mirror of
https://github.com/rectorphp/rector.git
synced 2024-06-01 00:40:52 +00:00
Build "scoped" Docker images in GitHub Actions (#5667)
* Improve GHA build process to provide scoped Docker images for PHP 7.3-8.0 * Push cached build layers to Docker Hub instead of ghcr.io * Build "-secured" Docker image * Run Docker publish workflow for the "experimental-scoped" branch * Use "plain" progress output from buildx * Build only one image named "secured", based on PHP 8.0
This commit is contained in:
parent
0ffabe49ad
commit
ff93a759e6
|
@ -1,3 +1,4 @@
|
|||
*~
|
||||
.DS_Store
|
||||
.idea/
|
||||
|
||||
|
@ -26,3 +27,7 @@ docker-compose.dist.yml
|
|||
|
||||
/vendor
|
||||
/docs
|
||||
/rector-nested/
|
||||
/rector-scoped/
|
||||
|
||||
*.phar
|
||||
|
|
37
.github/workflows/publish_docker_images.yaml
vendored
37
.github/workflows/publish_docker_images.yaml
vendored
|
@ -4,6 +4,7 @@ on:
|
|||
# Publish `master` as Docker `latest` image.
|
||||
branches:
|
||||
- master
|
||||
- experimental-scoped
|
||||
|
||||
# Publish `v1.2.3` tags as releases.
|
||||
tags:
|
||||
|
@ -11,10 +12,17 @@ on:
|
|||
|
||||
jobs:
|
||||
publish_images:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-20.04
|
||||
strategy:
|
||||
matrix:
|
||||
php-version: ['7.3', '7.4', '8.0']
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
|
||||
- name: Log into container registries
|
||||
run: |
|
||||
echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
|
||||
|
||||
- name: Build images
|
||||
run: |
|
||||
# Strip git ref prefix from version
|
||||
|
@ -26,14 +34,23 @@ jobs:
|
|||
# Use Docker `latest` tag convention
|
||||
[ "$VERSION" == "master" ] && VERSION=latest
|
||||
|
||||
docker pull rector/rector || true
|
||||
docker build . --target rector --cache-from rector/rector --tag rector/rector:$VERSION
|
||||
docker build . --target rector-secured --cache-from rector/rector --tag rector/rector-secured:$VERSION
|
||||
docker buildx create --name builder-php${{ matrix.php-version }} --use
|
||||
docker buildx build \
|
||||
--progress plain \
|
||||
--cache-from=$GITHUB_REPOSITORY:build-cache-php${{ matrix.php-version }} \
|
||||
--cache-to=type=registry,ref=$GITHUB_REPOSITORY:build-cache-php${{ matrix.php-version }},mode=max,push=true \
|
||||
--target rector \
|
||||
--push \
|
||||
--tag $GITHUB_REPOSITORY:$VERSION-php${{ matrix.php-version }} \
|
||||
--build-arg PHP_VERSION=${{ matrix.php-version }} .
|
||||
|
||||
- name: Log into registry
|
||||
run: echo "${{ secrets.DOCKER_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_USERNAME }} --password-stdin
|
||||
|
||||
- name: Push images
|
||||
- name: Build Rector "secured"
|
||||
if: matrix.php-version == '8.0'
|
||||
run: |
|
||||
docker push --all-tags rector/rector
|
||||
docker push --all-tags rector/rector-secured
|
||||
docker buildx build \
|
||||
--progress plain \
|
||||
--cache-from=$GITHUB_REPOSITORY:build-cache-php${{ matrix.php-version }} \
|
||||
--target rector-secured \
|
||||
--push \
|
||||
--tag $GITHUB_REPOSITORY:secured \
|
||||
--build-arg PHP_VERSION=${{ matrix.php-version }} .
