Add Docker setup and CI/CD improvements

[TatevikGr]

Summary

• dockerize project
• add gitattributes file
• fix pipeline
• CodeRabbit config

Unit test

Are your changes covered with unit tests, and do they not break anything?

You can run the existing unit tests using this command:

vendor/bin/phpunit tests/

Code style

Have you checked that you code is well-documented and follows the PSR-2 coding
style?

You can check for this using this command:

vendor/bin/phpcs --standard=PSR2 src/ tests/

Other Information

If there's anything else that's important and relevant to your pull
request, mention that information here. This could include benchmarks,
or other information.

If you are updating any of the CHANGELOG files or are asked to update the
CHANGELOG files by reviewers, please add the CHANGELOG entry at the top of the file.

Thanks for contributing to phpList!

Summary by CodeRabbit

• New Features

  • Docker image and docker-compose deployment for Apache/PHP with MySQL and PostgreSQL options.
  • RSS feed integration via new dependencies.

• Documentation

  • README expanded with Docker quick-start, environment defaults, and production notes.

• Chores

  • CI updated to Ubuntu 22.04 and test execution adjusted.
  • Added project ignore/export rules and Docker build exclusions.
  • PR template simplified and automated review configuration added.

[coderabbitai]

Walkthrough

Adds containerization (Dockerfile, docker-compose, .dockerignore), Git attributes, CI update to ubuntu-22.04 with explicit DB env exports, composer dependency and repository changes, README Docker deployment docs, a shortened PR template, and a CodeRabbit config enabling auto-review.

Changes

Cohort / File(s)	Summary
Docker build & runtime Dockerfile, docker-compose.yml, .dockerignore	Adds a production Dockerfile (php:8.1-apache-bullseye) with system deps, PHP extensions, Composer install, Symfony cache build, permissions and Apache config; adds docker-compose.yml with app, db (MySQL 8.0) and postgres (Postgres 15) services, volumes, network and healthchecks; adds .dockerignore to exclude VCS, IDE, node artifacts, caches, env/Docker files and vendor.
CI workflow .github/workflows/ci.yml	Updates Actions runner to ubuntu-22.04; replaces single-line system tests step with a script that exports PHPLIST_DATABASE_NAME, PHPLIST_DATABASE_USER, PHPLIST_DATABASE_PASSWORD, PHPLIST_DATABASE_PORT (from MySQL service) and sets PHPLIST_DATABASE_HOST=127.0.0.1 before running vendor/bin/phpunit tests/System/.
Repository & dependencies composer.json	Adds VCS repository https://github.com/tatevikgr/rss-bundle.git; updates phplist/web-frontend from dev-master to dev-main; adds tatevikgr/rss-feed (dev-main as 0.1.0); adds top-level config.allow-plugins entry enabling php-http/discovery.
Documentation README.md	Appends Docker deployment instructions: quick-start, environment variable defaults, production notes, persistence guidance, and an example docker exec command.
Git archive settings .gitattributes	Adds export-ignore entries to exclude /tests and /.github from generated archives.
Code review automation .coderabbit.yaml	Adds CodeRabbit config: language: en-US, reviews.profile: "chill", high_level_summary: true, auto_review.enabled: true, auto_review.base_branches: [".*"], auto_review.drafts: false.
PR template .github/PULL_REQUEST_TEMPLATE.md	Shortens the PR template by removing detailed guidance; retains only the ### Summary header and trailing content.

