From dad44c8555d51dfb39a167b46d6537a714dddddf Mon Sep 17 00:00:00 2001 From: Matthew Baggett Date: Sun, 30 May 2021 16:01:23 +0200 Subject: [PATCH] Feature/break up monolithic build (#5) * Supress warning. * Letsencrypt. * Break up monolithic build. * Bump flavours. * Bump everything [skip ci] --- .github/workflows/build.yml | 324 -------------------------- .github/workflows/lint.yml | 26 +++ .github/workflows/mariadb.yml | 35 +++ .github/workflows/marshall.yml | 47 ++++ .github/workflows/octoprint.yml | 55 +++++ .github/workflows/php-core.yml | 82 +++++++ .github/workflows/php-flavours.yml | 80 +++++++ .github/workflows/php-vanity-tags.yml | 37 +++ .github/workflows/redis.yml | 34 +++ .github/workflows/wordpress.yml | 34 +++ mariadb/Dockerfile | 3 + marshall/Dockerfile | 3 +- php/Dockerfile.Core | 3 +- php/Dockerfile.Flavours | 20 +- php/php+nginx/letsencrypt.runit | 40 ++++ php/php+nginx/php-fpm.runit | 3 +- redis/Dockerfile | 2 + wordpress/Dockerfile | 2 + 18 files changed, 495 insertions(+), 335 deletions(-) delete mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/lint.yml create mode 100644 .github/workflows/mariadb.yml create mode 100644 .github/workflows/marshall.yml create mode 100644 .github/workflows/octoprint.yml create mode 100644 .github/workflows/php-core.yml create mode 100644 .github/workflows/php-flavours.yml create mode 100644 .github/workflows/php-vanity-tags.yml create mode 100644 .github/workflows/redis.yml create mode 100644 .github/workflows/wordpress.yml create mode 100755 php/php+nginx/letsencrypt.runit diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml deleted file mode 100644 index c757732..0000000 --- a/.github/workflows/build.yml +++ /dev/null @@ -1,324 +0,0 @@ -name: Build - -on: - push: - schedule: - - cron: '0 4 * * TUE' - -jobs: - - lint: - name: Lint docker files - runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: - dockerfile: - - marshall/Dockerfile - - php/Dockerfile.Core - - php/Dockerfile.Flavours - - node/Dockerfile - - mariadb/Dockerfile - - redis/Dockerfile - - octoprint/Dockerfile - steps: - - uses: actions/checkout@master - - uses: brpaz/hadolint-action@master - with: - dockerfile: ${{ matrix.dockerfile }} - - marshall-build: - name: "Build Marshall" - needs: [ lint ] - runs-on: ubuntu-20.04 - steps: - - uses: actions/checkout@v1 - - uses: docker/setup-qemu-action@v1 - - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - name: Login to Docker Hub - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - uses: docker/login-action@v1 - name: Login to Github Container Registry - with: - registry: ghcr.io - username: ${{ github.repository_owner }} - password: ${{ secrets.GHCR_PAT }} - - name: Setup Marshall - run: | - git rev-parse --short HEAD > marshall/marshall_version - date '+%Y-%m-%d %H:%M:%S' > marshall/marshall_build_date - hostname > marshall/marshall_build_host - - uses: docker/build-push-action@v2 - name: Build & Push - with: - context: marshall - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: | - benzine/marshall:latest - gone/marshall:latest - - php-build-core: - name: "Build PHP Core" - needs: [ lint, marshall-build ] - runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: - version: - #- "7.0" - #- "7.1" - #- "7.2" - - "7.3" - - "7.4" - - "8.0" - env: - PHP_PACKAGES_70: git mariadb-client php7.0-apcu php7.0-bcmath php7.0-bz2 php7.0-cli php7.0-curl php7.0-gd php7.0-imap php7.0-imagick php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-memcache php7.0-memcached php7.0-mongodb php7.0-mysql php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-redis php7.0-soap php7.0-sqlite php7.0-xdebug php7.0-xml php7.0-zip postgresql-client - PHP_PACKAGES_71: git mariadb-client php7.1-apcu php7.1-bcmath php7.1-bz2 php7.1-cli php7.1-curl php7.1-gd php7.1-imap php7.1-imagick php7.1-intl php7.1-json php7.1-ldap php7.1-mbstring