ivuorinen/docker-php-with-imagick-multi
1
0
Fork 0
mirror of https://github.com/ivuorinen/docker-php-with-imagick-multi.git synced 2026-01-26 11:34:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(ci): cleanup to fix build process (#15)

Browse Source
This commit is contained in:
Ismo Vuorinen
2025-06-10 02:03:43 +03:00
committed by GitHub
parent 5a5ae549a8
commit fe81a15c4f
11 changed files with 226 additions and 109 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.checkov.yml Normal file
View File

@@ -0,0 +1,5 @@
# You can see all available properties here: https://github.com/bridgecrewio/checkov#configuration-using-a-config-file
quiet: true
skip-check:
- CKV_DOCKER_2
- CKV_DOCKER_3

186
.github/workflows/pr-build.yml vendored Normal file
View File

@@ -0,0 +1,186 @@
---
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
name: PR Build and Report
on:
pull_request:
types: [opened, synchronize, reopened]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
# Use docker.io for Docker Hub if empty
REGISTRY: ghcr.io
# github.repository as <account>/<repo>
IMAGE_NAME: ${{ github.repository }}
permissions: read-all
jobs:
pr-build:
name: PR Build
runs-on: ubuntu-latest
timeout-minutes: 30
permissions:
contents: read
issues: write
pull-requests: write
statuses: write
strategy:
fail-fast: false
matrix:
php: [php74, php80, php81, php82, php83, php84]
arch: ["linux/amd64", "linux/arm64"]
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- name: Set result filename
id: resultfile
run: |
TAG_ARCH="${{ matrix.arch }}"
TAG_ARCH="${TAG_ARCH//\//-}"
FILENAME="result-${{ matrix.php }}-${TAG_ARCH}.json"
echo "filename=$FILENAME" >> "$GITHUB_OUTPUT"
echo "tag_arch=$TAG_ARCH" >> "$GITHUB_OUTPUT"
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@b5ca514318bd6ebac0fb2aedd5d36ec1b5c232a2 # v3.10.0
- name: Log in to the Container registry
uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Docker metadata
id: meta
uses: docker/metadata-action@902fa8ec7d6ecbf8d84d538b9b233a880e428804 # v5.7.0
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php }}
tags: |
type=raw,value=${{ matrix.php }}-${{ matrix.arch }}
- name: Extract base image
id: baseimage
run: |
BASE_IMAGE="$(grep -m1 '^FROM ' ${{ env.DOCKERFILE_PATH }} | awk '{print $2}')"
echo "base_image=$BASE_IMAGE" >> "$GITHUB_OUTPUT"
- name: Build Docker image (capture cache usage)
id: build
shell: bash
run: |
TAG_ARCH="${{ steps.resultfile.outputs.tag_arch }}"
IMAGE_TAG="${{ env.IMAGE_NAME }}:${{ matrix.php }}-${TAG_ARCH}"
START="$(date +%s)"
docker buildx build \
--platform ${{ matrix.arch }} \
--tag "$IMAGE_TAG" \
--progress plain \
--load ./${{ matrix.php }}/ | tee build.log
END="$(date +%s)"
echo "duration=$((END-START))" >> "$GITHUB_OUTPUT"
if grep -q 'CACHED' build.log; then
echo "cache_used=true" >> "$GITHUB_OUTPUT"
else
echo "cache_used=false" >> "$GITHUB_OUTPUT"
fi
- name: Get image size
id: image_info
shell: bash
run: |
TAG_ARCH="${{ steps.resultfile.outputs.tag_arch }}"
IMAGE="${{ env.IMAGE_NAME }}:${{ matrix.php }}-${TAG_ARCH}"
SIZE="$(docker image inspect "$IMAGE" --format='{{.Size}}')"
SIZE_MB="$((SIZE/1024/1024))"
echo "size_mb=$SIZE_MB" >> "$GITHUB_OUTPUT"
- name: Save build result
shell: bash
run: |
jq -n \
--arg php "${{ matrix.php }}" \
--arg arch "${{ matrix.arch }}" \
--arg status "success" \
--arg duration "${{ steps.build.outputs.duration }}" \
--arg size_mb "${{ steps.image_info.outputs.size_mb }}" \
--arg base_image "${{ steps.baseimage.outputs.base_image }}" \
--arg cache_used "${{ steps.build.outputs.cache_used }}" \
'{
php: $php,
arch: $arch,
status: $status,
duration: $duration,
size_mb: $size_mb,
base_image: $base_image,
cache_used: $cache_used
}' > ${{ steps.resultfile.outputs.filename }}
- name: Move result file to output directory
shell: bash
run: |
mkdir -p results
mv ${{ steps.resultfile.outputs.filename }} results/
- name: Upload build result
uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
with:
name: build-results
path: results/
overwrite: true
if-no-files-found: warn
aggregate-results:
name: Aggregate Results and Comment
runs-on: ubuntu-latest
needs: pr-build
permissions:
contents: read
issues: write
pull-requests: write
statuses: write
if: github.event_name == 'pull_request'
steps:
- name: Download all build results
uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
with:
name: build-results
path: results
- name: Summarize results
id: summarize
shell: bash
run: |
{
echo "## Build Matrix Results"
echo ""
echo "| PHP Version | Architecture | Status | Duration (s) | Image Size (MB) | Base Image | Cache Used |"
echo "|-------------|--------------|---------|--------------|-----------------|------------|------------|"
} > comment.md
for f in results/*.json; do
php=$(jq -r .php "$f")
arch=$(jq -r .arch "$f")
status=$(jq -r .status "$f")
duration=$(jq -r .duration "$f")
size_mb=$(jq -r .size_mb "$f")
base_image=$(jq -r .base_image "$f")
cache_used=$(jq -r .cache_used "$f")
echo "| $php | $arch | $status | $duration | $size_mb | $base_image | $cache_used |" >> comment.md
done
- name: Create or update PR comment
uses: peter-evans/create-or-update-comment@71345be0265236311c031f5c7866368bd1eff043 # v4.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
issue-number: ${{ github.event.pull_request.number }}
body-file: comment.md

