Merge pull request #58 from sambauers/master

Update CHANGELOG, bump secure PHP versions, add secure warning toggle, upgrade instructions.

Author: mattheath

CHANGELOG.md

@@ -1,3 +1,70 @@
+## 2.0.0 ##
+
+* Use Hiera for configs
+* Allow configure params on PHP builds
+* Add PThreads extension
+* Update cardboard to 2.1.0 and update tests
+* Add support for PHP 5.6+
+* Add insecure PHP version warnings
+* Make Composer version configurable
+* Remove version specific PHP classes allowing arbitrary PHP versions
+
+## 1.2.6 ##
+
+* Fix autoconf 2.13 sandboxing
+
+## 1.2.5 ##
+
+* Sandbox autoconf213 to fix some installation conflicts
+* Set the PECL provider to default on darwin for PHP extensions (this can be overridden)
+* Increase `pm.max_children` to 10 for PHP-FPM pools (@gblair)
+
+## 1.2.4 ##
+
+* Fixes compilation of PHP versions > 5.4.17 due to a break in Bison compatibility (@webflo!)
+
+## 1.2.3 ##
+
+* Add xhprof extension (@webflo)
+* Add latest versions of PHP 5.4 and 5.5 (@webflo)
+
+## 1.2.2 ##
+
+* Change default .ini settings to increase timeouts, memory limits etc.
+
+## 1.2.1 ##
+
+* Bump Composer to latest 1.0.0-alpha8 (@webbj74)
+
+## 1.2.0 ##
+
+* Adds PHP 5.5 support! This requires a later version of Bison to compile, which is installed as a sandboxed package.
+* Adds additional minor versions of PHP for 5.3 and 5.4
+* Use ensure_packages from the stdlib to improve module compatibility (thanks @jameydeorio)
+* Fixes specs, and added Github API token to travis so builds actually work again
+
+## 1.1.5 ##
+
+* Add OAuth extension (@dbtlr)
+* Fix HTTP extension bug including zookeeper (@dbtlr)
+* Add Mongo extension (@eebs)
+* Fix compilation bug caused by Freetype and GD incompatibilities (@eebs!)
+
+## 1.1.4 ##
+
+* Add memcache PHP extension (@poppen)
+* Add pdo_pgsql PHP extension (@poppen)
+
+## 1.1.3 ##
+
+* Added support for Composer see the readme for usage.
+* Module now has test specs (hooray!), please run script/cibuild before making a pull request.
+* Fixes to bugs the specs caught
+
+## 1.1.2 ##
+
+* Increase xdebug `max_nesting_level`
+
 ## 1.1.1 ##
 
 * Remove `libpng` package, add dependency on `libpng` module

README.md

@@ -79,7 +79,7 @@ A sample PHP project manifest is provided in `manifests/project.pp` which will r
 
 A simple project manifest example:
 
-````puppet
+```puppet
 # your-boxen/modules/projects/manifests/trollin.pp
 
 class projects::trollin {
@@ -93,10 +93,20 @@ class projects::trollin {
     php           => '5.3.23',
   }
 }
-````
+```
 
 With the above, as long as our app is configured to listen to requests at `www/index.php` we can visit [http://trollin.dev/](http://trollin.dev/) to access the app.
 
 In the background this is installing PHP 5.3.23, creating a PHP-FPM service for 5.3.23, and a FPM pool for this project which runs within the FPM service. This then listens on an nginx socket at "#{ENV['BOXEN_SOCKET_DIR']}"/trollin.
 
