ci: changes #18
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.ref }} | |
cancel-in-progress: true | |
on: # yamllint disable-line rule:truthy | |
workflow_dispatch: | |
push: | |
branches: | |
- master | |
pull_request: | |
branches: | |
- master | |
release: | |
types: | |
- released | |
env: | |
DOCKER_NAMESPACE: wayofdev/php-base | |
GHCR_NAMESPACE: ghcr.io/wayofdev/docker-php-base | |
name: 🚀 Build docker images with latest tag | |
jobs: | |
build: | |
strategy: | |
fail-fast: false | |
matrix: | |
os_name: ["alpine"] | |
php_version: ["8.1", "8.2", "8.3"] | |
php_type: ["fpm", "cli", "supervisord"] | |
builder: [{arch: "amd64", os: "ubuntu-latest"}, {arch: "arm64", os: "ubuntu-latest"}] | |
runs-on: ${{ matrix.builder.os }} | |
steps: | |
- name: 🌎 Set environment variables | |
run: | | |
php_version="${{ matrix.php_version }}" | |
tag="${{ matrix.php_version }}-${{ matrix.php_type }}-${{ matrix.os_name }}-${{ matrix.builder.arch }}" | |
php_version_slug="${php_version//./}" | |
target="php-${php_version_slug}-${{ matrix.php_type }}-${{ matrix.os_name }}" | |
echo "TARGET=${target}" >> $GITHUB_ENV | |
echo "PLATFORM_CACHE_TAG=${tag}" >> $GITHUB_ENV | |
- name: 📦 Check out the codebase | |
uses: actions/checkout@v4 | |
- name: 🤖 Generate dist files | |
run: ansible-playbook src/playbook.yml -l ${{ matrix.php_version }}-${{ matrix.php_type }}-${{ matrix.os_name }} | |
- name: 🖥️ Setup docker QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: linux/${{ matrix.builder.arch }} | |
- name: 🛠️ Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
platforms: linux/${{ matrix.builder.arch }} | |
buildkitd-flags: "--debug" | |
- name: 🐳 Extract docker meta data | |
id: meta | |
uses: docker/metadata-action@v5 | |
with: | |
images: | | |
${{ env.DOCKER_NAMESPACE }} | |
${{ env.GHCR_NAMESPACE }} | |
tags: | | |
type=raw,event=branch,value=latest | |
type=ref,event=pr | |
type=ref,event=tag | |
type=semver,pattern={{version}} | |
type=semver,pattern={{major}}.{{minor}} | |
flavor: | | |
latest=false | |
prefix=${{ matrix.php_version }}-${{ matrix.php_type }}-${{ matrix.os_name }}- | |
- name: ⚙️ Rename meta bake definition file | |
run: | | |
mv "${{ steps.meta.outputs.bake-file }}" "/tmp/bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json" | |
cat "/tmp/bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json" | |
- name: 📤 Upload meta bake definition | |
uses: actions/upload-artifact@v4 | |
with: | |
name: bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json | |
path: /tmp/bake-meta-*.json | |
if-no-files-found: error | |
retention-days: 1 | |
- name: 🔑 Login to docker-hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
- name: 🔑 Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: 🚀 Bake image and push to docker-hub and GHCR | |
id: bake | |
uses: docker/bake-action@v4 | |
with: | |
targets: ${{ env.TARGET }} | |
files: | | |
./docker-bake.hcl | |
/tmp/bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json | |
set: | | |
*.tags= | |
*.platform=linux/${{ matrix.builder.arch }} | |
*.cache-from=type=gha,scope=build-${{ env.PLATFORM_CACHE_TAG }} | |
*.cache-to=type=gha,scope=build-${{ env.PLATFORM_CACHE_TAG }} | |
*.output=type=image,"name=${{ env.DOCKER_NAMESPACE }},${{ env.GHCR_NAMESPACE }}",push-by-digest=true,name-canonical=true,push=true | |
- name: 🔍 Debug Bake Metadata Output | |
run: | | |
echo /tmp/bake-meta-${{ env.PLATFORM_CACHE_TAG }}.json | |
- name: 📥 Export digest | |
run: | | |
mkdir -p /tmp/digests | |
echo "Bake Metadata: ${{ steps.bake.outputs.metadata }}" | |
digest=$(echo '${{ steps.bake.outputs.metadata }}' | jq -r '.["${{ env.TARGET }}"]["containerimage.digest"]') | |
if [[ -z "$digest" || "$digest" == "null" ]]; then | |
echo "Digest not found." | |
exit 1 | |
fi | |
echo "Digest: $digest" | |
