feat: add otel ready to use image #401
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Build | |
on: | |
workflow_dispatch: | |
push: | |
branches: | |
- main | |
pull_request: | |
schedule: | |
- cron: '10 4 * * *' | |
env: | |
DOCKER_BUILDKIT: 1 | |
COSIGN_EXPERIMENTAL: 1 | |
permissions: | |
contents: write | |
id-token: write | |
packages: write | |
pull-requests: write | |
jobs: | |
generate-matrix: | |
runs-on: ubuntu-latest | |
outputs: | |
matrix: ${{ steps.generate-matrix.outputs.matrix }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Generate Matrix | |
id: generate-matrix | |
run: | | |
MATRIX=$(php matrix.php) | |
echo "matrix<<EOF" >> $GITHUB_OUTPUT | |
echo "$MATRIX" >> $GITHUB_OUTPUT | |
echo 'EOF' >> $GITHUB_OUTPUT | |
build-fpm-amd64: | |
name: PHP FPM ${{ matrix.php }} on amd64 | |
runs-on: ubuntu-latest | |
needs: [generate-matrix] | |
strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login into Github Docker Registery | |
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- uses: docker/build-push-action@v6 | |
with: | |
tags: ${{ matrix.fpm-image }}-amd64 | |
context: fpm | |
cache-from: type=gha,scope=fpm-${{ matrix.php }}-amd64 | |
cache-to: type=gha,mode=max,scope=fpm-${{ matrix.php }}-amd64 | |
platforms: linux/amd64 | |
build-args: | | |
PHP_PATCH_VERSION=${{ matrix.phpPatch }} | |
PHP_DIGEST=${{ matrix.phpPatchDigest }} | |
push: true | |
provenance: false | |
build-fpm-arm64: | |
name: PHP FPM ${{ matrix.php }} on arm64 | |
runs-on: github-hosted-arm64 | |
needs: [generate-matrix] | |
strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login into Github Docker Registery | |
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- uses: docker/build-push-action@v6 | |
with: | |
tags: ${{ matrix.fpm-image }}-arm64 | |
context: fpm | |
platforms: linux/arm64 | |
cache-from: type=gha,scope=fpm-${{ matrix.php }}-arm64 | |
cache-to: type=gha,mode=max,scope=fpm-${{ matrix.php }}-arm64 | |
build-args: | | |
PHP_PATCH_VERSION=${{ matrix.phpPatch }} | |
PHP_DIGEST=${{ matrix.phpPatchDigest }} | |
push: true | |
provenance: false | |
fpm-merge: | |
name: Generate Docker Manifest for PHP ${{ matrix.php }} | |
runs-on: ubuntu-latest | |
needs: [generate-matrix, build-fpm-amd64, build-fpm-arm64] | |
strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
steps: | |
- name: Login into Docker Hub | |
run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin | |
- name: Login into Github Docker Registery | |
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Install Cosign | |
uses: sigstore/cosign-installer@v3 | |
- name: Install Regclient | |
run: | | |
wget https://github.com/regclient/regclient/releases/latest/download/regctl-linux-amd64 | |
chmod +x regctl-linux-amd64 | |
- run: docker manifest create ${{ matrix.fpm-image }} --amend ${{ matrix.fpm-image }}-amd64 --amend ${{ matrix.fpm-image }}-arm64 | |
- run: docker manifest push ${{ matrix.fpm-image }} | |
- run: cosign sign --yes ${{ matrix.fpm-image }} | |
- run: docker manifest create ${{ matrix.fpm-patch-image }} --amend ${{ matrix.fpm-image }}-amd64 --amend ${{ matrix.fpm-image }}-arm64 | |
- run: docker manifest push ${{ matrix.fpm-patch-image }} | |
- run: cosign sign --yes ${{ matrix.fpm-patch-image }} | |
- if: github.ref == 'refs/heads/main' | |
run: ./regctl-linux-amd64 image copy ${{ matrix.fpm-image }} ${{ matrix.fpm-hub-image }} | |
- if: github.ref == 'refs/heads/main' | |
run: ./regctl-linux-amd64 image copy ${{ matrix.fpm-patch-image }} ${{ matrix.fpm-patch-hub-image }} | |
fpm-otel: | |
name: FPM with OpenTelemetry | |
runs-on: ubuntu-latest | |
needs: [fpm-merge, generate-matrix] | |
strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login into Docker Hub | |
