Merge pull request #61 from wayofdev/ci/structure-updates #43
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| concurrency: | |
| group: "${{ github.workflow }}-${{ github.ref }}" | |
| cancel-in-progress: true | |
| on: # yamllint disable-line rule:truthy | |
| workflow_dispatch: | |
| push: | |
| branches: | |
| - master | |
| release: | |
| types: | |
| - released | |
| env: | |
| DOCKER_NAMESPACE: wayofdev/php-base | |
| GHCR_NAMESPACE: ghcr.io/wayofdev/docker-php-base | |
| name: 🚀 Build docker images with latest tag | |
| jobs: | |
| build: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| os_name: ["alpine"] | |
| php_version: ["8.1", "8.2", "8.3"] | |
| php_type: ["fpm", "cli", "supervisord"] | |
| builder: [{arch: "amd64", os: "ubuntu-latest"}, {arch: "arm64", os: "ubuntu-latest"}] | |
| runs-on: ${{ matrix.builder.os }} | |
| steps: | |
| - name: 🌎 Set environment variables | |
| run: | | |
| php_version="${{ matrix.php_version }}" | |
| tag="${{ matrix.php_version }}-${{ matrix.php_type }}-${{ matrix.os_name }}-${{ matrix.builder.arch }}" | |
| php_version_slug="${php_version//./}" | |
| target="php-${php_version_slug}-${{ matrix.php_type }}-${{ matrix.os_name }}" | |
| echo "TARGET=${target}" >> "$GITHUB_ENV" | |
| echo "PLATFORM_CACHE_TAG=${tag}" >> "$GITHUB_ENV" | |
| - name: 📦 Check out the codebase | |
| uses: actions/checkout@v4.1.7 | |
| - name: 🤖 Generate dist files | |
| run: ansible-playbook src/playbook.yml -l ${{ matrix.php_version }}-${{ matrix.php_type }}-${{ matrix.os_name }} | |
| - name: 🖥️ Setup docker QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: linux/${{ matrix.builder.arch }} | |
| - name: 🛠️ Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| platforms: linux/${{ matrix.builder.arch }} | |
| buildkitd-flags: "--debug" | |
| - name: 🐳 Extract docker meta data | |
| id: meta | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: | | |
| ${{ env.DOCKER_NAMESPACE }} | |
| ${{ env.GHCR_NAMESPACE }} | |
| tags: | | |
| type=raw,event=branch,value=latest | |
| type=ref,event=tag | |
| type=semver,pattern={{version}} | |
| type=semver,pattern={{major}}.{{minor}} | |
| flavor: | | |
| latest=false | |
| prefix=${{ matrix.php_version }}-${{ matrix.php_type }}-${{ matrix.os_name }}- | |
| - name: ⚙️ Rename meta bake definition file | |
| run: | | |
| mv "${{ steps.meta.outputs.bake-file }}" "/tmp/bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json" | |
| - name: 📤 Upload meta bake definition | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json | |
| path: /tmp/bake-meta-*.json | |
| if-no-files-found: error | |
| retention-days: 1 | |
| - name: 🔑 Login to docker-hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: 🔑 Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: 🚀 Bake image and push to docker-hub and GHCR | |
| id: bake | |
| uses: docker/bake-action@v5.7.0 | |
| with: | |
| targets: ${{ env.TARGET }} | |
| files: | | |
| ./docker-bake.hcl | |
| /tmp/bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json | |
| set: | | |
| *.tags= | |
| *.platform=linux/${{ matrix.builder.arch }} | |
| *.cache-from=type=gha,scope=build-${{ env.PLATFORM_CACHE_TAG }} | |
| *.cache-to=type=gha,scope=build-${{ env.PLATFORM_CACHE_TAG }} | |
| *.output=type=image,"name=${{ env.DOCKER_NAMESPACE }},${{ env.GHCR_NAMESPACE }}",push-by-digest=true,name-canonical=true,push=true | |
| - name: 📥 Export digest | |
| run: | | |
| mkdir -p /tmp/digests | |
| echo "Bake Metadata: ${{ steps.bake.outputs.metadata }}" | |
| digest=$(echo '${{ steps.bake.outputs.metadata }}' | jq -r '.["${{ env.TARGET }}"]["containerimage.digest"]') | |
| if [[ -z "$digest" || "$digest" == "null" ]]; then | |
| echo "Digest not found." | |
| exit 1 | |
| fi | |
| echo "Digest: $digest" | |
| touch "/tmp/digests/${digest#sha256:}" | |
| - name: 📤 Upload digest | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: digests-${{ env.PLATFORM_CACHE_TAG }} | |
| path: /tmp/digests/* | |
| if-no-files-found: error | |
| retention-days: 1 | |
| merge: | |
| needs: build | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: 📥 Download meta bake definitions | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: bake-meta-* | |
| path: /tmp | |
| merge-multiple: true | |
| - name: 📥 Download meta bake definitions | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: digests-* | |
| path: /tmp/digests | |
| - name: 🔑 Login to docker-hub | |
| uses: docker/login-action@v3 | |
| with: | |
| username: ${{ secrets.DOCKER_USERNAME }} | |
| password: ${{ secrets.DOCKER_TOKEN }} | |
| - name: 🔑 Login to GHCR | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.repository_owner }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: 🖥️ Setup docker QEMU | |
| uses: docker/setup-qemu-action@v3 | |
| with: | |
| platforms: linux/amd64,linux/arm64 | |
| - name: 🛠️ Set up Docker Buildx | |
| uses: docker/setup-buildx-action@v3 | |
| with: | |
| platforms: linux/amd64,linux/arm64 | |
| buildkitd-flags: "--debug" | |
| - name: 📦 Check out the codebase | |
| uses: actions/checkout@v4.1.7 | |
| - name: 🚀 Create manifest list and push | |
| shell: bash | |
| run: .github/scripts/build-images.sh | |
| env: | |
| DOCKER_NAMESPACE: ${{ secrets.DOCKER_NAMESPACE }} | |
| GHCR_NAMESPACE: ${{ secrets.GHCR_NAMESPACE }} | |
| ... |