php7.1-mcrypt php7.1-memcache php7.1-memcached php7.1-mongodb php7.1-mysql php7.1-opcache php7.1-pgsql php7.1-phpdbg php7.1-pspell php7.1-redis php7.1-soap php7.1-sqlite php7.1-xdebug php7.1-xml php7.1-zip postgresql-client - PHP_PACKAGES_72: git mariadb-client php7.2-apcu php7.2-bcmath php7.2-bz2 php7.2-cli php7.2-curl php7.2-gd php7.2-imap php7.2-imagick php7.2-intl php7.2-json php7.2-ldap php7.2-mbstring php7.2-memcache php7.2-memcached php7.2-mongodb php7.2-mysql php7.2-opcache php7.2-pgsql php7.2-phpdbg php7.2-pspell php7.2-redis php7.2-soap php7.2-sqlite php7.2-xdebug php7.2-xml php7.2-zip postgresql-client - PHP_PACKAGES_73: git mariadb-client php7.3-apcu php7.3-bcmath php7.3-bz2 php7.3-cli php7.3-curl php7.3-gd php7.3-imap php7.3-imagick php7.3-intl php7.3-json php7.3-ldap php7.3-mbstring php7.3-memcache php7.3-memcached php7.3-mongodb php7.3-mysql php7.3-opcache php7.3-pgsql php7.3-phpdbg php7.3-pspell php7.3-redis php7.3-soap php7.3-sqlite php7.3-xdebug php7.3-xml php7.3-zip postgresql-client - PHP_PACKAGES_74: git mariadb-client php7.4-apcu php7.4-bcmath php7.4-bz2 php7.4-cli php7.4-curl php7.4-gd php7.4-imap php7.4-imagick php7.4-intl php7.4-json php7.4-ldap php7.4-mbstring php7.4-memcache php7.4-mongodb php7.4-mysql php7.4-opcache php7.4-pgsql php7.4-phpdbg php7.4-pspell php7.4-redis php7.4-soap php7.4-sqlite php7.4-xdebug php7.4-xml php7.4-zip postgresql-client - PHP_PACKAGES_80: git mariadb-client php8.0-apcu php8.0-bcmath php8.0-bz2 php8.0-cli php8.0-curl php8.0-gd php8.0-imap php8.0-imagick php8.0-intl php8.0-ldap php8.0-mbstring php8.0-memcache php8.0-mysql php8.0-opcache php8.0-pgsql php8.0-phpdbg php8.0-pspell php8.0-redis php8.0-soap php8.0-sqlite php8.0-xdebug php8.0-xml php8.0-zip postgresql-client - steps: - - name: Mangle Envs - id: vars - run: | - VERSION=$(echo "${{ matrix.version }}" | tr -d '.') - PACKAGE_LIST=PHP_PACKAGES_$VERSION - echo ::set-output name=php_packages::${!PACKAGE_LIST} - - name: Show mangled envs - run: | - echo "Packages to be installed:" - echo ${{ steps.vars.outputs.php_packages }} - - uses: actions/github-script@v3 - name: Build Args - id: build_args - with: - result-encoding: string - script: return `PHP_PACKAGES=${{ steps.vars.outputs.php_packages }}\nPHP_VERSION=${{ matrix.version }}\nPHP_CORE_VERSION=benzine/php:core-${{ matrix.version }}` - - uses: actions/checkout@v1 - - uses: docker/setup-qemu-action@v1 - - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - name: Login to Docker Hub - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - uses: docker/build-push-action@v2 - name: Build & Push - with: - context: php - file: php/Dockerfile.Core - target: php-core - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: | - benzine/php:core-${{ matrix.version }} - build-args: | - ${{ steps.build_args.outputs.result }} - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache - php-build-flavours: - name: "Build PHP Flavours" - needs: [ php-build-core ] - runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: - variant: - - cli - - nginx - - apache - version: - #- "7.0" - #- "7.1" - #- "7.2" - - "7.3" - - "7.4" - - "8.0" - steps: - - name: Mangle Envs - id: vars - run: | - VERSION=$(echo "${{ matrix.version }}" | tr -d '.') - PACKAGE_LIST=PHP_PACKAGES_$VERSION - echo ::set-output name=php_packages::${!PACKAGE_LIST} - - name: Show mangled envs - run: | - echo "Packages to be installed:" - echo ${{ steps.vars.outputs.php_packages }} - - uses: actions/github-script@v3 - name: Build Args - id: build_args - with: - result-encoding: string - script: return `PHP_VERSION=${{ matrix.version }}\nPHP_CORE_VERSION=benzine/php:core-${{ matrix.version }}` - - uses: actions/checkout@v1 - - uses: docker/setup-qemu-action@v1 - - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - name: Login to Docker Hub - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - name: Cache Docker layers - uses: actions/cache@v2 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx- - - uses: docker/build-push-action@v2 - name: Build & Push - with: - context: php - file: php/Dockerfile.Flavours - target: php-${{ matrix.variant }} - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: | - benzine/php:${{ matrix.variant }}-${{ matrix.version }} - build-args: | - ${{ steps.build_args.outputs.result }} - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache - php-vanity-tags: - name: Vanity Tags - needs: [ php-build-flavours ] - runs-on: ubuntu-20.04 - env: - latest-stable-version: "7.4" - strategy: - fail-fast: false - matrix: - variant: - - cli - - nginx - - apache - steps: - - uses: docker/login-action@v1 - name: Login to Docker Hub - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - name: Retag benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} to benzine/php:${{ matrix.variant }} - run: | - docker pull benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} - docker tag benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} benzine/php:${{ matrix.variant }} - docker push benzine/php:${{ matrix.variant }} - docker tag benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} gone/php:${{ matrix.variant }}-${{ env.latest-stable-version }} - docker push gone/php:${{ matrix.variant }}-${{ env.latest-stable-version }} - docker tag benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} gone/php:${{ matrix.variant }} - docker push gone/php:${{ matrix.variant }} - - mariadb-build: - name: "MariaDB with Healthchecks" - runs-on: ubuntu-20.04 - needs: [ lint ] - steps: - - uses: actions/checkout@v1 - - uses: docker/setup-qemu-action@v1 - - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - name: Login to Docker Hub - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - uses: docker/build-push-action@v2 - name: Build & Push - with: - context: mariadb - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: | - benzine/mariadb - redis-build: - name: "Redis with Healthchecks" - runs-on: ubuntu-20.04 - needs: [ lint ] - steps: - - uses: actions/checkout@v1 - - uses: docker/setup-qemu-action@v1 - - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - name: Login to Docker Hub - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - uses: docker/build-push-action@v2 - name: Build & Push - with: - context: redis - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: | - benzine/redis - wordpress-build: - name: "Bake Wordpress Container" - runs-on: ubuntu-20.04 - needs: [ lint, php-build-flavours ] - steps: - - uses: actions/checkout@v1 - - uses: docker/setup-qemu-action@v1 - - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - name: Login to Docker Hub - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - uses: docker/build-push-action@v2 - name: Build & Push - with: - context: wordpress - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: | - matthewbaggett/wordpress - - octoprint-build: - name: "Bake Octoprint" - runs-on: ubuntu-20.04 - needs: [ lint ] - steps: - - uses: actions/checkout@v1 - - uses: docker/setup-qemu-action@v1 - - uses: docker/setup-buildx-action@v1 - - uses: docker/login-action@v1 - name: Login to Docker Hub - with: - username: ${{ secrets.DOCKER_HUB_USERNAME }} - password: ${{ secrets.DOCKER_HUB_PASSWORD }} - - uses: docker/build-push-action@v2 - name: Build Octoprint - with: - context: octoprint - target: octoprint - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: matthewbaggett/octoprint:latest - - uses: docker/build-push-action@v2 - name: Build Octoprint MJPG Streamer Variant - with: - context: octoprint - target: octoprint-mjpg-streamer - platforms: linux/amd64,linux/arm64 - pull: true - push: true - tags: matthewbaggett/octoprint:mjpg-streamer-yu12 \ No newline at end of file diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml