From efb015b18cdd2b0869b64106f6eee24462d163ab Mon Sep 17 00:00:00 2001 From: Go Kudo Date: Fri, 12 Jul 2024 22:06:28 +0900 Subject: [PATCH] wip --- .github/workflows/___build_base.yml | 74 ++++++++++-------- .github/workflows/___build_variants.yml | 77 +++++++++++++++++++ .../workflows/__generate_image_variants.yml | 15 +--- .github/workflows/_determine_php_versions.yml | 2 +- .github/workflows/_mixin_values.yml | 2 +- .github/workflows/daily.yml | 18 +++++ Dockerfile | 4 +- {variants => types}/cli/Dockerfile | 8 +- {variants => types}/fpm/Dockerfile | 8 +- 9 files changed, 151 insertions(+), 57 deletions(-) create mode 100644 .github/workflows/___build_variants.yml rename {variants => types}/cli/Dockerfile (60%) rename {variants => types}/fpm/Dockerfile (61%) diff --git a/.github/workflows/___build_base.yml b/.github/workflows/___build_base.yml index 73607a2..a32f9e4 100644 --- a/.github/workflows/___build_base.yml +++ b/.github/workflows/___build_base.yml @@ -1,4 +1,4 @@ -name: Build base +name: _Build base on: workflow_call: @@ -6,6 +6,14 @@ on: image_variants: type: string required: true + runs-on: + type: string + required: false + default: "ubuntu-latest" + platform: + type: string + required: false + default: "linux/amd64/v3" enable_minor: type: boolean required: false @@ -17,7 +25,7 @@ permissions: jobs: build: name: Build base images - runs-on: ubuntu-latest + runs-on: ${{ inputs.runs-on }} strategy: matrix: include: ${{ fromJson(inputs.image_variants) }} @@ -26,36 +34,34 @@ jobs: id: determine_tags run: | echo "values=ghcr.io/${{ github.repository }}:${{ matrix.tag }}${{ matrix.variant }}-base${{ inputs.enable_minor && format(',ghcr.io/{0}:{1}{2}-base', github.repository, matrix.minor, matrix.variant) || '' }}" >> $GITHUB_OUTPUT - - name: Test + - name: Checkout + uses: actions/checkout@v4 + with: + submodules: true + fetch-depth: 0 + - name: Checkout PHP run: | - echo "${{ steps.determine_tags.outputs.values }}" - # - name: Checkout - # uses: actions/checkout@v4 - # with: - # submodules: true - # fetch-depth: 0 - # - name: Checkout PHP - # run: | - # cd "third_party/php/php-src" - # git checkout "${{ matrix.hash }}" - # - name: Setup Buildx - # uses: docker/setup-buildx-action@v3 - # - name: Login to GitHub Packages - Container Registry - # uses: docker/login-action@v3 - # with: - # registry: ghcr.io - # username: ${{ github.actor }} - # password: ${{ secrets.GITHUB_TOKEN }} - # - name: Build and Push image - # uses: docker/build-push-action@v6 - # with: - # context: . - # push: true - # pull: true - # github-token: ${{ secrets.GITHUB_TOKEN }} - # platforms: ${{ matrix.platforms }} - # build-args: | - # DP_CFLAGS_OPTIMIZE=${{ matrix.optimize_options_c_cpp }} - # DP_CPPFLAGS_OPTIMIZE=${{ matrix.optimize_options_c_cpp }} - # DP_LDFLAGS_OPTIMIZE=${{ matrix.optimize_ld }} - # DP_PHP_CONFIGURE_OPTIONS_APPEND=${{ matrix.configure_append }} + cd "third_party/php/php-src" + git checkout "${{ matrix.hash }}" + - name: Setup Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Packages - Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and Push image + uses: docker/build-push-action@v6 + with: + context: . + push: true + pull: true + github-token: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.determine_tags.outputs.values }} + build-args: | + PLATFORM=${{ inputs.platform }} + DP_CFLAGS_OPTIMIZE=${{ matrix.optimize_options_c_cpp }} + DP_CPPFLAGS_OPTIMIZE=${{ matrix.optimize_options_c_cpp }} + DP_LDFLAGS_OPTIMIZE=${{ matrix.optimize_ld }} + DP_PHP_CONFIGURE_OPTIONS_APPEND=${{ matrix.configure_append }} diff --git a/.github/workflows/___build_variants.yml b/.github/workflows/___build_variants.yml new file mode 100644 index 0000000..d02b742 --- /dev/null +++ b/.github/workflows/___build_variants.yml @@ -0,0 +1,77 @@ +name: _Build variants + +on: + workflow_call: + inputs: + types_directory: + type: string + required: false + default: "types" + types: + type: string + required: true + image_variants: + type: string + required: true + runs-on: + type: string + required: false + default: "ubuntu-latest" + platform: + type: string + required: false + default: "linux/amd64/v3" + enable_minor: + type: boolean + required: false + default: false + +permissions: + packages: write + +jobs: + build: + name: Build variant images + runs-on: ${{ inputs.runs-on }} + strategy: + matrix: + types: ${{ fromJson(inputs.types) }} + include: ${{ fromJson(inputs.image_variants) }} + steps: + - name: Determine informations + id: determine_informations + env: + BASE_TAG: "ghcr.io/${{ github.repository }}:${{ matrix.tag }}${{ matrix.variant }}" + BASE_TAG_SHORT: "ghcr.io/${{ github.repository }}:${{ matrix.minor }}${{ matrix.variant }}" + run: | + echo "base=${BASE_TAG}-base" >> $GITHUB_OUTPUT + echo "values=${BASE_TAG}-${{ matrix.types }}${{ inputs.enable_minor && format(',{0}-{1}', env.BASE_TAG_SHORT, matrix.types) }}" + - name: Get Debian version + id: debian_version + run: | + echo value="$(docker run --rm -i "${{ steps.determine_informations.outputs.base }}" sh -c '. /etc/os-release && echo ${VERSION_ID}')" >> $GITHUB_OUTPUT + - name: Checkout + uses: actions/checkout@v4 + with: + submodules: false + fetch-depth: 1 + - name: Setup Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to GitHub Packages - Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build and Push image + uses: docker/build-push-action@v6 + with: + context: "${{ inputs.types_directory }}/${{ matrix.types }}" + push: true + pull: true + github-token: ${{ secrets.GITHUB_TOKEN }} + tags: ${{ steps.determine_informations.outputs.values }} + build-args: | + PLATFORM=${{ inputs.platform }} + BASE_IMAGE=${{ steps.determine_informations.outputs.base }} + DEBIAN_VERSION=${{ steps.debian_version.outputs.debian_version }} diff --git a/.github/workflows/__generate_image_variants.yml b/.github/workflows/__generate_image_variants.yml index 95de3fb..8b89a3c 100644 --- a/.github/workflows/__generate_image_variants.yml +++ b/.github/workflows/__generate_image_variants.yml @@ -1,4 +1,4 @@ -name: Generate image variants +name: _Generate image variants on: workflow_call: @@ -12,7 +12,7 @@ on: value: ${{ jobs.variants.outputs.values }} jobs: - mixin_flag: + mixin: uses: ./.github/workflows/_mixin_values.yml with: base_json: ${{ inputs.php_versions_json }} @@ -29,19 +29,12 @@ jobs: configure_append: "" optimize_options_c_cpp: "-O3" optimize_options_ld: "-O2" - mixin_platforms: - needs: mixin_flag - uses: ./.github/workflows/_mixin_values.yml - with: - base_json: ${{ needs.mixin_flag.outputs.values }} - mixin_yaml: | - - platform: "linux/amd64/v3" variants: - needs: mixin_platforms + needs: mixin runs-on: ubuntu-latest steps: - env: - RESULT: ${{ needs.mixin_platforms.outputs.values }} + RESULT: ${{ needs.mixin.outputs.values }} id: variants run: | echo "values=${RESULT}" >> $GITHUB_OUTPUT diff --git a/.github/workflows/_determine_php_versions.yml b/.github/workflows/_determine_php_versions.yml index 4fc6c75..48a2de0 100644 --- a/.github/workflows/_determine_php_versions.yml +++ b/.github/workflows/_determine_php_versions.yml @@ -1,4 +1,4 @@ -name: Determine PHP version and hash +name: _Determine PHP version and hash on: workflow_call: diff --git a/.github/workflows/_mixin_values.yml b/.github/workflows/_mixin_values.yml index b07e438..b448a11 100644 --- a/.github/workflows/_mixin_values.yml +++ b/.github/workflows/_mixin_values.yml @@ -1,4 +1,4 @@ -name: Mixin values +name: _Mixin values on: workflow_call: diff --git