Sequence Diagram(s)

sequenceDiagram
    participant Compose as Docker Compose
    participant App as app (container)
    participant MySQL as db (MySQL 8.0)
    participant PG as postgres (Postgres 15)
    Note over Compose: docker-compose up

    Compose->>App: build image (Dockerfile)
    Compose->>MySQL: start container (db_data)
    Compose->>PG: start container (pg_data)

    rect rgb(220,240,255)
    Note over App,MySQL: Primary DB path (MySQL)
    MySQL->>MySQL: healthcheck & init
    MySQL-->>App: healthy (port exposed)
    end

    rect rgb(240,220,255)
    Note over App,PG: Alternative DB path (Postgres)
    PG->>PG: healthcheck & init
    PG-->>App: healthy (port exposed)
    end

    App->>App: read env PHPLIST_DATABASE_*, DATABASE_DRIVER
    App->>App: start Apache (DocumentRoot /public)

Loading

sequenceDiagram
    participant Runner as GitHub Actions Runner
    participant Env as Job Environment
    participant PHPUnit as vendor/bin/phpunit

    Note over Runner: CI system tests step

    Runner->>Env: export PHPLIST_DATABASE_NAME
    Runner->>Env: export PHPLIST_DATABASE_USER
    Runner->>Env: export PHPLIST_DATABASE_PASSWORD
    Runner->>Env: export PHPLIST_DATABASE_PORT (from MySQL service)
    Runner->>Env: set PHPLIST_DATABASE_HOST = 127.0.0.1

    Runner->>PHPUnit: vendor/bin/phpunit tests/System/
    PHPUnit->>Env: read PHPLIST_DATABASE_*
    PHPUnit->>PHPUnit: run system tests
    PHPUnit-->>Runner: test results

Loading

Estimated code review effort

🎯 3 (Moderate) | ⏱️ ~20–30 minutes

• Review Dockerfile for secure package installation, PHP extension list, Composer usage, Symfony cache build error handling, and file permissions (cache/logs).
• Verify docker-compose service defaults, healthchecks, volume mappings, and DB selection behavior (presence of both MySQL and Postgres).
• Validate composer changes: VCS repo, dev-main constraints, and config.allow-plugins allowance.
• Check CI step for correct environment export, port sourcing from service, and any potential secrets exposure.

Pre-merge checks and finishing touches

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately summarizes the main changes: Dockerization (Dockerfile, docker-compose.yml, .dockerignore) and CI/CD improvements (.github/workflows/ci.yml updates).
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch dev

---

📜 Recent review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 73c7e1b and b00b3b1.

📒 Files selected for processing (1)

• docker-compose.yml (1 hunks)

🔇 Additional comments (2)

docker-compose.yml (2)

39-43: Healthchecks are well-configured.

Both database services include proper healthchecks with appropriate intervals, timeouts, and retry counts, improving container orchestration robustness during startup and failure recovery.

Also applies to: 57-61

---

64-70: Volumes and networking configured appropriately.

Volume definitions support data persistence across container restarts, and the shared appnet network allows inter-service communication without exposing ports unnecessarily.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 4

📜 Review details

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 0d40429 and f6fa057.

⛔ Files ignored due to path filters (1)

• composer.lock is excluded by !**/*.lock

📒 Files selected for processing (8)

• .coderabbit.yaml (1 hunks)
• .dockerignore (1 hunks)
• .gitattributes (1 hunks)
• .github/workflows/ci.yml (2 hunks)
• Dockerfile (1 hunks)
• README.md (1 hunks)
• composer.json (2 hunks)
• docker-compose.yml (1 hunks)

🧰 Additional context used

🪛 Checkov (3.2.334)

docker-compose.yml

[medium] 67-68: Basic Auth Credentials

(CKV_SECRET_4)

🪛 markdownlint-cli2 (0.18.1)

README.md

188-188: Bare URL used

(MD034, no-bare-urls)

🔇 Additional comments (13)

.coderabbit.yaml (1)

1-9: Configuration is valid and well-aligned with project needs.

The CodeRabbit configuration is schema-compliant and appropriately configured. The "chill" review profile, enabled auto-review with .* regex for all branches, and high-level summary generation align well with the PR objectives to expand automated review coverage. All values conform to the configuration schema.

.gitattributes (1)

1-3: Good use of export-ignore to exclude non-production files.