touch "/tmp/digests/${digest#sha256:}" | |
- name: 📤 Upload digest | |
uses: actions/upload-artifact@v4 | |
with: | |
name: digests-${{ env.PLATFORM_CACHE_TAG }}.json | |
path: /tmp/digests/* | |
if-no-files-found: error | |
retention-days: 1 | |
merge: | |
needs: build | |
runs-on: ubuntu-latest | |
steps: | |
- name: 📥 Download meta bake definitions | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: bake-meta-* | |
path: /tmp | |
merge-multiple: true | |
- name: 📥 Download meta bake definitions | |
uses: actions/download-artifact@v4 | |
with: | |
pattern: digests-* | |
path: /tmp/digests/* | |
merge-multiple: true | |
- name: Print downloaded bake meta files | |
run: | | |
echo "Listing /tmp directory contents:" | |
ls -lah /tmp | |
echo "Listing /tmp/digests directory contents:" | |
ls -lah /tmp/digests | |
- name: 🔑 Login to docker-hub | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ secrets.DOCKER_USERNAME }} | |
password: ${{ secrets.DOCKER_TOKEN }} | |
- name: 🔑 Login to GHCR | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.repository_owner }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: 🖥️ Setup docker QEMU | |
uses: docker/setup-qemu-action@v3 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
- name: 🛠️ Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
with: | |
platforms: linux/amd64,linux/arm64 | |
buildkitd-flags: "--debug" | |
- name: Create manifest list and push | |
run: | | |
for FILE in $(find /tmp -name 'bake-meta-*.json'); do | |
echo "Processing file: $FILE" | |
cat "$FILE" | jq | |
done | |
for TAG in $TAGS; do | |
echo "Processing tag: $TAG" | |
FULL_TAGS=() | |
for FILE in $(find /tmp -name 'bake-meta-*.json'); do | |
echo "Processing file: $FILE" | |
# Debug: Print the structure of the JSON file | |
cat "$FILE" | jq | |
REPO=$(jq -r --arg TAG "$TAG" '.target."docker-metadata-action".tags[] | select(. == $TAG)' $FILE | cut -d':' -f1) | |
DIGEST=$(jq -r --arg REPO "$REPO" '.["'$REPO'"]["containerimage.digest"]' $FILE) | |
if [ "$DIGEST" == "null" ] || [ -z "$DIGEST" ]; then | |
echo "Digest not found for $REPO in $FILE" | |
continue # Skip adding this to FULL_TAGS | |
fi | |
echo "Adding $REPO@$DIGEST to FULL_TAGS" | |
FULL_TAGS+=("$REPO@$DIGEST") | |
done | |
if [ ${#FULL_TAGS[@]} -eq 0 ]; then | |
echo "No valid digests found for tag $TAG, skipping..." | |
continue | |
fi | |
echo "FULL_TAGS for $TAG: ${FULL_TAGS[@]}" | |
docker buildx imagetools create "${FULL_TAGS[@]}" -t "$TAG" | |
done | |
# # Debug: List all matching meta files | |
# echo "Listing all bake-meta-*.json files for debugging:" | |
# ls -la /tmp/bake-meta-*.json | |
# | |
# # Aggregate all tags from the meta files | |
# TAGS=$(jq -r '.target."docker-metadata-action".tags[]' /tmp/bake-meta-*.json | sort -u) | |
# echo "Found tags: $TAGS" | |
# | |
# # Loop through each tag and create a manifest list | |
# for TAG in $TAGS; do | |
# echo "Processing tag: $TAG" | |
# FULL_TAGS=() | |
# for FILE in /tmp/bake-meta-*.json; do | |
# if [ -d "$FILE" ]; then | |
# echo "$FILE is a directory, skipping..." | |
# continue | |
# fi | |
# if jq -e --arg TAG "$TAG" '.target."docker-metadata-action".tags[] | select(. == $TAG)' $FILE > /dev/null; then | |
# # Extract the repository and digest for the current platform | |
# REPO=$(jq -r --arg TAG "$TAG" '.target."docker-metadata-action".tags[] | select(. == $TAG)' $FILE | cut -d':' -f1) | |
# DIGEST=$(jq -r '.["'$REPO'"]["containerimage.digest"]' $FILE) | |
# echo "Adding $REPO@$DIGEST to FULL_TAGS" | |
# FULL_TAGS+=("$REPO@$DIGEST") | |
# fi | |
# done | |
# | |
# # Debug: Print FULL_TAGS before creating the manifest | |
# echo "FULL_TAGS for $TAG: ${FULL_TAGS[@]}" | |
# | |
# # Create and push the manifest list for the current tag | |
# docker buildx imagetools create "${FULL_TAGS[@]}" -t "$TAG" | |
# done | |
... |