Fix CI deprecations and upgrade Symfony to 7.4 LTS

.docker/nginx.conf

@@ -17,9 +17,7 @@ http {
     include       /etc/nginx/mime.types;
     default_type  application/octet-stream;
 
-    set_real_ip_from 172.16.0.0/16;
-    real_ip_recursive on;
-    real_ip_header X-Forwarded-For;
+    # Note: set_real_ip_from is set in the server block
 
     log_format  main  '$http_x_real_ip - $remote_user [$time_local] "$request" '
                       '$status $body_bytes_sent "$http_referer" '

.docker/templates/default.conf.template

@@ -6,11 +6,20 @@ server {
 
     client_max_body_size ${NGINX_MAX_BODY_SIZE};
 
-    # This also needs to be set in the single server tag and not only in http.
     set_real_ip_from 172.16.0.0/16;
+    set_real_ip_from 192.168.39.0/24;
     real_ip_recursive on;
     real_ip_header X-Forwarded-For;
 
+    location = /cron-metrics {
+        # Proxy to supercronic metrics
+        proxy_pass http://${NGINX_CRON_METRICS}/metrics;
+        proxy_set_header Host $host;
+        proxy_set_header X-Real-IP $remote_addr;
+        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        proxy_set_header X-Forwarded-Proto $scheme;
+    }
+
     location / {
         # try to serve file directly, fallback to index.php
         try_files $uri /index.php$is_args$args;

.env

@@ -1,6 +1,7 @@
 # Use by development docker setup.
 COMPOSE_PROJECT_NAME=aapodwalk-api
 COMPOSE_DOMAIN=aapodwalk-api.local.itkdev.dk
+ITKDEV_TEMPLATE=symfony-6
 
 APP_ENV=dev
 APP_SECRET=d37a780dd60d47975253e1359b650db2

.github/workflows/apispec.yaml

@@ -0,0 +1,26 @@
+name: API Specification
+
+env:
+    COMPOSE_USER: runner
+
+on:
+    pull_request:
+    push:
+        branches:
+            - main
+            - develop
+
+jobs:
+    apispec:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v5
+              with:
+                  fetch-depth: 2
+            - name: Create docker network
+              run: docker network create frontend
+            - run: |
+                  docker compose run --rm phpfpm composer install
+                  docker compose run --rm phpfpm bin/console api:openapi:export --yaml --output=public/api-spec-v1.yaml --no-interaction
+            - name: Check for changes in specifications
+              run: git diff --diff-filter=ACMRT --exit-code public/api-spec-v1.yaml

.github/workflows/assets.yaml

@@ -0,0 +1,22 @@
+name: Assets
+
+env:
+    COMPOSE_USER: runner
+
+on:
+    pull_request:
+    push:
+        branches:
+            - main
+            - develop
+
+jobs:
+    assets:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v5
+            - name: Create docker network
+              run: docker network create frontend
+            - run: |
+                  docker compose run --rm --user root phpfpm composer install --no-scripts
+                  docker compose run --rm --user root phpfpm bin/console biomejs:ci .

.github/workflows/build_release.yml

@@ -1,7 +1,7 @@
 on:
   push:
     tags:
-      - '*.*.*'
+      - "*.*.*"
 
 name: Create Github Release
 

.github/workflows/changelog.yaml

@@ -0,0 +1,29 @@
+# Do not edit this file! Make a pull request on changing
+# github/workflows/changelog.yaml in
+# https://github.com/itk-dev/devops_itkdev-docker if need be.
+
+### ### Changelog
+###
+### Checks that changelog has been updated
+
+name: Changelog
+
+on:
+    pull_request:
+
+jobs:
+    changelog:
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v5
+              with:
+                  fetch-depth: 2
+
+            - name: Git fetch
+              run: git fetch
+
+            - name: Check that changelog has been updated.
+              run: git diff --exit-code origin/${{ github.base_ref }} -- CHANGELOG.md && exit 1 || exit 0

.github/workflows/composer.yaml

@@ -0,0 +1,80 @@
+# Do not edit this file! Make a pull request on changing
+# github/workflows/composer.yaml in
+# https://github.com/itk-dev/devops_itkdev-docker if need be.
+
+### ### Composer
+###
+### Validates composer.json and checks that it's normalized.
+###
+### #### Assumptions
+###
+### 1. A docker compose service named `phpfpm` can be run and `composer` can be
+###    run inside the `phpfpm` service.
+### 2. [ergebnis/composer-normalize](https://github.com/ergebnis/composer-normalize)
+###    is a dev requirement in `composer.json`:
+###
+###    ``` shell
+###    docker compose run --rm phpfpm composer require --dev ergebnis/composer-normalize
+###    ```
+###
+###    Normalize `composer.json` by running
+###
+###    ``` shell
+###    docker compose run --rm phpfpm composer normalize
+###    ```
+
+name: Composer
+
+env:
+    COMPOSE_USER: runner
+
+on:
+    pull_request:
+    push:
+        branches:
+            - main
+            - develop
+
+jobs:
+    composer-validate:
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+        steps:
+            - uses: actions/checkout@v5
+
+            - name: Create docker network
+              run: |
+                  docker network create frontend
+
+            - run: |
+                  docker compose run --rm phpfpm composer validate --strict
+
+    composer-normalized:
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+        steps:
+            - uses: actions/checkout@v5
+
+            - name: Create docker network
+              run: |
+                  docker network create frontend
+
+            - run: |
+                  docker compose run --rm phpfpm composer install
+                  docker compose run --rm phpfpm composer normalize --dry-run
+
+    composer-audit:
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+        steps:
+            - uses: actions/checkout@v5
+
+            - name: Create docker network
+              run: |
+                  docker network create frontend
+
+            - run: |
+                  docker compose run --rm phpfpm composer audit