new file mode 100644 index 0000000..80e75fe --- /dev/null +++ b/.github/workflows/lint.yml @@ -0,0 +1,26 @@ +name: Lint Docker Files + +on: + schedule: + - cron: '0 4 * * TUE' + +jobs: + lint: + name: Lint Docker Files + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + dockerfile: + - marshall/Dockerfile + - php/Dockerfile.Core + - php/Dockerfile.Flavours + - node/Dockerfile + - mariadb/Dockerfile + - redis/Dockerfile + - octoprint/Dockerfile + steps: + - uses: actions/checkout@master + - uses: brpaz/hadolint-action@master + with: + dockerfile: ${{ matrix.dockerfile }} \ No newline at end of file diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml new file mode 100644 index 0000000..09c02e7 --- /dev/null +++ b/.github/workflows/mariadb.yml @@ -0,0 +1,35 @@ +name: Build MariaDB + +on: + push: + paths: + - mariadb + workflow_run: + workflows: + - Lint Docker Files + types: + - completed + +jobs: + mariadb-build: + name: "MariaDB with Healthchecks" + runs-on: ubuntu-20.04 + needs: [ lint ] + steps: + - uses: actions/checkout@v1 + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + name: Login to Docker Hub + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - uses: docker/build-push-action@v2 + name: Build & Push + with: + context: mariadb + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: | + benzine/mariadb diff --git a/.github/workflows/marshall.yml b/.github/workflows/marshall.yml new file mode 100644 index 0000000..29365b5 --- /dev/null +++ b/.github/workflows/marshall.yml @@ -0,0 +1,47 @@ +name: Build Marshall + +on: + push: + paths: + - marshall + workflow_run: + workflows: + - Lint Docker Files + types: + - completed + +jobs: + + build: + name: "Build Marshall" + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v1 + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + name: Login to Docker Hub + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - uses: docker/login-action@v1 + name: Login to Github Container Registry + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GHCR_PAT }} + - name: Setup Marshall + run: | + git rev-parse --short HEAD > marshall/marshall_version + date '+%Y-%m-%d %H:%M:%S' > marshall/marshall_build_date + hostname > marshall/marshall_build_host + - uses: docker/build-push-action@v2 + name: Build & Push + with: + context: marshall + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: | + benzine/marshall:latest + gone/marshall:latest diff --git a/.github/workflows/octoprint.yml b/.github/workflows/octoprint.yml new file mode 100644 index 0000000..002901f --- /dev/null +++ b/.github/workflows/octoprint.yml @@ -0,0 +1,55 @@ +name: Build Octoprint + +on: + push: + paths: + - octoprint + workflow_run: + workflows: + - Lint Docker Files + types: + - completed + +jobs: + octoprint-build: + name: "Bake Octoprint" + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v1 + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + name: Login to Docker Hub + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - uses: docker/build-push-action@v2 + name: Build Octoprint + with: + context: octoprint + target: octoprint + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: matthewbaggett/octoprint:latest + octoprint-mjpg-build: + name: "Bake Octoprint for yuvu cameras" + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v1 + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + name: Login to Docker Hub + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - uses: docker/build-push-action@v2 + name: Build Octoprint MJPG Streamer Variant + with: + context: octoprint + target: octoprint-mjpg-streamer + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: matthewbaggett/octoprint:mjpg-streamer-yu12 \ No newline at end of file diff --git a/.github/workflows/php-core.yml b/.github/workflows/php-core.yml new file mode 100644 index 