 The example nginx host template at `templates/nginx/nginx.conf.erb` is also a sample configuration which can be copied to your main boxen module and the nginx template path above altered to match this. This is set up with a basic PHP structure, and Fastcgi params to pass the expected variables from Nginx to PHP-FPM.
+
+## Upgrading to version 2.X.X from version 1.X.X
+
+The old PHP version classes are removed completely in version 2.
+
+You will need to change any code in your manifests like `include PHP::5_X_X` to the version 2 equivalent `php::version { 5.X.X: }`
+
+All other classes remain unchanged in syntax, and should "just work".
+
+This module will now warn you if you are running an insecure version of PHP when you run Boxen.

data/common.yaml

@@ -13,6 +13,7 @@ php::config::composer:
 php::config::phpenv:
   revision: '6499bb6c7b645af3f4e67f7e17708d5ee208453f'
 php::config::secure_versions:
-  '5.6': '5.6.5'
-  '5.5': '5.5.20'
-  '5.4': '5.4.36'
+  '5.6': '5.6.8'
+  '5.5': '5.5.24'
+  '5.4': '5.4.40'
+php::config::secure_warning:    true

manifests/config.pp

@@ -16,6 +16,7 @@
   $composer           = undef,
   $phpenv             = undef,
   $secure_versions    = undef,
+  $secure_warning     = undef,
 ) {
   include boxen::config
 
@@ -35,4 +36,8 @@
     $phpenv,
     $secure_versions,
   )
+
+  validate_bool(
+    $secure_warning,
+  )
 }

manifests/version.pp

@@ -30,17 +30,17 @@
   }
 
   # Version is greater than or equal to 5.6.0 and less than the 5.6 secure version
-  if versioncmp($patch_version, '5.6') >= 0 and versioncmp($patch_version, $secure_5_6) < 0 {
+  if $php::config::secure_warning and versioncmp($patch_version, '5.6') >= 0 and versioncmp($patch_version, $secure_5_6) < 0 {
     warning("You are installing PHP ${patch_version} which is known to be insecure. The current secure 5.6.X version is ${secure_5_6}")
   }
 
   # Version is greater than or equal to 5.5.0 and less than the 5.5 secure version
-  if versioncmp($patch_version, '5.5') >= 0 and versioncmp($patch_version, $secure_5_5) < 0 {
+  if $php::config::secure_warning and versioncmp($patch_version, '5.5') >= 0 and versioncmp($patch_version, $secure_5_5) < 0 {
     warning("You are installing PHP ${patch_version} which is known to be insecure. The current secure 5.5.X version is ${secure_5_5}")
   }
 
   # Version is less than the minimum secure version
-  if versioncmp($patch_version, $secure_5_4) < 0 {
+  if $php::config::secure_warning and versioncmp($patch_version, $secure_5_4) < 0 {
     warning("You are installing PHP ${patch_version} which is known to be insecure. The current secure 5.4.X version is ${secure_5_4}")
   }
 

spec/fixtures/hiera/test.yaml

@@ -1,18 +1,19 @@
 ---
-php::config::root: "/test/boxen/phpenv"
-php::config::logdir: "/test/boxen/log/php"
-php::config::configdir: "/test/boxen/config/php"
-php::config::datadir: "/test/boxen/data/php"
-php::config::pluginsdir: "/test/boxen/phpenv/plugins"
-php::config::cachedir: "/test/boxen/data/php/cache"
+php::config::root:              "/test/boxen/phpenv"
+php::config::logdir:            "/test/boxen/log/php"
+php::config::configdir:         "/test/boxen/config/php"
+php::config::datadir:           "/test/boxen/data/php"
+php::config::pluginsdir:        "/test/boxen/phpenv/plugins"
+php::config::cachedir:          "/test/boxen/data/php/cache"
 php::config::extensioncachedir: "/test/boxen/data/php/cache/extensions"
-php::config::configure_params: {}
+php::config::configure_params:  {}
 php::config::composer:
   version:  '1.0.0-alpha9'
   checksum: '05df355b5277c8c9012470e699fa5494'
 php::config::phpenv:
   revision: '6499bb6c7b645af3f4e67f7e17708d5ee208453f'
 php::config::secure_versions:
-  '5.6': '5.6.4'
-  '5.5': '5.5.20'
-  '5.4': '5.4.36'
+  '5.6': '5.6.7'
+  '5.5': '5.5.23'
+  '5.4': '5.4.39'
+php::config::secure_warning:    true