mirror of
https://github.com/ivuorinen/docker-php-with-imagick-multi.git
synced 2026-03-13 10:59:48 +00:00
Ismo Vuorinen
92cb1405fa
* fix(renovate): pin PHP base images to digest-only updates * feat(php85): add PHP 8.5 with Imagick and Composer * ci: add php85 to build and PR matrices * docs: update supported PHP version range to 8.5 * ci: enable GHA build cache for Docker image builds * fix: address CR feedback — fix DOCKERFILE_PATH, renovate match, composer verify, drop python3-dev * ci: use native arm64 runners for arm64 Docker builds * ci: use build-by-digest with manifest merge for multi-arch images Switch from direct per-arch push to a two-phase workflow: 1. Build phase pushes images by digest and uploads artifacts 2. Merge phase creates multi-arch manifest lists per PHP version This ensures proper multi-arch manifest tags instead of last-writer-wins race conditions between arch builds. * fix: remove continue-on-error and suppress SC2046 shellcheck warning Remove continue-on-error from build job so failed arch builds correctly block the merge job from pushing incomplete manifests. Add shellcheck disable directive for intentional word-splitting in manifest creation.
193 lines
6.4 KiB
YAML
193 lines
6.4 KiB
YAML
---
|
|
# yaml-language-server: $schema=https://json.schemastore.org/github-workflow.json
|
|
name: PR Build and Report
|
|
|
|
on:
|
|
pull_request:
|
|
types: [opened, synchronize, reopened]
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
cancel-in-progress: true
|
|
|
|
env:
|
|
# Use docker.io for Docker Hub if empty
|
|
REGISTRY: ghcr.io
|
|
# github.repository as <account>/<repo>
|
|
IMAGE_NAME: ${{ github.repository }}
|
|
|
|
permissions: read-all
|
|
|
|
jobs:
|
|
pr-build:
|
|
name: PR Build
|
|
runs-on: ${{ matrix.arch == 'linux/arm64' && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
|
|
timeout-minutes: 30
|
|
|
|
permissions:
|
|
contents: read
|
|
issues: write
|
|
pull-requests: write
|
|
statuses: write
|
|
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
php: [php74, php80, php81, php82, php83, php84, php85]
|
|
arch: ["linux/amd64", "linux/arm64"]
|
|
|
|
steps:
|
|
- uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
|
|
|
|
- name: Set result filename
|
|
id: resultfile
|
|
run: |
|
|
TAG_ARCH="${{ matrix.arch }}"
|
|
TAG_ARCH="${TAG_ARCH//\//-}"
|
|
FILENAME="result-${{ matrix.php }}-${TAG_ARCH}.json"
|
|
echo "filename=$FILENAME" >> "$GITHUB_OUTPUT"
|
|
echo "tag_arch=$TAG_ARCH" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
|
|
|
|
- name: Log in to the Container registry
|
|
uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
|
|
with:
|
|
registry: ${{ env.REGISTRY }}
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
|
|
- name: Docker metadata
|
|
id: meta
|
|
uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
|
|
with:
|
|
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php }}
|
|
tags: |
|
|
type=raw,value=${{ matrix.php }}-${{ matrix.arch }}
|
|
|
|
- name: Extract base image
|
|
id: baseimage
|
|
run: |
|
|
BASE_IMAGE="$(grep -m1 '^FROM ' ./${{ matrix.php }}/Dockerfile | awk '{print $2}')"
|
|
echo "base_image=$BASE_IMAGE" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Build Docker image (capture cache usage)
|
|
id: build
|
|
shell: bash
|
|
run: |
|
|
TAG_ARCH="${{ steps.resultfile.outputs.tag_arch }}"
|
|
IMAGE_TAG="${{ env.IMAGE_NAME }}:${{ matrix.php }}-${TAG_ARCH}"
|
|
START="$(date +%s)"
|
|
docker buildx build \
|