.github/workflows/doctrine.yaml

@@ -0,0 +1,34 @@
+name: Doctrine
+
+env:
+    COMPOSE_USER: runner
+
+on:
+    pull_request:
+    push:
+        branches:
+            - main
+            - develop
+
+jobs:
+    validate-doctrine-schema:
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v5
+
+            - name: Create docker network
+              run: docker network create frontend
+
+            - name: Start MariaDB
+              run: docker compose up -d mariadb
+
+            - name: Wait for MariaDB to be ready
+              run: |
+                  until docker compose exec mariadb mysqladmin ping --silent 2>/dev/null; do
+                    sleep 1
+                  done
+
+            - run: |
+                  docker compose run --rm phpfpm composer install
+                  docker compose run --rm phpfpm bin/console doctrine:migrations:migrate --no-interaction
+                  docker compose run --rm phpfpm bin/console doctrine:schema:validate

.github/workflows/javascript.yaml

@@ -0,0 +1,37 @@
+# Do not edit this file! Make a pull request on changing
+# github/workflows/symfony/javascript.yaml in
+# https://github.com/itk-dev/devops_itkdev-docker if need be.
+
+### ### Symfony JavaScript (and TypeScript)
+###
+### Validates JavaScript files.
+###
+### #### Assumptions
+###
+### 1. A docker compose service named `prettier` for running
+###    [Prettier](https://prettier.io/) exists.
+
+name: JavaScript
+
+on:
+    pull_request:
+    push:
+        branches:
+            - main
+            - develop
+
+jobs:
+    javascript-lint:
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v5
+
+            - name: Create docker network
+              run: |
+                  docker network create frontend
+
+            - run: |
+                  docker compose run --rm prettier 'assets/**/*.js' --check

.github/workflows/markdown.yaml

@@ -0,0 +1,44 @@
+# Do not edit this file! Make a pull request on changing
+# github/workflows/markdown.yaml in
+# https://github.com/itk-dev/devops_itkdev-docker if need be.
+
+### ### Markdown
+###
+### Lints Markdown files (`**/*.md`) in the project.
+###
+### [markdownlint-cli configuration
+### files](https://github.com/igorshubovych/markdownlint-cli?tab=readme-ov-file#configuration),
+### `.markdownlint.jsonc` and `.markdownlintignore`, control what is actually
+### linted and how.
+###
+### #### Assumptions
+###
+### 1. A docker compose service named `markdownlint` for running `markdownlint`
+###    (from
+###    [markdownlint-cli](https://github.com/igorshubovych/markdownlint-cli))
+###    exists.
+
+name: Markdown
+
+on:
+    pull_request:
+    push:
+        branches:
+            - main
+            - develop
+
+jobs:
+    markdown-lint:
+        runs-on: ubuntu-latest
+        strategy:
+            fail-fast: false
+        steps:
+            - name: Checkout
+              uses: actions/checkout@v5
+
+            - name: Create docker network
+              run: |
+                  docker network create frontend
+
+            - run: |
+                  docker compose run --rm markdownlint markdownlint '**/*.md'

.github/workflows/php.yaml

@@ -0,0 +1,60 @@
+# Do not edit this file! Make a pull request on changing
+# github/workflows/symfony/php.yaml in
+# https://github.com/itk-dev/devops_itkdev-docker if need be.
+
+### ### Symfony PHP
+###
+### Checks that PHP code adheres to the [Symfony coding
+### standards](https://symfony.com/doc/current/contributing/code/standards.html).
+###
+### #### Assumptions
+###
+### 1. A docker compose service named `phpfpm` can be run and `composer` can be
+###    run inside the `phpfpm` service. 2.
+###    [friendsofphp/php-cs-fixer](https://github.com/PHP-CS-Fixer/PHP-CS-Fixer)
+###    is a dev requirement in `composer.json`:
+###
+###    ``` shell
+###    docker compose run --rm phpfpm composer require --dev friendsofphp/php-cs-fixer
+###    ```
+###
+###    Clean up and check code by running
+###
+###    ``` shell
+###    docker compose run --rm phpfpm vendor/bin/php-cs-fixer fix
+###    docker compose run --rm phpfpm vendor/bin/php-cs-fixer fix --dry-run --diff
+###    ```
+###
+### > [!NOTE] The template adds `.php-cs-fixer.dist.php` as [a configuration
+### > file for PHP CS
+### > Fixer](https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/blob/master/doc/config.rst)
+### > and this makes it possible to override the actual configuration used in a
+### > project by adding a more important configuration file, `.php-cs-fixer.php`.
+
+name: Symfony PHP
+
+env:
+    COMPOSE_USER: runner
+
+on:
+    pull_request:
+    push:
+        branches:
+            - main
+            - develop
+
+jobs:
+    coding-standards:
+        name: PHP - Check Coding Standards
+        runs-on: ubuntu-latest
+        steps:
+            - uses: actions/checkout@v5
+
+            - name: Create docker network
+              run: |
+                  docker network create frontend
+
+            - run: |
+                  docker compose run --rm phpfpm composer install
+                  # https://github.com/PHP-CS-Fixer/PHP-CS-Fixer/blob/master/doc/usage.rst#the-check-command
+                  docker compose run --rm phpfpm vendor/bin/php-cs-fixer fix --dry-run --diff