Metadata Valid
No translation
See https://github.com/voxpupuli/puppet-php/issues/581
In short, replaces all explicit definitions of a Puppet Package resource
with an instance of puppetlabs-stdlib's ensure_packages.
<!--
Thank you for contributing to this project!
-->
Use the puppetlabs-stdlib ensure_packages function instead of Puppet package {} resources directly to avoid conflicting with other definitions of the package.
Fixes #581
<!--
Thank you for contributing to this project!
-->
<!--
Replace this comment with a description of your pull request.
-->
Download stable version of composer as opposed to snapshot
<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->
Fixes #575
Add php version definition for Ubuntu 20.04
<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->
Is there a reason to not manage this via data in modules/hiera?
Allow configuration files to be purged.
Not directly releated but similar to https://github.com/voxpupuli/puppet-php/issues/237
No existing issue was created, we had a need for this functionality so we added it to our fork. Looking to contribute it back.
Adding the option to set process.dumpable
If process.dumpable is disabled core dumps cannot be captured on segfaults even if rlimit_core is set because of the following change to PHP:
Fixes a glitch introduced in #479.
When an extension is zend = true, there is no extension entry in the $final_settings hash, but a zend_extension one.
/cc @amateo
Following https://github.com/puppetlabs/puppetlabs-apache/pull/1749#issuecomment-358125758, I adapted to puppet-php.
For now it is just part of settings, not sure if it should be differentiated.
Risk: users silently overwriting it vs potential post-adaption needed
Potentially more settings to add.
This fixes the pecl provider autoloading the pear provider. On Puppet 4.9.4, I get the following error:
Puppet::Error:
Could not autoload puppet/type/package: Could not autoload puppet/provider/package/pecl: cannot load such file -- puppet/provider/pear
It doesn't seem to happen on Puppet 3. This is fixed by requiring pear explicitly in the pecl provider code.
This PR prevents the creation of the hardcoded pid file directory if it is not used.
Fixes #501
Identify whether PHP extension posix installation is idempotent
Identify whether PHP extension iconv installation is idempotent
Identify whether PHP extension dom installation is idempotent
Identify whether PHP extension imagick installation is idempotent
Identify whether PHP extension ctype installation is idempotent
Identify whether PHP extension xmlwriter installation is idempotent
Identify whether PHP extension apcu installation is idempotent
<!--
Thank you for contributing to this project!
-->
Allow sury repo for PHP >= 7.1.
<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->
We noticed that your Puppet module includes Puppet 3.x function(s) and created
this pull request to help you get started porting them to the new API.
The Puppet function API has a long history and many people in the ecosystem,
including you, took advantage of this API to extend Puppet to do some really
cool things. Unfortunately the original function API had many critical
limitations, and so Puppet introduced a new and improved API with Puppet 4.x.
Each modern Puppet 4.x function is just a little faster and just a little safer
to use, meaning that as we all port our functions over, compilation times across
the ecosystem will get more and more performant. Modern Puppet 4.x functions
have improved thread safety, memory management, and load time. Even more
importantly, they’re isolated to the environment they’re loaded from.
And as a developer, you'll see benefits like namespaced function signatures,
automatic data type checking, multiple dispatches allowing you to easily handle
different kinds of function invocations, and vastly improved code reuse.
This pull request was autogenerated and the ported functions do not yet take
advantage of the data type checking or multiple dispatches. You will want to
finish the port by making those changes and adding any documentation updates.
See this tutorial for more information.
While you're at it, double check to see if there are any functions that couldn't
be automatically ported and update them yourself.
To be extra cautious about losing data, this pull request did NOT delete the
legacy function files, so when you're satisfied with the new functions, don't
forget to delete the legacy code!
If this repo is a fork, when you're all done, you might consider contributing
your work upstream.
If you have any questions, feel free to ping me in this PR, or stop by the
Puppet Community Slack to chat. And thanks so much
for being part of our vibrant community of developers!
Enhance acceptance tests
(TODO)
<!--
Thank you for contributing to this project!