1
.hadolint.yaml
View File

@@ -6,3 +6,4 @@ ignored:
- DL3018
- DL3008
- SC2046
- DL4006

1
.kics.config.yaml
View File

@@ -3,3 +3,4 @@ type:
exclude-queries:
- fd54f200-402c-4333-a5a4-36ef6709af2f
- 965a08d7-ef86-4f14-8792-4a3b2098937e
- b03a748a-542d-44f4-bb86-9199ab4fd2d5

2
.trivyignore Normal file
View File

@@ -0,0 +1,2 @@
AVD-DS-0002
AVD-DS-0026

35
php74/Dockerfile
View File

@@ -6,21 +6,19 @@ LABEL \
version="1.0" \
description="PHP 7.4 with Imagick and Composer"
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Install PHP extensions and required libraries
RUN \
apt-get update \
&& apt-get install -y --no-install-recommends \
libicu-dev=* \
libxml2-dev=2.* \
libfreetype6-dev=2.* \
libjpeg62-turbo-dev=* \
libpng-dev=1.* \
libonig-dev=6.* \
libmagickwand-dev=8:6.* \
python3-dev=3.* \
unzip=6.* \
libicu-dev \
libxml2-dev \
libfreetype6-dev \
libjpeg62-turbo-dev \
libpng-dev \
libonig-dev \
libmagickwand-dev \
python3-dev \
unzip \
&& docker-php-ext-configure gd --with-freetype --with-jpeg \
&& docker-php-ext-install -j$(nproc) \
bcmath \
@@ -35,19 +33,8 @@ RUN \
&& yes '' | pecl install imagick \
&& docker-php-ext-enable imagick \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Install Composer
RUN set -o pipefail \
&& rm -rf /var/lib/apt/lists/* \
&& curl -sS https://getcomposer.org/installer | \
php -- --install-dir=/usr/local/bin --filename=composer
# Verify installations
RUN set -o pipefail \
php -- --install-dir=/usr/local/bin --filename=composer \
&& php --version \
&& composer --version
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD php -v || exit 1
USER www-data

21
php80/Dockerfile
View File

@@ -6,16 +6,9 @@ LABEL \
version="1.0" \
description="PHP 8.0 with Imagick and Composer"
USER www-data
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD php -v || exit 1
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Install PHP extensions and required libraries
RUN set -o pipefail \
&& apt-get update --no-cache \
RUN \
apt-get update \
&& apt-get install -y --no-install-recommends \
libicu-dev \
libxml2-dev \
@@ -40,14 +33,8 @@ RUN set -o pipefail \
&& yes '' | pecl install imagick \
&& docker-php-ext-enable imagick \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Install Composer
RUN set -o pipefail \
&& rm -rf /var/lib/apt/lists/* \
&& curl -sS https://getcomposer.org/installer | \
php -- --install-dir=/usr/local/bin --filename=composer
# Verify installations
RUN set -o pipefail \
php -- --install-dir=/usr/local/bin --filename=composer \
&& php --version \
&& composer --version