0000000..8d3b3d3 --- /dev/null +++ b/.github/workflows/php-core.yml @@ -0,0 +1,82 @@ +name: Build PHP Core + +on: + push: + paths: + - php/php-core + - php/Dockerfile.Core + workflow_run: + workflows: + - Build Marshall + types: + - completed + +jobs: + + php-build-core: + name: "Build PHP Core" + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + version: + #- "7.0" + #- "7.1" + #- "7.2" + - "7.3" + - "7.4" + - "8.0" + env: + PHP_PACKAGES_70: git mariadb-client php7.0-apcu php7.0-bcmath php7.0-bz2 php7.0-cli php7.0-curl php7.0-gd php7.0-imap php7.0-imagick php7.0-intl php7.0-json php7.0-ldap php7.0-mbstring php7.0-mcrypt php7.0-memcache php7.0-memcached php7.0-mongodb php7.0-mysql php7.0-opcache php7.0-pgsql php7.0-phpdbg php7.0-pspell php7.0-redis php7.0-soap php7.0-sqlite php7.0-xdebug php7.0-xml php7.0-zip postgresql-client + PHP_PACKAGES_71: git mariadb-client php7.1-apcu php7.1-bcmath php7.1-bz2 php7.1-cli php7.1-curl php7.1-gd php7.1-imap php7.1-imagick php7.1-intl php7.1-json php7.1-ldap php7.1-mbstring php7.1-mcrypt php7.1-memcache php7.1-memcached php7.1-mongodb php7.1-mysql php7.1-opcache php7.1-pgsql php7.1-phpdbg php7.1-pspell php7.1-redis php7.1-soap php7.1-sqlite php7.1-xdebug php7.1-xml php7.1-zip postgresql-client + PHP_PACKAGES_72: git mariadb-client php7.2-apcu php7.2-bcmath php7.2-bz2 php7.2-cli php7.2-curl php7.2-gd php7.2-imap php7.2-imagick php7.2-intl php7.2-json php7.2-ldap php7.2-mbstring php7.2-memcache php7.2-memcached php7.2-mongodb php7.2-mysql php7.2-opcache php7.2-pgsql php7.2-phpdbg php7.2-pspell php7.2-redis php7.2-soap php7.2-sqlite php7.2-xdebug php7.2-xml php7.2-zip postgresql-client + PHP_PACKAGES_73: git mariadb-client php7.3-apcu php7.3-bcmath php7.3-bz2 php7.3-cli php7.3-curl php7.3-gd php7.3-imap php7.3-imagick php7.3-intl php7.3-json php7.3-ldap php7.3-mbstring php7.3-memcache php7.3-memcached php7.3-mongodb php7.3-mysql php7.3-opcache php7.3-pgsql php7.3-phpdbg php7.3-pspell php7.3-redis php7.3-soap php7.3-sqlite php7.3-xdebug php7.3-xml php7.3-zip postgresql-client + PHP_PACKAGES_74: git mariadb-client php7.4-apcu php7.4-bcmath php7.4-bz2 php7.4-cli php7.4-curl php7.4-gd php7.4-imap php7.4-imagick php7.4-intl php7.4-json php7.4-ldap php7.4-mbstring php7.4-memcache php7.4-mongodb php7.4-mysql php7.4-opcache php7.4-pgsql php7.4-phpdbg php7.4-pspell php7.4-redis php7.4-soap php7.4-sqlite php7.4-xdebug php7.4-xml php7.4-zip postgresql-client + PHP_PACKAGES_80: git mariadb-client php8.0-apcu php8.0-bcmath php8.0-bz2 php8.0-cli php8.0-curl php8.0-gd php8.0-imap php8.0-imagick php8.0-intl php8.0-ldap php8.0-mbstring php8.0-memcache php8.0-mysql php8.0-opcache php8.0-pgsql php8.0-phpdbg php8.0-pspell php8.0-redis php8.0-soap php8.0-sqlite php8.0-xdebug php8.0-xml php8.0-zip postgresql-client + steps: + - name: Mangle Envs + id: vars + run: | + VERSION=$(echo "${{ matrix.version }}" | tr -d '.') + PACKAGE_LIST=PHP_PACKAGES_$VERSION + echo ::set-output name=php_packages::${!PACKAGE_LIST} + - name: Show mangled envs + run: | + echo "Packages to be installed:" + echo ${{ steps.vars.outputs.php_packages }} + - uses: actions/github-script@v3 + name: Build Args + id: build_args + with: + result-encoding: string + script: return `PHP_PACKAGES=${{ steps.vars.outputs.php_packages }}\nPHP_VERSION=${{ matrix.version }}\nPHP_CORE_VERSION=benzine/php:core-${{ matrix.version }}` + - uses: actions/checkout@v1 + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + name: Login to Docker Hub + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + - uses: docker/build-push-action@v2 + name: Build & Push + with: + context: php + file: php/Dockerfile.Core + target: php-core + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: | + benzine/php:core-${{ matrix.version }} + build-args: | + ${{ steps.build_args.outputs.result }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache diff --git a/.github/workflows/php-flavours.yml b/.github/workflows/php-flavours.yml new file mode 100644 index 0000000..21adb31 --- /dev/null +++ b/.github/workflows/php-flavours.yml @@ -0,0 +1,80 @@ +name: Build PHP Flavours + +on: + push: + paths: + - php/php+apache + - php/php+cli + - php/php+nginx + - php/Dockerfile.Flavours + workflow_run: + workflows: + - Build PHP Core + types: + - completed + +jobs: + php-build-flavours: + name: "Build PHP Flavours" + runs-on: ubuntu-20.04 + strategy: + fail-fast: false + matrix: + variant: + - cli + - nginx + - apache + version: + #- "7.0" + #- "7.1" + #- "7.2" + - "7.3" + - "7.4" + - "8.0" + steps: + - name: Mangle Envs + id: vars + run: | + VERSION=$(echo "${{ matrix.version }}" | tr -d '.') + PACKAGE_LIST=PHP_PACKAGES_$VERSION + echo ::set-output name=php_packages::${!PACKAGE_LIST} + - name: Show mangled envs + run: | + echo "Packages to be installed:" + echo ${{ steps.vars.outputs.php_packages }} + - uses: actions/github-script@v3 + name: Build Args + id: build_args + with: + result-encoding: string + script: return `PHP_VERSION=${{ matrix.version }}\nPHP_CORE_VERSION=benzine/php:core-${{ matrix.version }}` + - uses: actions/checkout@v1 + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + name: Login to Docker Hub + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + - uses: docker/build-push-action@v2 + name: Build & Push + with: + context: php + file: php/Dockerfile.Flavours + target: php-${{ matrix.variant }} + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: | + benzine/php:${{ matrix.variant }}-${{ matrix.version }} + build-args: | + ${{ steps.build_args.outputs.result }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache diff --git a/.github/workflows/php-vanity-tags.yml b/.github/workflows/php-vanity-tags.yml new file mode 100644 index 0000000..0be7a2c --- /dev/null +++ b/.github/workflows/php-vanity-tags.yml @@ -0,0 +1,37 @@ +name: Build PHP Vanity Tags + +on: + workflow_run: + workflows: + - Build PHP Flavours + types: + - completed + +jobs: + php-vanity-tags: + name: Vanity Tags + runs-on: ubuntu-20.04 + env: + latest-stable-version: "7.4" + strategy: + fail-fast: false + matrix: + variant: + - cli + - nginx + - apache + steps: + - uses: docker/login-action@v1 + name: Login to Docker Hub + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - name: Retag benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} to benzine/php:${{ matrix.variant }} + run: | + docker pull benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} + docker tag benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} benzine/php:${{ matrix.variant }} + docker push benzine/php:${{ matrix.variant }} + docker tag benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} gone/php:${{ matrix.variant }}-${{ env.latest-stable-version }} + docker push gone/php:${{ matrix.variant }}-${{ env.latest-stable-version }} + docker tag benzine/php:${{ matrix.variant }}-${{ env.latest-stable-version }} gone/php:${{ matrix.variant }} + docker push gone/php:${{ matrix.variant }} diff --git a/.github/workflows/redis.yml b/.github/workflows/redis.yml new file mode 100644 index 0000000..f57bad6 --- /dev/null +++ b/.github/workflows/redis.yml @@ -0,0 +1,34 @@ +name: Build Redis + +on: + push: + paths: + - redis + workflow_run: + workflows: + - Lint Docker Files + types: + - completed + +jobs: + redis-build: + name: "Redis with Healthchecks" + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v1 + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + name: Login to Docker Hub + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - uses: docker/build-push-action@v2 + name: Build & Push + with: + context: redis + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: | + benzine/redis diff --git a/.github/workflows/wordpress.yml b/.github/workflows/wordpress.yml