Skip to content

Multi arch matrix pipeline #6

Multi arch matrix pipeline

Multi arch matrix pipeline #6

Workflow file for this run

name: LTS (Long Term Support)
on:
pull_request:
paths:
- .github/workflows/lts.yaml
- lts/**
push:
branches:
- main
paths:
- .github/workflows/lts.yaml
- lts/**
env:
AWS_REGION: us-east-1
DOCKERHUB_SLUG: composer/composer
ECR_SLUG: public.ecr.aws/u0u1j5s3/composer
GHCR_SLUG: ghcr.io/composer/docker
DIRECTORY: lts
jobs:
prepare:
runs-on: ubuntu-latest
outputs:
full-annotations: ${{ steps.meta-full.outputs.annotations }}
full-labels: ${{ steps.meta-full.outputs.labels }}
full-json: ${{ steps.meta-full.outputs.json }}
bin-annotations: ${{ steps.meta-bin.outputs.annotations }}
bin-labels: ${{ steps.meta-bin.outputs.labels }}
bin-json: ${{ steps.meta-bin.outputs.json }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Determine Composer version from Dockerfile
uses: ./.github/actions/determine-composer-version
with:
working-directory: ${{ env.DIRECTORY }}
- name: Docker metadata (full image)
id: meta-full
uses: docker/metadata-action@v5
with:
images: |
${{ env.DOCKERHUB_SLUG }}
${{ env.ECR_SLUG }}
${{ env.GHCR_SLUG }}
flavor: |
latest=false
tags: |
type=semver,pattern={{version}},value=${{ env.COMPOSER_VERSION_MAJOR_MINOR_PATCH }}
type=semver,pattern={{major}}.{{minor}},value=${{ env.COMPOSER_VERSION_MAJOR_MINOR_PATCH }}
lts
labels: |
org.opencontainers.image.vendor=Composer
org.opencontainers.image.title=Composer
org.opencontainers.image.description=PHP runtime image with Composer
- name: Docker metadata (binary-only image)
id: meta-bin
uses: docker/metadata-action@v5
with:
images: |
${{ env.DOCKERHUB_SLUG }}
${{ env.ECR_SLUG }}
${{ env.GHCR_SLUG }}
flavor: |
latest=false
suffix=-bin
tags: |
type=semver,pattern={{version}},value=${{ env.COMPOSER_VERSION_MAJOR_MINOR_PATCH }}
type=semver,pattern={{major}}.{{minor}},value=${{ env.COMPOSER_VERSION_MAJOR_MINOR_PATCH }}
lts
labels: |
org.opencontainers.image.vendor=Composer
org.opencontainers.image.title=Composer
org.opencontainers.image.description=Image with Composer binary only
build:
runs-on: ubuntu-latest
timeout-minutes: 20
needs:
- prepare
strategy:
matrix:
platform:
- linux/amd64
- linux/arm/v6
- linux/arm/v7
- linux/arm64/v8
- linux/i386
- linux/ppc64le
- linux/riscv64
- linux/s390x
defaults:
run:
working-directory: ${{ env.DIRECTORY }}
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Prepare
run: |
platform=${{ matrix.platform }}
echo "PLATFORM_SLUG=${platform//\//-}" >> $GITHUB_ENV
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
with:
platforms: ${{ matrix.platform }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
#if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Login to Amazon Public ECR
#if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: public.ecr.aws
username: ${{ secrets.AWS_ECR_ACCESS_KEY }}
password: ${{ secrets.AWS_ECR_SECRET_KEY }}
- name: Login to Github Container Registry
#if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request'
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build full image
id: build-full
uses: docker/build-push-action@v5
with:
context: ${{ env.DIRECTORY }}
target: binary-with-runtime
annotations: ${{ needs.prepare.outputs.full-annotations }}
platforms: ${{ matrix.platform }}
outputs: type=image,"name=${{ env.DOCKERHUB_SLUG }},${{ env.ECR_SLUG }},${{ env.GHCR_SLUG }}",push-by-digest=true,name-canonical=true,push=true #if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request'
- name: Build binary-only image
id: build-bin
uses: docker/build-push-action@v5
with:
context: ${{ env.DIRECTORY }}
target: standalone-binary
annotations: ${{ needs.prepare.outputs.bin-annotations }}
platforms: ${{ matrix.platform }}
outputs: type=image,"name=${{ env.DOCKERHUB_SLUG }},${{ env.ECR_SLUG }},${{ env.GHCR_SLUG }}",push-by-digest=true,name-canonical=true,push=true #if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request'
- name: Export digests
run: |
mkdir -p /tmp/digests/{full,bin}
digest="${{ steps.build-full.outputs.digest }}"
touch "/tmp/digests/full/${digest#sha256:}"
digest="${{ steps.build-bin.outputs.digest }}"
touch "/tmp/digests/bin/${digest#sha256:}"
- name: Upload digests
uses: actions/upload-artifact@v4
with:
name: digests-${{ env.PLATFORM_SLUG }}
path: |
/tmp/digests/full/*
/tmp/digests/bin/*
if-no-files-found: error
retention-days: 1
merge:
#if: github.ref == 'refs/heads/main' && github.event_name != 'pull_request'
runs-on: ubuntu-latest
needs:
- prepare
- build
steps:
- name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/digests
pattern: digests-*
merge-multiple: true
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_PASSWORD }}
- name: Login to Amazon Public ECR
uses: docker/login-action@v3
with:
registry: public.ecr.aws
username: ${{ secrets.AWS_ECR_ACCESS_KEY }}
password: ${{ secrets.AWS_ECR_SECRET_KEY }}
- name: Login to Github Container Registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Create manifest list for full image and push
working-directory: /tmp/digests/full
env:
JSON: ${{ needs.prepare.outputs.full-json }}
run: |
docker buildx imagetools create $(jq -cr '.tags | map(select(startswith("${{ env.DOCKERHUB_SLUG }}")) | "--tag " + .) | join(" ")' <<< "$JSON") \
$(printf '${{ env.DOCKERHUB_SLUG }}@sha256:%s ' *)
docker buildx imagetools create $(jq -cr '.tags | map(select(startswith("${{ env.ECR_SLUG }}")) | "--tag " + .) | join(" ")' <<< "$JSON") \
$(printf '${{ env.ECR_SLUG }}@sha256:%s ' *)
docker buildx imagetools create $(jq -cr '.tags | map(select(startswith("${{ env.GHCR_SLUG }}")) | "--tag " + .) | join(" ")' <<< "$JSON") \
$(printf '${{ env.GHCR_SLUG }}@sha256:%s ' *)
- name: Create manifest list for binary-only image and push
working-directory: /tmp/digests/bin
env:
JSON: ${{ needs.prepare.outputs.bin-json }}
run: |
docker buildx imagetools create $(jq -cr '.tags | map(select(startswith("${{ env.DOCKERHUB_SLUG }}")) | "--tag " + .) | join(" ")' <<< "$JSON") \
$(printf '${{ env.DOCKERHUB_SLUG }}@sha256:%s ' *)
docker buildx imagetools create $(jq -cr '.tags | map(select(startswith("${{ env.ECR_SLUG }}")) | "--tag " + .) | join(" ")' <<< "$JSON") \
$(printf '${{ env.ECR_SLUG }}@sha256:%s ' *)
docker buildx imagetools create $(jq -cr '.tags | map(select(startswith("${{ env.GHCR_SLUG }}")) | "--tag " + .) | join(" ")' <<< "$JSON") \
$(printf '${{ env.GHCR_SLUG }}@sha256:%s ' *)