Benzine/Docker-S3DB
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Initial seperation of containers

Browse source
This commit is contained in:
Greyscale 2024-05-17 09:49:08 +02:00
parent 989056d0b9
commit 4273a67263
No known key found for this signature in database
GPG key ID: 74BAFF55434DA4B2
20 changed files with 535 additions and 208 deletions

10
.actrc Normal file
View file

@ -0,0 +1,10 @@
--use-new-action-cache
--action-cache-path=.github/cache/act/actions
--cache-server-path=.github/cache/act/cache
--artifact-server-path=.github/cache/act/artifacts
--artifact-server-port=34014
--platform self-hosted=ghcr.io/catthehacker/ubuntu:act-latest
--platform ubuntu-latest=ghcr.io/catthehacker/ubuntu:act-latest
--platform ubuntu-22.04=ghcr.io/catthehacker/ubuntu:act-22.04
--platform ubuntu-20.04=ghcr.io/catthehacker/ubuntu:act-20.04
--platform ubuntu-18.04=ghcr.io/catthehacker/ubuntu:act-18.04

126
.github/workflows/build.yml vendored
View file

@ -1,58 +1,104 @@
name: Build name: Build S3DB
on: on:
push: workflow_call:
workflow_dispatch: workflow_dispatch:
schedule: workflow_run:
- cron: '0 4 * * TUE' workflows: ["Postgres", "MariaDB"]
types: [completed]
push:
branches:
- main
paths:
- s3db/**
- .github/workflows/s3db.yml
concurrency: concurrency:
group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} group: ${{ github.workflow }}-s3db-${{ github.head_ref || github.run_id }}
cancel-in-progress: true cancel-in-progress: true
jobs: jobs:
build: s3db-build:
name: Build name: Build S3DB
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
target: database:
- postgres-14 - postgres
- postgres-13 - mariadb
- postgres-12 include:
- postgres-11 - database: postgres
- postgres-10 version: 16
- mariadb-10-11 - database: postgres
- mariadb-10-10 version: 15
- mariadb-10-9 - database: mariadb
- mariadb-10-8 version: 11
- mariadb-10-7 - database: mariadb
- mariadb-10-6 version: 10
- mariadb-10-5
- mariadb-10-4
- mariadb-10-3
steps: steps:
- name: Git Checkout - name: "Setup: PHP"
uses: actions/checkout@v3 uses: shivammathur/setup-php@v2
- uses: docker/login-action@v2
name: Login to Docker Hub
with: with:
username: ${{ secrets.DOCKER_HUB_USERNAME }} php-version: 8.1
password: ${{ secrets.DOCKER_HUB_PASSWORD }} env:
- uses: docker/login-action@v2 runner: self-hosted
name: Login to Github Container Registry
- name: "Setup: Setup QEMU"
uses: docker/setup-qemu-action@v3
- name: "Setup: Expose GitHub Runtime"
uses: crazy-max/ghaction-github-runtime@v3
- name: "Setup: Setup Docker Buildx"
uses: docker/setup-buildx-action@v2
- name: "Setup: Login to Docker Hub"
uses: docker/login-action@v3
with:
username: matthewbaggett
password: ${{ secrets.DOCKER_HUB_TOKEN }}
- name: "Setup: Login to GHCR"
uses: docker/login-action@v3
with: with:
registry: ghcr.io registry: ghcr.io
username: ${{ secrets.GHCR_USERNAME }} username: matthewbaggett
password: ${{ secrets.GHCR_PASSWORD }} password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v2 - name: "Setup: Checkout Source"
- name: Set up Docker Buildx uses: actions/checkout@v4
uses: docker/setup-buildx-action@v2
- name: Bake - name: Get composer cache directory
uses: docker/bake-action@v2.3.0 id: composer-cache
run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
- name: Cache dependencies
uses: actions/cache@v4
with: with:
files: bake.hcl path: ${{ steps.composer-cache.outputs.dir }}
key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
restore-keys: ${{ runner.os }}-composer-
- name: "Dependencies: Composer Install"
working-directory: s3db
run: composer install --ignore-platform-reqs
- name: "Build: Build & Push Image"
uses: docker/build-push-action@v5
with:
context: .
target: ${{ matrix.database }}
file: s3db/Dockerfile.${{ matrix.database }}
platforms: ${{ !env.ACT && 'linux/amd64,linux/arm64' || 'linux/amd64' }}
push: true push: true
targets: ${{ matrix.target }} tags: |
ghcr.io/benzine-framework/s3db:${{ matrix.database }}-${{ matrix.version }}
benzine/s3db:${{ matrix.database }}-${{ matrix.version }}
cache-from: ${{ !env.ACT && 'type=gha' || '' }}
cache-to: ${{ !env.ACT && 'type=gha,mode=max' || '' }}
build-contexts: |
postgres:injected-version=docker-image://ghcr.io/benzine-framework/postgres:${{ matrix.version }}-alpine
mariadb:injected-version=docker-image://ghcr.io/benzine-framework/mariadb:${{ matrix.version }}