21
php81/Dockerfile
View File

@@ -6,16 +6,9 @@ LABEL \
version="1.0" \
description="PHP 8.1 with Imagick and Composer"
USER www-data
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD php -v || exit 1
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Install PHP extensions and required libraries
RUN set -o pipefail \
&& apt-get update --no-cache \
RUN \
apt-get update \
&& apt-get install -y --no-install-recommends \
libicu-dev \
libxml2-dev \
@@ -40,14 +33,8 @@ RUN set -o pipefail \
&& yes '' | pecl install imagick \
&& docker-php-ext-enable imagick \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Install Composer
RUN set -o pipefail \
&& rm -rf /var/lib/apt/lists/* \
&& curl -sS https://getcomposer.org/installer | \
php -- --install-dir=/usr/local/bin --filename=composer
# Verify installations
RUN set -o pipefail \
php -- --install-dir=/usr/local/bin --filename=composer \
&& php --version \
&& composer --version

21
php82/Dockerfile
View File

@@ -6,16 +6,9 @@ LABEL \
version="1.0" \
description="PHP 8.2 with Imagick and Composer"
USER www-data
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD php -v || exit 1
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Install PHP extensions and required libraries
RUN set -o pipefail \
&& apt-get update --no-cache \
RUN \
apt-get update \
&& apt-get install -y --no-install-recommends \
libicu-dev \
libxml2-dev \
@@ -40,14 +33,8 @@ RUN set -o pipefail \
&& yes '' | pecl install imagick \
&& docker-php-ext-enable imagick \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Install Composer
RUN set -o pipefail \
&& rm -rf /var/lib/apt/lists/* \
&& curl -sS https://getcomposer.org/installer | \
php -- --install-dir=/usr/local/bin --filename=composer
# Verify installations
RUN set -o pipefail \
php -- --install-dir=/usr/local/bin --filename=composer \
&& php --version \
&& composer --version

21
php83/Dockerfile
View File

@@ -6,16 +6,9 @@ LABEL \
version="1.0" \
description="PHP 8.3 with Imagick and Composer"
USER www-data
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD php -v || exit 1
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Install PHP extensions and required libraries
RUN set -o pipefail \
&& apt-get update --no-cache \
RUN \
apt-get update \
&& apt-get install -y --no-install-recommends \
libicu-dev \
libxml2-dev \
@@ -40,14 +33,8 @@ RUN set -o pipefail \
&& yes '' | pecl install imagick \
&& docker-php-ext-enable imagick \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Install Composer
RUN set -o pipefail \
&& rm -rf /var/lib/apt/lists/* \
&& curl -sS https://getcomposer.org/installer | \
php -- --install-dir=/usr/local/bin --filename=composer
# Verify installations
RUN set -o pipefail \
php -- --install-dir=/usr/local/bin --filename=composer \
&& php --version \
&& composer --version

21
php84/Dockerfile
View File

@@ -6,16 +6,9 @@ LABEL \
version="1.0" \
description="PHP 8.4 with Imagick and Composer"
USER www-data
HEALTHCHECK --interval=30s --timeout=10s --start-period=5s --retries=3 \
CMD php -v || exit 1
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# Install PHP extensions and required libraries
RUN set -o pipefail \
&& apt-get update --no-cache \
RUN \
apt-get update \
&& apt-get install -y --no-install-recommends \
libicu-dev \
libxml2-dev \
@@ -40,14 +33,8 @@ RUN set -o pipefail \
&& yes '' | pecl install imagick \
&& docker-php-ext-enable imagick \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
# Install Composer
RUN set -o pipefail \
&& rm -rf /var/lib/apt/lists/* \
&& curl -sS https://getcomposer.org/installer | \
php -- --install-dir=/usr/local/bin --filename=composer
# Verify installations
RUN set -o pipefail \
php -- --install-dir=/usr/local/bin --filename=composer \
&& php --version \
&& composer --version