel/8/php/custom.conf

@@ -5,3 +5,5 @@ group = www-data
 listen.owner = www-data
 listen.group = www-data
 listen.mode = 0660
+
+extension=oauth.so

package/laravel/8/php/policy.xml

@@ -0,0 +1,99 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE policymap [
+  <!ELEMENT policymap (policy)*>
+  <!ATTLIST policymap xmlns CDATA #FIXED ''>
+  <!ELEMENT policy EMPTY>
+  <!ATTLIST policy xmlns CDATA #FIXED '' domain NMTOKEN #REQUIRED
+    name NMTOKEN #IMPLIED pattern CDATA #IMPLIED rights NMTOKEN #IMPLIED
+    stealth NMTOKEN #IMPLIED value CDATA #IMPLIED>
+]>
+<!--
+  Configure ImageMagick policies.
+
+  Domains include system, delegate, coder, filter, path, or resource.
+
+  Rights include none, read, write, execute and all.  Use | to combine them,
+  for example: "read | write" to permit read from, or write to, a path.
+
+  Use a glob expression as a pattern.
+
+  Suppose we do not want users to process MPEG video images:
+
+    <policy domain="delegate" rights="none" pattern="mpeg:decode" />
+
+  Here we do not want users reading images from HTTP:
+
+    <policy domain="coder" rights="none" pattern="HTTP" />
+
+  The /repository file system is restricted to read only.  We use a glob
+  expression to match all paths that start with /repository:
+
+    <policy domain="path" rights="read" pattern="/repository/*" />
+
+  Lets prevent users from executing any image filters:
+
+    <policy domain="filter" rights="none" pattern="*" />
+
+  Any large image is cached to disk rather than memory:
+
+    <policy domain="resource" name="area" value="1GP"/>
+
+  Use the default system font unless overwridden by the application:
+
+    <policy domain="system" name="font" value="/usr/share/fonts/favorite.ttf"/>
+
+  Define arguments for the memory, map, area, width, height and disk resources
+  with SI prefixes (.e.g 100MB).  In addition, resource policies are maximums
+  for each instance of ImageMagick (e.g. policy memory limit 1GB, -limit 2GB
+  exceeds policy maximum so memory limit is 1GB).
+
+  Rules are processed in order.  Here we want to restrict ImageMagick to only
+  read or write a small subset of proven web-safe image types:
+
+    <policy domain="delegate" rights="none" pattern="*" />
+    <policy domain="filter" rights="none" pattern="*" />
+    <policy domain="coder" rights="none" pattern="*" />
+    <policy domain="coder" rights="read|write" pattern="{GIF,JPEG,PNG,WEBP}" />
+-->
+<policymap>
+  <!-- <policy domain="resource" name="temporary-path" value="/tmp"/> -->
+  <policy domain="resource" name="memory" value="256MiB"/>
+  <policy domain="resource" name="map" value="512MiB"/>
+  <policy domain="resource" name="width" value="16KP"/>
+  <policy domain="resource" name="height" value="16KP"/>
+  <!-- <policy domain="resource" name="list-length" value="128"/> -->
+  <policy domain="resource" name="area" value="128MP"/>
+  <policy domain="resource" name="disk" value="1GiB"/>
+  <!-- <policy domain="resource" name="file" value="768"/> -->
+  <!-- <policy domain="resource" name="thread" value="4"/> -->
+  <!-- <policy domain="resource" name="throttle" value="0"/> -->
+  <!-- <policy domain="resource" name="time" value="3600"/> -->
+  <!-- <policy domain="coder" rights="none" pattern="MVG" /> -->
+  <!-- <policy domain="module" rights="none" pattern="{PS,PDF,XPS}" /> -->
+  <!-- <policy domain="path" rights="none" pattern="@*" /> -->
+  <!-- <policy domain="cache" name="memory-map" value="anonymous"/> -->
+  <!-- <policy domain="cache" name="synchronize" value="True"/> -->
+  <!-- <policy domain="cache" name="shared-secret" value="passphrase" stealth="true"/> -->
+  <!-- <policy domain="system" name="max-memory-request" value="256MiB"/> -->
+  <!-- <policy domain="system" name="shred" value="2"/> -->
+  <!-- <policy domain="system" name="precision" value="6"/> -->
+  <!-- <policy domain="system" name="font" value="/path/to/font.ttf"/> -->
+  <!-- <policy domain="system" name="pixel-cache-memory" value="anonymous"/> -->
+  <!-- <policy domain="system" name="shred" value="2"/> -->
+  <!-- <policy domain="system" name="precision" value="6"/> -->
+  <!-- not needed due to the need to use explicitly by mvg: -->
+  <!-- <policy domain="delegate" rights="none" pattern="MVG" /> -->
+  <!-- use curl -->
+  <policy domain="delegate" rights="none" pattern="URL" />
+  <policy domain="delegate" rights="none" pattern="HTTPS" />
+  <policy domain="delegate" rights="none" pattern="HTTP" />
+  <!-- in order to avoid to get image with password text -->
+  <policy domain="path" rights="none" pattern="@*"/>
+  <!-- disable ghostscript format types -->
+  <!-- <policy domain="coder" rights="none" pattern="PS" />
+  <policy domain="coder" rights="none" pattern="PS2" />
+  <policy domain="coder" rights="none" pattern="PS3" />
+  <policy domain="coder" rights="none" pattern="EPS" />
+  <policy domain="coder" rights="none" pattern="PDF" />
+  <policy domain="coder" rights="none" pattern="XPS" /> -->
+</policymap>

package/package.json

@@ -1,10 +1,10 @@
 {
   "name": "@fishawack/lab-env",
-  "version": "1.15.0",
+  "version": "1.18.0",
   "description": "Docker manager for FW",
   "main": "cli.js",
   "scripts": {
-    "test": "rm -rf _Test/_fixtures && mocha _Test/*.js --timeout 120s --bail",
+    "test": "rm -rf _Test/_fixtures && mkdir _Test/_fixtures && mocha _Test/*.js --timeout 120s --bail",
     "preversion": "npm test",
     "postversion": "git push && git push --tags && npm publish",
     "postpublish": "git checkout development && git merge master && git push"