36
.github/workflows/trunk.cache.yml vendored Normal file
View file

@ -0,0 +1,36 @@
name: Trunk Cache
permissions: read-all
on:
workflow_call:
workflow_dispatch:
push:
branches:
- main
paths:
- .trunk/trunk.yaml
schedule:
- cron: "0 9 * * 1" # 9am Tooling Monday
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
trunk-cache:
name: Trunk Cache
runs-on: ubuntu-latest
permissions:
actions: write
steps:
- name: "Setup PHP"
uses: shivammathur/setup-php@v2
with:
php-version: 8.3
- name: "Checkout"
uses: actions/checkout@v4
- name: "Trunk Cache"
uses: trunk-io/trunk-action@v1
with:
check-mode: populate_cache_only

33
.github/workflows/trunk.check.yml vendored Normal file
View file

@ -0,0 +1,33 @@
name: Trunk Check
permissions: read-all
on:
workflow_call:
workflow_dispatch:
push:
branches:
- main
schedule:
- cron: "0 11 * * 2" # 11am Patch Tuesday
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
trunk-check:
name: Trunk Check Runner
runs-on: ubuntu-latest
permissions:
checks: write # For trunk to post annotations
contents: read # For repo checkout
steps:
- name: "Setup PHP"
uses: shivammathur/setup-php@v2
with:
php-version: 8.3
- name: "Checkout"
uses: actions/checkout@v4
- name: "Trunk Check"
uses: trunk-io/trunk-action@v1

47
.github/workflows/trunk.upgrade.yml vendored Normal file
View file

@ -0,0 +1,47 @@
name: Trunk Upgrade
permissions: read-all
on:
workflow_call:
workflow_dispatch:
push:
branches:
- main
paths:
- .trunk/trunk.yaml
- .github/workflows/trunk.upgrade.yml
schedule:
- cron: "0 11 * * 1" # 11am Tooling Monday
concurrency:
group: ${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
trunk-upgrade:
name: Upgrade Trunk
runs-on: ubuntu-latest
permissions:
contents: write # For trunk to create PRs
pull-requests: write # For trunk to create PRs
steps:
- name: "Setup PHP"
uses: shivammathur/setup-php@v2
with:
php-version: 8.3
- name: "Checkout"
uses: actions/checkout@v4
- name: "Trunk Upgrade"
uses: trunk-io/trunk-action/upgrade@v1
- name: "PR: Find Pull Request"
uses: juliangruber/find-pull-request-action@v1
id: find-pull-request
with:
labels: trunk
- name: "PR: Enable Pull Request Automerge"
continue-on-error: true
uses: peter-evans/enable-pull-request-automerge@v3
with:
token: ${{ secrets.GITHUB_TOKEN }}
pull-request-number: ${{ steps.find-pull-request.outputs.number }}

7
.gitignore vendored
View file

@ -1,5 +1,6 @@
.php-cs-fixer.cache /.php-cs-fixer.cache
.idea /.idea
/vendor/ /vendor/
.minio /.minio
/test.yml /test.yml
/.secrets

3
.trunk/configs/.checkov.yaml Normal file
View file

@ -0,0 +1,3 @@
---
skip-check:
- CKV_SECRET_* # Skip all checks that start with CKV_SECRET, we already have gitleaks doing this.

3
.trunk/configs/.gitleaks.toml Normal file
View file

@ -0,0 +1,3 @@
title = "Gitleaks config"
[extend]
useDefault = true

0
.trunk/configs/.gitleaksignore Normal file
View file

3
.trunk/configs/.hadolint.yaml Normal file
View file

@ -0,0 +1,3 @@
ignored:
- DL3006
- DL3008

10
.trunk/configs/.markdownlint.yaml Normal file
View file

@ -0,0 +1,10 @@
# Autoformatter friendly markdownlint config (all formatting rules disabled)
default: true
blank_lines: false
bullet: false
html: false
indentation: false
line_length: false
spaces: false
url: false
whitespace: false