|
||||
|
|
73
Dockerfile
73
Dockerfile
|
@ -1,56 +1,75 @@
|
|||
FROM php:8.0-cli as rector
|
||||
WORKDIR /rector
|
||||
ARG PHP_VERSION=8.0
|
||||
FROM php:${PHP_VERSION}-cli as base
|
||||
|
||||
RUN apt-get update && apt-get install -y \
|
||||
libzip4 \
|
||||
libicu63 \
|
||||
&& rm -rf /var/lib/apt/lists/*
|
||||
|
||||
FROM base as build
|
||||
|
||||
WORKDIR /build
|
||||
|
||||
# Install php extensions
|
||||
RUN apt-get update && apt-get install -y \
|
||||
git \
|
||||
unzip \
|
||||
g++ \
|
||||
libzip-dev \
|
||||
git \
|
||||
libicu-dev \
|
||||
&& rm -rf /var/lib/apt/lists/* \
|
||||
libzip-dev \
|
||||
unzip \
|
||||
wget \
|
||||
zip \
|
||||
&& pecl -q install \
|
||||
zip \
|
||||
&& docker-php-ext-configure \
|
||||
opcache --enable-opcache \
|
||||
&& docker-php-ext-enable \
|
||||
zip \
|
||||
opcache \
|
||||
&& docker-php-ext-configure intl \
|
||||
&& docker-php-ext-install intl
|
||||
&& docker-php-ext-configure opcache --enable-opcache \
|
||||
&& docker-php-ext-install \
|
||||
intl \
|
||||
opcache \
|
||||
zip
|
||||
|
||||
COPY --from=composer:2.0.9 /usr/bin/composer /usr/bin/composer
|
||||
ENV COMPOSER_ALLOW_SUPERUSER=1 COMPOSER_MEMORY_LIMIT=-1 COMPOSER_NO_INTERACTION=1
|
||||
|
||||
ENV COMPOSER_ALLOW_SUPERUSER=1 COMPOSER_MEMORY_LIMIT=-1
|
||||
|
||||
# Copy configuration
|
||||
COPY .docker/php/opcache.ini /usr/local/etc/php/conf.d/opcache.ini
|
||||
|
||||
COPY composer.json composer.json
|
||||
COPY stubs stubs
|
||||
# Run php-scoper, results go to /scoped
|
||||
RUN wget https://github.com/humbug/php-scoper/releases/download/0.14.0/php-scoper.phar -N --no-verbose
|
||||
|
||||
# This is to make parsing version possible
|
||||
COPY .git .git
|
||||
|
||||
RUN composer install --no-dev --optimize-autoloader --prefer-dist \
|
||||
&& composer clear-cache
|
||||
|
||||
RUN mkdir /tmp/opcache
|
||||
# First copy composer.json only to leverage the build cache (as long as not git-committing)
|
||||
COPY composer.json composer.json
|
||||
RUN composer install --no-dev --no-progress --no-autoloader --prefer-dist
|
||||
|
||||
# Add source and generate full autoloader
|
||||
COPY . .
|
||||
RUN composer dump-autoload --optimize --classmap-authoritative --no-dev
|
||||
|
||||
# To warmup opcache a little
|
||||
RUN bin/rector list
|
||||
RUN rm -f "phpstan-for-rector.neon" \
|
||||
&& php -d memory_limit=-1 php-scoper.phar add-prefix bin config packages rules src templates vendor composer.json --output-dir /scoped --config scoper.php \
|
||||
&& composer dump-autoload --optimize --classmap-authoritative --no-dev --working-dir /scoped
|
||||
|
||||
RUN chmod 777 -R /tmp
|
||||
# Build runtime image
|
||||
FROM base as rector
|
||||
|
||||
ENTRYPOINT [ "rector" ]
|
||||
COPY --from=build /usr/local/lib/php /usr/local/lib/php
|
||||
COPY --from=build /usr/local/etc/php /usr/local/etc/php
|
||||
COPY .docker/php/opcache.ini /usr/local/etc/php/conf.d/opcache.ini
|
||||
|
||||
ENV PATH /rector/bin:$PATH
|
||||
|
||||
ENTRYPOINT [ "rector" ]
|
||||
|
||||
VOLUME ["/project"]
|
||||
WORKDIR "/project"
|
||||
|
||||
COPY --from=build /scoped /rector
|
||||
RUN chmod +x /rector/bin/rector
|
||||
|
||||
RUN mkdir -p /tmp/opcache \
|
||||
&& /rector/bin/rector list \
|
||||
&& chmod 777 -R /tmp
|
||||
|
||||
## Used for getrector.org/demo
|
||||
FROM rector as rector-secured
|
||||
|
||||
|
|
Loading…
Reference in New Issue
Block a user