|
--platform ${{ matrix.arch }} \
|
|
--tag "$IMAGE_TAG" \
|
|
--cache-from type=gha,scope=${{ matrix.php }}-${{ matrix.arch }} \
|
|
--cache-to type=gha,mode=max,scope=${{ matrix.php }}-${{ matrix.arch }} \
|
|
--progress plain \
|
|
--load ./${{ matrix.php }}/ | tee build.log
|
|
END="$(date +%s)"
|
|
echo "duration=$((END-START))" >> "$GITHUB_OUTPUT"
|
|
if grep -q 'CACHED' build.log; then
|
|
echo "cache_used=true" >> "$GITHUB_OUTPUT"
|
|
else
|
|
echo "cache_used=false" >> "$GITHUB_OUTPUT"
|
|
fi
|
|
|
|
- name: Get image size
|
|
id: image_info
|
|
shell: bash
|
|
run: |
|
|
TAG_ARCH="${{ steps.resultfile.outputs.tag_arch }}"
|
|
IMAGE="${{ env.IMAGE_NAME }}:${{ matrix.php }}-${TAG_ARCH}"
|
|
SIZE="$(docker image inspect "$IMAGE" --format='{{.Size}}')"
|
|
SIZE_MB="$((SIZE/1024/1024))"
|
|
echo "size_mb=$SIZE_MB" >> "$GITHUB_OUTPUT"
|
|
|
|
- name: Save build result
|
|
shell: bash
|
|
run: |
|
|
jq -n \
|
|
--arg php "${{ matrix.php }}" \
|
|
--arg arch "${{ matrix.arch }}" \
|
|
--arg status "success" \
|
|
--arg duration "${{ steps.build.outputs.duration }}" \
|
|
--arg size_mb "${{ steps.image_info.outputs.size_mb }}" \
|
|
--arg base_image "${{ steps.baseimage.outputs.base_image }}" \
|
|
--arg cache_used "${{ steps.build.outputs.cache_used }}" \
|
|
'{
|
|
php: $php,
|
|
arch: $arch,
|
|
status: $status,
|
|
duration: $duration,
|
|
size_mb: $size_mb,
|
|
base_image: $base_image,
|
|
cache_used: $cache_used
|
|
}' > ${{ steps.resultfile.outputs.filename }}
|
|
|
|
- name: Move result file to output directory
|
|
shell: bash
|
|
run: |
|
|
mkdir -p results
|
|
mv ${{ steps.resultfile.outputs.filename }} results/
|
|
|
|
- name: Upload build result
|
|
uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
|
|
with:
|
|
name: build-results-${{ steps.resultfile.outputs.filename }}
|
|
path: results/
|
|
overwrite: true
|
|
if-no-files-found: warn
|
|
|
|
aggregate-results:
|
|
name: Aggregate Results and Comment
|
|
runs-on: ubuntu-latest
|
|
needs: pr-build
|
|
|
|
permissions:
|
|
contents: read
|
|
issues: write
|
|
pull-requests: write
|
|
statuses: write
|
|
|
|
if: github.event_name == 'pull_request'
|
|
steps:
|
|
- name: Download all build results
|
|
id: dl
|
|
uses: actions/download-artifact@70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3 # v8.0.0
|
|
with:
|
|
path: results
|
|
|
|
- name: Summarize results
|
|
id: summarize
|
|
shell: bash
|
|
run: |
|
|
set -x
|
|
{
|
|
echo "## Build Matrix Results"
|
|
echo ""
|
|
echo "| PHP Version | Architecture | Status | Duration (s) | Image Size (MB) | Base Image | Cache Used |"
|
|
echo "|-------------|--------------|---------|--------------|-----------------|------------|------------|"
|
|
} > comment.md
|
|
for f in ${{ steps.dl.outputs.download-path }}/**/*.json; do
|
|
echo "debug"
|
|
cat "$f"
|
|
echo "/debug"
|
|
|
|
php=$(jq -r .php "$f")
|
|
arch=$(jq -r .arch "$f")
|
|
status=$(jq -r .status "$f")
|
|
duration=$(jq -r .duration "$f")
|
|
size_mb=$(jq -r .size_mb "$f")
|
|
base_image=$(jq -r .base_image "$f")
|
|
cache_used=$(jq -r .cache_used "$f")
|
|
echo "| $php | $arch | $status | $duration | $size_mb | $base_image | $cache_used |" >> comment.md
|
|
done
|
|
|
|
- name: Create or update PR comment
|
|
uses: peter-evans/create-or-update-comment@e8674b075228eee787fea43ef493e45ece1004c9 # v5.0.0
|
|
with:
|
|
token: ${{ secrets.GITHUB_TOKEN }}
|
|
issue-number: ${{ github.event.pull_request.number }}
|
|
body-file: comment.md
|