--- name: Build Docker images on: pull_request: branches: - main push: branches: - main tags: - v*.*.* workflow_dispatch: inputs: {} schedule: - cron: '0 4 * * *' jobs: prepare: runs-on: ubuntu-latest outputs: # Push if it's a scheduled job, a tag, or if we're committing to the main branch push: ${{ toJson(github.event_name == 'schedule' || startsWith(github.ref, 'refs/tags/') || (github.ref == 'refs/heads/main' && github.event_name != 'pull_request')) }} variants: ${{ steps.matrix.outputs.variants }} platforms: ${{ steps.matrix.outputs.platforms }} metadata: ${{ steps.matrix.outputs.metadata }} php_version: ${{ steps.check.outputs.php_version }} skip: ${{ steps.check.outputs.skip }} ref: ${{ steps.check.outputs.ref }} steps: - name: Check PHP versions id: check run: | PHP_82_LATEST=$(skopeo inspect docker://docker.io/library/php:8.2 --override-os linux --override-arch amd64 | jq -r '.Env[] | select(test("^PHP_VERSION=")) | sub("^PHP_VERSION="; "")') PHP_83_LATEST=$(skopeo inspect docker://docker.io/library/php:8.3 --override-os linux --override-arch amd64 | jq -r '.Env[] | select(test("^PHP_VERSION=")) | sub("^PHP_VERSION="; "")') echo php_version="${PHP_83_LATEST},${PHP_82_LATEST}" >> "${GITHUB_OUTPUT}" # Check if the Docker images must be rebuilt if [[ "${GITHUB_EVENT_NAME}" != "schedule" ]]; then echo skip=false >> "${GITHUB_OUTPUT}" exit 0 fi FRANKENPHP_82_LATEST=$(skopeo inspect docker://docker.io/dunglas/frankenphp:latest-php8.2 --override-os linux --override-arch amd64 | jq -r '.Env[] | select(test("^PHP_VERSION=")) | sub("^PHP_VERSION="; "")') FRANKENPHP_83_LATEST=$(skopeo inspect docker://docker.io/dunglas/frankenphp:latest-php8.3 --override-os linux --override-arch amd64 | jq -r '.Env[] | select(test("^PHP_VERSION=")) | sub("^PHP_VERSION="; "")') if [[ "${FRANKENPHP_82_LATEST}" == "${PHP_82_LATEST}" ]] && [[ "${FRANKENPHP_83_LATEST}" == "${PHP_83_LATEST}" ]]; then echo skip=true >> "${GITHUB_OUTPUT}" exit 0 fi { echo ref="$(gh release view --repo dunglas/frankenphp --json tagName --jq '.tagName')" echo skip=false } >> "${GITHUB_OUTPUT}" - uses: actions/checkout@v4 if: ${{ !fromJson(steps.check.outputs.skip) }} with: ref: ${{ steps.check.outputs.ref }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: version: latest - name: Create variants matrix if: ${{ !fromJson(steps.check.outputs.skip) }} id: matrix run: | METADATA="$(docker buildx bake --print | jq -c)" { echo metadata="${METADATA}" echo variants="$(jq -c '.group.default.targets|map(sub("runner-|builder-"; ""))|unique' <<< "${METADATA}")" echo platforms="$(jq -c 'first(.target[]) | .platforms' <<< "${METADATA}")" } >> "${GITHUB_OUTPUT}" env: SHA: ${{ github.sha }} VERSION: ${{ (github.ref_type == 'tag' && github.ref_name) || steps.check.outputs.ref || github.sha }} PHP_VERSION: ${{ steps.check.outputs.php_version }} build: runs-on: ubuntu-latest needs: - prepare if: ${{ !fromJson(needs.prepare.outputs.skip) }} strategy: fail-fast: false matrix: variant: ${{ fromJson(needs.prepare.outputs.variants) }} platform: ${{ fromJson(needs.prepare.outputs.platforms) }} include: - race: "" qemu: true - platform: linux/amd64 qemu: false race: "-race" # The Go race detector is only supported on amd64 - platform: linux/386 qemu: false steps: - uses: actions/checkout@v4 with: ref: ${{ needs.prepare.outputs.ref }} - name: Set up QEMU if: matrix.qemu uses: docker/setup-qemu-action@v3 with: platforms: ${{ matrix.platform }} - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: platforms: ${{ matrix.platform }} version: latest - name: Login to DockerHub if: fromJson(needs.prepare.outputs.push) uses: docker/login-action@v3 with: username: ${{ secrets.REGISTRY_USERNAME }} password: ${{ secrets.REGISTRY_PASSWORD }} - name: Build id: build uses: docker/bake-action@v4 with: pull: true load: ${{ !fromJson(needs.prepare.outputs.push) }} targets: | builder-${{ matrix.variant }} runner-${{ matrix.variant }} # Remove tags to prevent "can't push tagged ref [...] by digest" error set: | *.tags= *.platform=${{ matrix.platform }} *.cache-from=type=gha,scope=${{ github.ref }}-${{ matrix.platform }} *.cache-from=type=gha,scope=refs/heads/main-${{ matrix.platform }} *.cache-to=type=gha,scope=${{ github.ref }}-${{ matrix.platform }},ignore-error=true ${{ fromJson(needs.prepare.outputs.push) && '*.output=type=image,name=dunglas/frankenphp,push-by-digest=true,name-canonical=true,push=true' || '' }} env: SHA: ${{ github.sha }} VERSION: ${{ github.ref_type == 'tag' && github.ref_name || needs.prepare.outputs.ref || github.sha }} PHP_VERSION: ${{ needs.prepare.outputs.php_version }} - # Workaround for https://github.com/actions/runner/pull/2477#issuecomment-1501003600 name: Export metadata if: fromJson(needs.prepare.outputs.push) run: | mkdir -p /tmp/metadata/builder /tmp/metadata/runner # shellcheck disable=SC2086 builderDigest=$(jq -r '."builder-${{ matrix.variant }}"."containerimage.digest"' <<< ${METADATA}) touch "/tmp/metadata/builder/${builderDigest#sha256:}" # shellcheck disable=SC2086 runnerDigest=$(jq -r '."runner-${{ matrix.variant }}"."containerimage.digest"' <<< ${METADATA}) touch "/tmp/metadata/runner/${runnerDigest#sha256:}" env: METADATA: ${{ steps.build.outputs.metadata }} - name: Upload builder metadata if: fromJson(needs.prepare.outputs.push) uses: actions/upload-artifact@v3 with: name: metadata-builder-${{ matrix.variant }} path: /tmp/metadata/builder/* if-no-files-found: error retention-days: 1 - name: Upload runner metadata if: fromJson(needs.prepare.outputs.push) uses: actions/upload-artifact@v3 with: name: metadata-runner-${{ matrix.variant }} path: /tmp/metadata/runner/* if-no-files-found: error retention-days: 1 - name: Run tests if: '!matrix.qemu' continue-on-error: ${{ fromJson(needs.prepare.outputs.push) }} run: | docker run --platform=${{ matrix.platform }} --rm \ "$(jq -r '."builder-${{ matrix.variant }}"."containerimage.config.digest"' <<< "${METADATA}")" \ sh -c 'go test ${{ matrix.race }} -v ./... && cd caddy && go test ${{ matrix.race }} -v ./...' env: METADATA: ${{ steps.build.outputs.metadata }} # Adapted from https://docs.docker.com/build/ci/github-actions/multi-platform/ push: runs-on: ubuntu-latest needs: - prepare - build if: fromJson(needs.prepare.outputs.push) strategy: fail-fast: false matrix: variant: ${{ fromJson(needs.prepare.outputs.variants) }} target: ['builder', 'runner'] steps: - name: Download metadata uses: actions/download-artifact@v4 with: name: metadata-${{ matrix.target }}-${{ matrix.variant }} path: /tmp/metadata - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 with: version: latest - name: Login to DockerHub uses: docker/login-action@v3 with: username: ${{ secrets.REGISTRY_USERNAME }} password: ${{ secrets.REGISTRY_PASSWORD }} - name: Create manifest list and push working-directory: /tmp/metadata run: | # shellcheck disable=SC2046,SC2086 docker buildx imagetools create $(jq -cr '.target."${{ matrix.target }}-${{ matrix.variant }}".tags | map("-t " + .) | join(" ")' <<< ${METADATA}) \ $(printf 'dunglas/frankenphp@sha256:%s ' *) env: METADATA: ${{ needs.prepare.outputs.metadata }} - name: Inspect image run: | # shellcheck disable=SC2046,SC2086 docker buildx imagetools inspect $(jq -cr '.target."${{ matrix.target }}-${{ matrix.variant }}".tags | first' <<< ${METADATA}) env: METADATA: ${{ needs.prepare.outputs.metadata }}