run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin | |
- name: Login into Github Docker Registery | |
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Install Cosign | |
uses: sigstore/cosign-installer@v3 | |
- name: Install Regclient | |
run: | | |
wget https://github.com/regclient/regclient/releases/latest/download/regctl-linux-amd64 | |
chmod +x regctl-linux-amd64 | |
- uses: docker/build-push-action@v6 | |
with: | |
tags: ${{ matrix.fpm-image }}-otel | |
context: fpm-otel | |
platforms: linux/amd64,linux/arm64 | |
build-args: | | |
FPM_IMAGE=${{ matrix.fpm-image }} | |
push: true | |
provenance: false | |
caddy: | |
name: Build Caddy ${{ matrix.php }} | |
runs-on: ubuntu-latest | |
needs: [generate-matrix, fpm-merge] | |
strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login into Docker Hub | |
run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin | |
- name: Login into Github Docker Registery | |
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- uses: docker/build-push-action@v6 | |
with: | |
tags: | | |
${{ matrix.caddy-tags }} | |
context: caddy | |
cache-from: type=registry,ref=ghcr.io/shopware/docker-cache:${{ matrix.php }}-caddy | |
cache-to: type=registry,ref=ghcr.io/shopware/docker-cache:${{ matrix.php }}-caddy,mode=max | |
platforms: linux/amd64,linux/arm64 | |
build-args: | | |
FPM_IMAGE=${{ matrix.fpm-image }} | |
push: true | |
provenance: false | |
- name: Docker Scout | |
id: docker-scout | |
if: ${{ github.event_name == 'pull_request' }} | |
uses: docker/scout-action@v1 | |
with: | |
command: compare | |
to: ${{ matrix.scan-to }} | |
image: ${{ matrix.scan-tag }} | |
organization: shopware | |
ignore-unchanged: true | |
github-token: ${{ secrets.GITHUB_TOKEN }} | |
caddy-otel: | |
name: Build Caddy ${{ matrix.php }} with OpenTelemetry | |
runs-on: ubuntu-latest | |
needs: [fpm-otel] | |
strategy: ${{ fromJson(needs.generate-matrix.outputs.matrix) }} | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Login into Docker Hub | |
run: echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login -u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin | |
- name: Login into Github Docker Registery | |
run: echo "${{ secrets.GITHUB_TOKEN }}" | docker login ghcr.io -u ${{ github.actor }} --password-stdin | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- uses: docker/build-push-action@v6 | |
with: | |
tags: | | |
${{ matrix.caddy-tags-otel }} | |
context: caddy | |
platforms: linux/amd64,linux/arm64 | |
build-args: | | |
FPM_IMAGE=${{ matrix.fpm-image }}-otel | |
push: true | |
provenance: false | |
check: | |
name: Test Image | |
runs-on: ubuntu-latest | |
needs: [caddy] | |
if: github.ref != 'refs/heads/main' | |
steps: | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Checkout example repo | |
uses: actions/checkout@v4 | |
with: | |
repository: shopwareLabs/example-docker-repository | |
- name: Build | |
run: docker compose build --build-arg BASE_IMAGE=ghcr.io/shopware/docker-base-ci-test:${{ github.run_id }}-8.3-caddy | |
env: | |
DOCKER_BUILDKIT: 0 | |
- name: Run image | |
env: | |
DOCKER_BUILDKIT: 0 | |
run: docker compose up -d --wait | |
- name: Wait for Webserver reachable | |
run: | | |
attempt_counter=0 | |
max_attempts=5 | |
until $(curl --output /dev/null --silent --head --fail localhost:8000/admin); do | |
if [ ${attempt_counter} -eq ${max_attempts} ];then | |
echo "Max attempts reached" | |
exit 1 | |
fi | |
printf '.' | |
attempt_counter=$(($attempt_counter+1)) | |
sleep 5 | |
done | |
- name: Check if shopware is running | |
run: curl --fail localhost:8000/admin | |
# output logs if failed | |
- name: Output logs | |
run: docker compose logs | |
if: ${{ failure() }} |