This aligns well with the expanded .dockerignore and overall build optimization efforts in this PR.

composer.json (3)

40-43: Verify the VCS repository is stable and maintained.

The new VCS repository https://github.com/tatevikgr/rss-bundle.git points to a personal GitHub account. Consider whether this introduces maintenance risks or if it should be managed in an organization account to ensure long-term availability and collaborative management.

---

49-52: Clarify unusual dependency constraints.

The following patterns are atypical:

• Line 49: phplist/web-frontend changed from dev-master to dev-main (branch rename—likely intentional).
• Line 51: tatevikgr/rest-api-client uses dev-ISSUE-357 (issue-specific branch).
• Line 52: tatevikgr/rss-feed uses dev-main as 0.1.0 (mixing a dev branch with a semver alias).

Verify these constraints are intentional and document if they are temporary workarounds or permanent patterns.

---

112-116: Verify plugin allowlist is necessary.

The new allow-plugins configuration enables php-http/discovery. Confirm this is required and document the reason in a comment or PR description.

.github/workflows/ci.yml (2)

6-6: Verify system tests actually read PHPLIST_ environment variables.*

The workflow now exports PHPLIST_DATABASE_* and PHPLIST_DATABASE_HOST environment variables (lines 67–71) before running system tests. Confirm that the test code in tests/System/ is configured to read these variables from the environment rather than from config/parameters.yml. If not, these exports will have no effect.

Also applies to: 66-72

---

6-6: Ubuntu 22.04 runner is a good upgrade.

The shift from ubuntu-20.04 to ubuntu-22.04 is appropriate for modern CI/CD pipelines and aligns with PHP 8.1 support.

.dockerignore (1)

1-19: Good build context optimization.

The .dockerignore comprehensively excludes development files, caches, and unnecessary artifacts. This reduces build context size and speeds up Docker builds. The vendor/ exclusion is appropriate since dependencies are installed fresh within the Dockerfile via composer install.

Dockerfile (3)

38-38: Review the order of config directory copy vs. composer install.

Line 38 copies config ./config before line 41 runs composer install. This is atypical because:

1. Composer scripts may expect the full project structure already in place.
2. The config directory may be generated/modified by composer install.

Verify this ordering doesn't cause issues. Consider moving the COPY config ./config line after the composer install, or clarify why it must come before.

Also applies to: 41-41

---

48-49: Document or reconsider silent cache warmup failures.

Lines 48–49 use || true to suppress errors from cache:clear and cache:warmup. While this prevents build failures if the database is unavailable at build time, it may hide real configuration or dependency issues.

Consider:

1. Adding a comment explaining when these commands might fail gracefully.
2. Alternatively, remove || true if the database is expected to be available (e.g., in a multi-stage build or build service).
3. Validate that cache warmup actually succeeds in CI and production deployments.

---

51-54: Permission handling is sound.

Explicit chown and chmod for var/ and public/ directories ensure the Apache process (www-data) has proper write access for caching and logs.

docker-compose.yml (2)

10-19: Clarify database driver configuration strategy.

The app service environment shows:

• Lines 10–12: MySQL config (commented out)
• Lines 17–19: PostgreSQL config (active)

This suggests PostgreSQL is the default, but the comments may confuse users. Add documentation or clarify intent:

1. In docker-compose.yml: Add a comment explaining the override strategy (e.g., "PostgreSQL is default; uncomment MySQL config and comment out PostgreSQL to switch").
2. In README: Document how to switch between MySQL and PostgreSQL.

This is especially important since depends_on: [db] (line 23–24) refers to the MySQL service, but the app defaults to PostgreSQL (line 17). Verify this is intentional.

---

31-47: Database services are well-configured with healthchecks.

The MySQL and PostgreSQL services include appropriate healthchecks, volume persistence, and environment variable configuration. Separate volumes (db_data, pg_data) ensure data persists across container restarts.

Also applies to: 49-65