1
.trunk/configs/.markdownlintignore Normal file
View file

@ -0,0 +1 @@
LICENCE.md

6
.trunk/configs/.shellcheckrc Normal file
View file

@ -0,0 +1,6 @@
enable=all
source-path=SCRIPTDIR
# If you're having issues with shellcheck following source, disable the errors via:
# disable=SC1090
# disable=SC1091

16
.trunk/configs/.tflint.hcl Normal file
View file

@ -0,0 +1,16 @@
config {
format = "compact"
module = true
plugin_dir = "~/.tflint.d/plugins"
}
plugin "terraform" {
enabled = true
preset = "recommended"
}
plugin "aws" {
enabled = true
version = "0.27.0"
source = "github.com/terraform-linters/tflint-ruleset-aws"
}

2
.trunk/configs/.trivyignore Normal file
View file

@ -0,0 +1,2 @@
AVD-DS-0001
AVD-DS-0002

15
.trunk/configs/.yamllint.yaml Normal file
View file

@ -0,0 +1,15 @@
extends: relaxed
rules:
quoted-strings:
required: only-when-needed
extra-allowed: ["{|*}"]
empty-values:
forbid-in-block-mappings: false
forbid-in-flow-mappings: false
ignore:
- .github/workflows/*.yml
key-duplicates: {}
octal-values:
forbid-implicit-octal: true
document-start: disable
line-length: disable

14
.trunk/configs/svgo.config.js Normal file
View file

@ -0,0 +1,14 @@
module.exports = {
plugins: [
{
name: "preset-default",
params: {
overrides: {
removeViewBox: false, // https://github.com/svg/svgo/issues/1128
sortAttrs: true,
removeOffCanvasPaths: true,
},
},
},
],
};

59
.trunk/trunk.yaml Normal file
View file

@ -0,0 +1,59 @@
# This file controls the behavior of Trunk: https://docs.trunk.io/cli
# To learn more about the format of this file, see https://docs.trunk.io/reference/trunk-yaml
version: 0.1
cli:
version: 1.22.1
# Trunk provides extensibility via plugins. (https://docs.trunk.io/plugins)
plugins:
sources:
- id: trunk
ref: v1.5.0
uri: https://github.com/trunk-io/plugins
# Many linters and tools depend on runtimes - configure them here. (https://docs.trunk.io/runtimes)
runtimes:
enabled:
- go@1.21.0
- node@18.12.1
- python@3.10.8
# This is the section where you manage your linters. (https://docs.trunk.io/check/configuration)
lint:
enabled:
- gitleaks@8.18.2
- markdownlint@0.40.0
- taplo@0.8.1
- actionlint@1.7.0
- checkov@3.2.92
- git-diff-check
- prettier@3.2.5
- trivy@0.51.1
- trufflehog@3.76.2
- yamllint@1.35.1
definitions:
- name: markdownlint
direct_configs:
- .markdownlintignore
- .markdownlint.yaml
actions:
disabled:
- trunk-upgrade-available
enabled:
- trunk-announce
- trunk-check-pre-push
- trunk-fmt-pre-commit
tools:
enabled:
- tfupdate@0.8.2
- phpstan@1.10.58
- gh@2.49.2
- jq@jq-1.7.1
- yq@4.44.1
- awscli@1.32.107
- action-validator@0.6.0
- act@0.2.62
- shellcheck@0.10.0
- hadolint@2.12.0
- svgo@3.3.2
- tofu@1.7.1
- trunk-toolbox@0.3.1
- tflint@0.51.1
- terraform@1.1.4

22
CODE_OF_CONDUCT.md Normal file
View file

@ -0,0 +1,22 @@
# Code of Conduct
This code of conduct outlines our expectations for participants within the open source community. Anyone who violates this code of conduct may be banned from contributing here.
## Requirements
- **Be friendly and patient.**
- **Be welcoming** _We strive to be a community that welcomes and supports people of all backgrounds and identities._
- **Be respectful** _Not all of us will agree all the time, but disagreement is no excuse for poor behavior and poor manners._
## Unacceptable Behaviour
- Offensive comments related to gender, sexual orientation, disability, mental illness, physical appearance, body size, race, age, regional discrimination, political or religious affiliation.
- Threats of violence, both physical and psycological.
- Incitement of violence towards any individual, including encouraging a person to commit suicide or to engage in self-harm.
- Continued communication after requests to cease.
## Interactions
- Don't just tell somebody they are wrong, or what they have done is wrong. You must always explain what is wrong, and why it is wrong.
- Don't reject contributions that are partially complete and then go and commit your own version. Try to work with the author to complete their work.
- We encourage everyone to participate and are committed to building a community for all, we seek to treat everyone both as fairly and equally as possible.

0
LICENSE → LICENCE.md
View file