new file mode 100644 index 0000000..db7c8a7 --- /dev/null +++ b/.github/workflows/wordpress.yml @@ -0,0 +1,34 @@ +name: Build Wordpress Container + +on: + push: + paths: + - wordpress + workflow_run: + workflows: + - Build PHP Vanity Tags + types: + - completed + +jobs: + wordpress-build: + name: "Bake Wordpress Container" + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v1 + - uses: docker/setup-qemu-action@v1 + - uses: docker/setup-buildx-action@v1 + - uses: docker/login-action@v1 + name: Login to Docker Hub + with: + username: ${{ secrets.DOCKER_HUB_USERNAME }} + password: ${{ secrets.DOCKER_HUB_PASSWORD }} + - uses: docker/build-push-action@v2 + name: Build & Push + with: + context: wordpress + platforms: linux/amd64,linux/arm64 + pull: true + push: true + tags: | + matthewbaggett/wordpress diff --git a/mariadb/Dockerfile b/mariadb/Dockerfile index 4f6eac1..4c1487a 100644 --- a/mariadb/Dockerfile +++ b/mariadb/Dockerfile @@ -1,4 +1,7 @@ FROM mariadb:10.6 +LABEL maintainer="Matthew Baggett " \ + org.label-schema.vcs-url="https://github.com/benzine-framework/docker" + # Copy healthcheck file. COPY health.sh /usr/bin/healthcheck # Add healthcheck diff --git a/marshall/Dockerfile b/marshall/Dockerfile index 1160a2f..e9d2fbe 100644 --- a/marshall/Dockerfile +++ b/marshall/Dockerfile @@ -1,6 +1,7 @@ FROM ubuntu:bionic -LABEL maintainer="Matthew Baggett " +LABEL maintainer="Matthew Baggett " \ + org.label-schema.vcs-url="https://github.com/benzine-framework/docker" ENV DEBIAN_FRONTEND="teletype" \ TERM=xterm-256color \ diff --git a/php/Dockerfile.Core b/php/Dockerfile.Core index 0004200..a967e78 100644 --- a/php/Dockerfile.Core +++ b/php/Dockerfile.Core @@ -1,6 +1,7 @@ # hadolint ignore=DL3007 FROM benzine/marshall:latest AS php-core -LABEL maintainer="Matthew Baggett " +LABEL maintainer="Matthew Baggett " \ + org.label-schema.vcs-url="https://github.com/benzine-framework/docker" ARG PHP_PACKAGES COPY php-core/install-report.sh /usr/bin/install-report SHELL ["/bin/bash", "-o", "pipefail", "-c"] diff --git a/php/Dockerfile.Flavours b/php/Dockerfile.Flavours index afa2acf..49172e2 100644 --- a/php/Dockerfile.Flavours +++ b/php/Dockerfile.Flavours @@ -1,7 +1,8 @@ ARG PHP_CORE_VERSION # hadolint ignore=DL3024 FROM ${PHP_CORE_VERSION} AS php-cli -LABEL maintainer="Matthew Baggett " +LABEL maintainer="Matthew Baggett " \ + org.label-schema.vcs-url="https://github.com/benzine-framework/docker" # Install a funky cool repl. RUN composer global require -q psy/psysh:@stable && \ @@ -13,7 +14,8 @@ COPY php+cli/psysh-config.php /root/.config/psysh/config.php ARG PHP_CORE_VERSION FROM ${PHP_CORE_VERSION} AS php-nginx -LABEL maintainer="Matthew Baggett " +LABEL maintainer="Matthew Baggett " \ + org.label-schema.vcs-url="https://github.com/benzine-framework/docker" ARG PHP_VERSION ARG PHP_MEMORY_LIMIT=128M ARG PHP_DATA_MAX_SIZE=1024M @@ -32,14 +34,12 @@ RUN apt-get -qq update && \ apt-get -yqq install --no-install-recommends \ nginx \ php$PHP_VERSION-fpm \ + certbot \ + python-certbot-nginx \ && \ apt-get remove -yqq \ lsb-core \ cups-common \ - software-properties-common \ - python-apt-common \ - python3-software-properties \ - python3.5 python3.5-minimal libpython3.5-minimal \ && \ apt-get autoremove -yqq && \ apt-get clean && \ @@ -82,12 +82,14 @@ RUN apt-get -qq update && \ # Create runit service directories mkdir -p /etc/service/nginx \ /etc/service/php-fpm \ + /etc/service/letsencrypt \ /etc/service/logs-nginx-access \ /etc/service/logs-nginx-error \ /etc/service/logs-phpfpm-error && \ # Copy our new service runits into location mv /conf/nginx.runit /etc/service/nginx/run && \ mv /conf/php-fpm.runit /etc/service/php-fpm/run && \ + mv /conf/letsencrypt.runit /etc/service/letsencrypt/run && \ mv /conf/logs-nginx-access.runit /etc/service/logs-nginx-access/run && \ mv /conf/logs-nginx-error.runit /etc/service/logs-nginx-error/run && \ mv /conf/logs-phpfpm-error.runit /etc/service/logs-phpfpm-error/run && \ @@ -113,13 +115,17 @@ RUN apt-get -qq update && \ EXPOSE 80/tcp EXPOSE 443/tcp +# Make a volume for letsencrypt certs +VOLUME /etc/letsencrypt + # Create a healthcheck that makes sure our httpd is up HEALTHCHECK --interval=30s --timeout=3s \ CMD curl -f http://localhost/ || exit 1 ARG PHP_CORE_VERSION FROM ${PHP_CORE_VERSION} AS php-apache -LABEL maintainer="Matthew Baggett " +LABEL maintainer="Matthew Baggett " \ + org.label-schema.vcs-url="https://github.com/benzine-framework/docker" ARG PHP_VERSION RUN apt-get -qq update && \ apt-get -yqq install --no-install-recommends \ diff --git a/php/php+nginx/letsencrypt.runit b/php/php+nginx/letsencrypt.runit new file mode 100755 index 0000000..1b56398 --- /dev/null +++ b/php/php+nginx/letsencrypt.runit @@ -0,0 +1,40 @@ +#!/usr/bin/env bash +if [ -z "$LETSENCRYPT_DOMAINS" ]; then + echo "LetsEncrypt not enabled" + while true; do + sleep infinity + done +fi + +if [ -z "$LETSENCRYPT_EMAIL" ]; then + echo "LetsEncrypt not enabled - You must set LETSENCRYPT_EMAIL" + while true; do + sleep infinity + done +fi + +if [ "${LETSENCRYPT_MODE,,}" = "production" ]; then + echo "LetsEncrypt is running against the PRODUCTION servers." + LETSENCRYPT_MODE= +else + echo "LetsEncrypt is running against the STAGING servers." + LETSENCRYPT_MODE=--test-cert +fi + +echo "Certbot is running for ${LETSENCRYPT_EMAIL} / ${LETSENCRYPT_DOMAINS}..." +certbot \ + certonly \ + --nginx \ + $LETSENCRYPT_TEST_MODE \ + -n \ + -m $LETSENCRYPT_EMAIL \ + --agree-tos \ + -d $LETSENCRYPT_DOMAINS +echo "Certbot complete!" +sed -i "s|ssl_certificate .*|ssl_certificate /etc/letsencrypt/live/${LETSENCRYPT_DOMAINS}/fullchain.pem;|g" /etc/nginx/sites-enabled/default-ssl +sed -i "s|ssl_certificate_key .*|ssl_certificate_key /etc/letsencrypt/live/${LETSENCRYPT_DOMAINS}/privkey.pem;|g" /etc/nginx/sites-enabled/default-ssl +echo "Reloading Nginx" +cat /etc/nginx/sites-enabled/default-ssl +nginx -s reload +# Sleep for 24 hours and try again tomorrow with a renewal, just in case. +sleep 86400 diff --git a/php/php+nginx/php-fpm.runit b/php/php+nginx/php-fpm.runit index e065c88..77c5a93 100755 --- a/php/php+nginx/php-fpm.runit +++ b/php/php+nginx/php-fpm.runit @@ -22,9 +22,8 @@ if [ $ENABLE_DEBUG_MODE = true ]; then sed -i "s|php_flag\[display_errors\].*|php_flag\[display_errors\] = on|g" /etc/php/{{PHP}}/fpm/pool.d/www.conf echo -e "RUNNING IN \e[31mDEBUG MODE\e[0m\nError output will be VISIBLE." else - rm /etc/php/{{PHP}}/mods-available/xdebug.ini + rm -f /etc/php/{{PHP}}/mods-available/xdebug.ini /etc/php/{{PHP}}/fpm/conf.d/*-xdebug.ini touch /etc/php/{{PHP}}/mods-available/xdebug.ini - rm /etc/php/{{PHP}}/fpm/conf.d/*-xdebug.ini sed -i "s|php_flag\[display_errors\].*|php_flag\[display_errors\] = off|g" /etc/php/{{PHP}}/fpm/pool.d/www.conf echo -e "RUNNING IN \e[32mPRODUCTION MODE\e[0m\nError output will be suppressed." fi diff --git a/redis/Dockerfile b/redis/Dockerfile index 4cba782..53e2dab 100644 --- a/redis/Dockerfile +++ b/redis/Dockerfile @@ -1,6 +1,8 @@ # From upstream redis # hadolint ignore=DL3007 FROM redis:latest +LABEL maintainer="Matthew Baggett " \ + org.label-schema.vcs-url="https://github.com/benzine-framework/docker" # Add healthcheck HEALTHCHECK --interval=30s --timeout=3s \ CMD redis-cli PING \ No newline at end of file diff --git a/wordpress/Dockerfile b/wordpress/Dockerfile index 8cc2dbe..22447ae 100644 --- a/wordpress/Dockerfile +++ b/wordpress/Dockerfile @@ -1,4 +1,6 @@ FROM benzine/php:nginx +LABEL maintainer="Matthew Baggett " \ + org.label-schema.vcs-url="https://github.com/benzine-framework/docker" COPY nginx.runit /etc/service/nginx/run RUN wget -O /usr/local/bin/wp https://raw.githubusercontent.com/wp-cli/builds/gh-pages/phar/wp-cli.phar && \ chmod +x /etc/service/nginx/run \