a/.github/workflows/daily.yml b/.github/workflows/daily.yml index 024c770..85a7357 100644 --- a/.github/workflows/daily.yml +++ b/.github/workflows/daily.yml @@ -24,3 +24,21 @@ jobs: with: image_variants: ${{ needs.generate_image_variants.outputs.values }} enable_minor: true + determine_types: + runs-on: ubuntu-latest + steps: + - name: Determine types + id: determine_types + run: | + echo values="$(ls "types")" >> $GITHUB_OUTPUT + outputs: + values: ${{ steps.determine_types.outputs.values }} + build_variants: + needs: ["determine_types", "generate_image_variants", "build_base"] + uses: ./.github/workflows/___build_variants.yml + strategy: + max-parallel: 3 + with: + types: ${{ fromJson(needs.determine_types.outputs.values) }} + image_variants: ${{ needs.generate_image_variants.outputs.values }} + enable_minor: true diff --git a/Dockerfile b/Dockerfile index 16c6973..7de28d0 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -ARG ARCH="arm64/v8" +ARG PLATFORM="linux/arm64/v8" ARG DP_CFLAGS_OPTIMIZE="-O2" ARG DP_PHP_CFLAGS="-fstack-protector-strong -fpic -fpie ${DP_CFLAGS_OPTIMIZE}" @@ -11,7 +11,7 @@ ARG DP_PHP_DEB_PACKAGES="libgmp-dev libzip-dev libyaml-dev libzstd-dev libargon2 ARG DP_PHP_CONFIGURE_OPTIONS_APPEND="" ARG DP_PHP_CONFIGURE_OPTIONS="--enable-bcmath --enable-exif --enable-intl --enable-pcntl --enable-sockets --enable-sysvmsg --enable-sysvsem --enable-sysvshm --with-gmp --with-pdo-mysql --with-zip --with-pic --enable-mysqlnd --with-password-argon2 --with-sodium --with-pdo-sqlite=/usr --with-sqlite3=/usr --with-curl --with-iconv --with-openssl --with-readline --with-zlib --disable-phpdbg --disable-cgi --enable-fpm --with-fpm-user=nonroot --with-fpm-group=nonroot ${DP_PHP_CONFIGURE_OPTIONS_APPEND}" -FROM --platform="linux/${ARCH}" debian:12 +FROM --platform="${PLATFORM}" debian:12 ARG DP_CFLAGS_OPTIMIZE ARG DP_PHP_CFLAGS diff --git a/variants/cli/Dockerfile b/types/cli/Dockerfile similarity index 60% rename from variants/cli/Dockerfile rename to types/cli/Dockerfile index a336cf4..34d0caf 100644 --- a/variants/cli/Dockerfile +++ b/types/cli/Dockerfile @@ -1,13 +1,13 @@ -ARG ARCH="arm64/v8" +ARG PLATFORM="linux/arm64/v8" ARG BASE_IMAGE ARG DEBIAN_VERSION -FROM --platform="linux/${ARCH}" busybox:latest AS busybox +FROM --platform="${PLATFORM}" busybox:latest AS busybox -FROM --platform="linux/${ARCH}" ${BASE_IMAGE} AS base +FROM --platform="${PLATFORM}" ${BASE_IMAGE} AS base RUN distroless_php_add_binary "/usr/local/bin/php" $(find "$(php-config --extension-dir)" -type f) -FROM --platform="linux/${ARCH}" gcr.io/distroless/base-nossl-debian${DEBIAN_VERSION}:latest +FROM --platform="${PLATFORM}" gcr.io/distroless/base-nossl-debian${DEBIAN_VERSION}:latest COPY --from=busybox "/bin/busybox" "/bin/busybox" RUN ["/bin/busybox", "rm", "-rf", "/usr/lib"] diff --git a/variants/fpm/Dockerfile b/types/fpm/Dockerfile similarity index 61% rename from variants/fpm/Dockerfile rename to types/fpm/Dockerfile index 4ba13b5..e12d876 100644 --- a/variants/fpm/Dockerfile +++ b/types/fpm/Dockerfile @@ -1,13 +1,13 @@ -ARG ARCH="arm64/v8" +ARG PLATFORM="linux/arm64/v8" ARG BASE_IMAGE ARG DEBIAN_VERSION -FROM --platform="linux/${ARCH}" busybox:latest AS busybox +FROM --platform="${PLATFORM}" busybox:latest AS busybox -FROM --platform="linux/${ARCH}" ${BASE_IMAGE} AS base +FROM --platform="${PLATFORM}" ${BASE_IMAGE} AS base RUN distroless_php_add_binary "/usr/local/sbin/php-fpm" $(find "$(php-config --extension-dir)" -type f) -FROM --platform="linux/${ARCH}" gcr.io/distroless/base-nossl-debian${DEBIAN_VERSION}:latest +FROM --platform="${PLATFORM}" gcr.io/distroless/base-nossl-debian${DEBIAN_VERSION}:latest COPY --from=busybox "/bin/busybox" "/bin/busybox" RUN ["/bin/busybox", "rm", "-rf", "/usr/lib"]