diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 7a3f67e..9af05d6 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,202 +1,27 @@ -name: Build +name: Build Docker Image + on: - workflow_dispatch: push: branches: - main - pull_request: - -env: - DOCKER_BUILDKIT: 1 - COSIGN_EXPERIMENTAL: 1 - - -permissions: - contents: write - id-token: write - packages: write jobs: - generate-matrix: - runs-on: ubuntu-latest - outputs: - matrix: ${{ steps.generate-matrix.outputs.matrix }} - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Generate Matrix - id: generate-matrix - run: | - MATRIX=$(php matrix.php) - echo "matrix<> $GITHUB_OUTPUT - echo "$MATRIX" >> $GITHUB_OUTPUT - echo 'EOF' >> $GITHUB_OUTPUT - - build-fpm-amd64: - name: PHP FPM ${{ matrix.php }} on amd64 + build: runs-on: ubuntu-latest - needs: [generate-matrix] - strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Login into Github Docker Registery - run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin + - name: Checkout Repository + uses: actions/checkout@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - uses: docker/build-push-action@v5 - with: - tags: ${{ matrix.fpm-image }}-amd64 - context: fpm - cache-from: type=gha,scope=fpm-${{ matrix.php }}-amd64 - cache-to: type=gha,mode=max,scope=fpm-${{ matrix.php }}-amd64 - platforms: linux/amd64 - build-args: | - PHP_PATCH_VERSION=${{ matrix.phpPatch }} - PHP_DIGEST=${{ matrix.phpPatchDigest }} - push: true - provenance: false - - build-fpm-arm64: - name: PHP FPM ${{ matrix.php }} on arm64 - runs-on: hcloud-arm64-small - needs: [generate-matrix] - strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} - steps: - - name: Checkout - uses: actions/checkout@v4 - + uses: docker/setup-buildx-action@v2 + - name: Login into Github Docker Registery run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - uses: docker/build-push-action@v5 + - name: Build and push + uses: docker/build-push-action@v4 with: - tags: ${{ matrix.fpm-image }}-arm64 - context: fpm - cache-from: type=gha,scope=fpm-${{ matrix.php }}-arm64 - cache-to: type=gha,mode=max,scope=fpm-${{ matrix.php }}-arm64 - platforms: linux/arm64 - build-args: | - PHP_PATCH_VERSION=${{ matrix.phpPatch }} - PHP_DIGEST=${{ matrix.phpPatchDigest }} - push: true - provenance: false - - fpm-merge: - name: Generate Docker Manifest for PHP ${{ matrix.php }} - runs-on: ubuntu-latest - needs: [generate-matrix, build-fpm-amd64, build-fpm-arm64] - strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} - steps: - - name: Login into Docker Hub - run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin - - - name: Login into Github Docker Registery - run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin - - - name: Install Cosign - uses: sigstore/cosign-installer@v3 - - - name: Install Regclient - run: | - wget https://github.com/regclient/regclient/releases/latest/download/regctl-linux-amd64 - chmod +x regctl-linux-amd64 - - - run: docker manifest create ${{ matrix.fpm-image }} --amend ${{ matrix.fpm-image }}-amd64 --amend ${{ matrix.fpm-image }}-arm64 - - - run: docker manifest push ${{ matrix.fpm-image }} - - - run: cosign sign --yes ${{ matrix.fpm-image }} - - - run: docker manifest create ${{ matrix.fpm-patch-image }} --amend ${{ matrix.fpm-image }}-amd64 --amend ${{ matrix.fpm-image }}-arm64 - - - run: docker manifest push ${{ matrix.fpm-patch-image }} - - - run: cosign sign --yes ${{ matrix.fpm-patch-image }} - - - if: github.ref == 'refs/heads/main' - run: ./regctl-linux-amd64 image copy ${{ matrix.fpm-image }} ${{ matrix.fpm-hub-image }} - - - if: github.ref == 'refs/heads/main' - run: ./regctl-linux-amd64 image copy ${{ matrix.fpm-patch-image }} ${{ matrix.fpm-patch-hub-image }} - - caddy: - name: Build Caddy ${{ matrix.php }} - runs-on: ubuntu-latest - needs: [generate-matrix, fpm-merge] - strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Login into Docker Hub - run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin - - - name: Login into Github Docker Registery - run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - uses: docker/build-push-action@v5 - with: - tags: | - ${{ matrix.caddy-tags }} - context: caddy - cache-from: type=registry,ref=ghcr.io/shopware/docker-cache:${{ matrix.php }}-caddy - cache-to: type=registry,ref=ghcr.io/shopware/docker-cache:${{ matrix.php }}-caddy,mode=max - platforms: linux/amd64,linux/arm64 - build-args: | - PHP_PATCH_VERSION=${{ matrix.phpPatch }} - PHP_DIGEST=${{ matrix.phpPatchDigest }} - SUPERVISORD_DIGEST=${{ matrix.supervisordDigest }} - push: true - provenance: false - - check: - name: Test Image - runs-on: ubuntu-latest - needs: [caddy] - if: github.ref != 'refs/heads/main' - steps: - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Checkout example repo - uses: actions/checkout@v4 - with: - repository: shopwareLabs/example-docker-repository - - - name: Build - id: build - uses: docker/build-push-action@v5 - with: - push: false - load: true - build-args: | - BASE_IMAGE=ghcr.io/shopware/docker-base-ci-test:${{ github.run_id }}-8.3-caddy context: . - file: Dockerfile - cache-from: type=gha - cache-to: type=gha,mode=max - - - name: Run image - env: - DOCKER_BUILDKIT: 0 - run: docker compose up -d --wait - - - name: Check if shopware is running - run: curl --fail localhost:8000/admin - - # output logs if failed - - name: Output logs - working-directory: example-repo - run: docker compose logs - if: ${{ failure() }} + file: ./docker/Dockerfile + push: true + tags: ghcr.io/${{ github.repository_owner }}/${{ github.event.repository.name }}