-->
<!--
Adding php 7 support for RHEL variants via remi repositories.
PHP version can now be defined using the global php_version variable for RHEL variants.
Support for PHP 7.0, 7.1 and 7.2 added.
-->
<!--
Replace this comment with the list of issues or n/a.
Use format:
Fixes #123
Fixes #124
-->
Identify whether PHP extension xmlreader installation is idempotent
If php::settings are changed and Apaches mod_php is used the Apache httpd must be restarted to re-read the config files.
This PR adds an option to identify the name of the Puppet Service resource to enable a restart of Apache httpd.
This PR adds validation check for fpm and fpm pools configuration file before applying changes.
Having introduced a misconfiguration on php-fpm that avoid the service to start normally (pm.start_servers > pm.max_spare_servers), catalog application was successfull but service failed to restart.
[13-Feb-2020 20:48:24] ALERT: [pool www] pm.start_servers(80) must not be less than pm.min_spare_servers(24) and not greater than pm.max_spare_servers(64)
[13-Feb-2020 20:48:24] ERROR: failed to post process the configuration
<!--
Thank you for contributing to this project!
-->
beaker-vagrant to gemfile (see details in commit message for why)Note: This changes the default version string of $php::globals::globals_php_version from 5.x to 5.6 on non-Debian/Ubuntu because we really should use sane version strings in such variables so we can re-use them elsewhere (like in php::repo::redhat for remi repo). I anticipate the versioning in php::globals will be cleaned up eventually. (I'll volunteer too.) It doesn't look like this change will have any adverse effects.
If merged, this PR obsoletes the following PRs: (Sorry, I'm impatient and they don't look like they're going anywhere)
- https://github.com/voxpupuli/puppet-php/pull/495
- https://github.com/voxpupuli/puppet-php/pull/509
Fixes #480
Add support for apparmor_hat directive. This allows a php-fpm binary contained by an Apparmor profile to switch to a more specific profile (hat in apparmor parlance) tailored to the FPM pool serving the request.
Here is an example of Apparmor profile including a hat called 'foo' for the pool serving a WordPress instance:
```
/usr/sbin/php-fpm7.2 {
#include
#include
#include
capability chown,
capability dacoverride,
capability kill,
capability setuid,
capability setgid,
capability syschroot,
# slowlog
capability sys_ptrace,
ptrace (trace) peer=/usr/sbin/php-fpm7.2//*,
/etc/php/7.2/fpm/php-fpm.conf r,
/etc/php/7.2/fpm/pool.d/*.conf r,
/etc/ssl/openssl.cnf r,
/usr/sbin/php-fpm7.2 rmix,
owner /var/log/php7.2-fpm.log w,
owner /var/log/php-fpm/*.log.slow rw,
/run/php/php7.2-fpm.pid w,
/run/systemd/notify w,
# Unix sockets
/run/php/*.sock rw,
# XXX: weird that php7.2-fpm tests writing to /
deny / rw,
# aachangehat
@{PROC}/@{pids}/attr/current rw,
signal (send) set=(cont,quit,kill,term) peer=/usr/sbin/php-fpm7.2//,
change_profile /usr/sbin/php-fpm7.2 -> /usr/sbin/php-fpm7.2//,
# hats
foo {
#include
#include
#include
signal (receive) set=(cont,kill,quit,term) peer=/usr/sbin/php-fpm7.2,
/usr/sbin/php-fpm7.2 mr,
/var/log/php-fpm/foo-slow.log w,
# Unix sockets
/run/php/foo-fpm.sock rw,
/run/mysqld/mysqld.sock rw,
audit deny /var/www/foo/.php w,
/var/www/foo/ r,
owner /var/www/foo/wp-content/** w,
}
}
```
The php-fpm config would contain this:
```
[foo]
...
; Apparmor hat to change to
apparmor_hat = foo
```
Note: the above profile was tested on Ubuntu 18.04 with php-fpm from the Ubuntu repos. This version is compiled with Apparmor hat support which might not be the case for every distros.