diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3948489..76b20b2 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,7 +16,6 @@ on: description: JSON string with Debian versions to build required: true type: string - jobs: supported-php-versions: name: Supported PHP versions @@ -93,13 +92,13 @@ jobs: echo "Found images with CVE's in them" cat images_with.cves | xargs -I % php -r 'echo implode(PHP_EOL, explode("|", "%")), PHP_EOL;' | xargs -I % php -r 'echo explode("#", "%")[1], PHP_EOL;' >> images-that-need-updating.list fi - + echo "Looking for newer upstream images" php utils/newer-upstream-images.php >> images-that-need-updating.list echo "Building the following images:" php utils/deduplicate-list.php | jq '.[]' - + printf "image=%s" $(php utils/deduplicate-list.php) >> $GITHUB_OUTPUT exit 0 fi diff --git a/.github/workflows/wolfi.yml b/.github/workflows/wolfi.yml new file mode 100644 index 0000000..ec16dc0 --- /dev/null +++ b/.github/workflows/wolfi.yml @@ -0,0 +1,25 @@ +name: Continuous Integration (Wolfi) +on: + pull_request: +jobs: + build: + name: Building "${{ matrix.php }}" + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + php: ["8.1", "8.2", "8.3"] + steps: + - uses: actions/checkout@v2 + - uses: dbhi/qus/action@main + - run: docker run --rm -v "${PWD}":/work cgr.dev/chainguard/melange keygen + - run: docker run --privileged --rm -v "${PWD}":/work cgr.dev/chainguard/melange build wolfi-apk-${{ matrix.php }}-slim.yaml --arch amd64,arm64 --signing-key melange.rsa + - run: ls -lasthR packages + - run: docker run --privileged --rm -v "${PWD}":/work cgr.dev/chainguard/melange build wolfi-apk-${{ matrix.php }}.yaml --arch amd64,arm64 --signing-key melange.rsa + - run: docker run --rm -v ${PWD}:/work cgr.dev/chainguard/apko build --arch amd64,arm64 wolfi-image-${{ matrix.php }}-slim.yaml wyrihaximusnet/php:${{ matrix.php }}-nts-wolfi-slim php-${{ matrix.php }}-slim.tar -k melange.rsa.pub + - run: docker run --rm -v ${PWD}:/work cgr.dev/chainguard/apko build --arch amd64,arm64 wolfi-image-${{ matrix.php }}.yaml wyrihaximusnet/php:${{ matrix.php }}-nts-wolfi-slim php-${{ matrix.php }}.tar -k melange.rsa.pub + - run: docker load < php-${{ matrix.php }}-slim.tar + - run: docker load < php-${{ matrix.php }}.tar + - run: docker run --rm -t wyrihaximusnet/php:${{ matrix.php }}-nts-wolfi-slim-amd64 -v + - run: docker run --rm -t wyrihaximusnet/php:${{ matrix.php }}-nts-wolfi-slim-amd64 -m + - run: docker images diff --git a/wolfi-apk-8.1-slim.yaml b/wolfi-apk-8.1-slim.yaml new file mode 100644 index 0000000..2c55ff2 --- /dev/null +++ b/wolfi-apk-8.1-slim.yaml @@ -0,0 +1,107 @@ +package: + name: php-81-slim + version: 0.1.0 + description: PHP 8.1 Slim + target-architecture: + - all + copyright: + - license: MIT + paths: + - "*" + dependencies: + runtime: + - php81 + - php81-common + - php81-curl + - php81-openssl + - php81-dev + - php81-pear + - php81-xml + - php81-dom + - php81-pcntl + - php81-pgsql + - php81-pdo + - php81-pdo_pgsql + - php81-bcmath + - php81-zip + - php81-gmp + - php81-iconv + - php81-opcache + - php81-intl + - php81-sockets + - libuv-dev + - icu-dev +# - libevent-dev + +environment: + contents: + repositories: + - https://dl-cdn.alpinelinux.org/alpine/edge/main + - https://dl-cdn.alpinelinux.org/alpine/edge/community + packages: + - ca-certificates-bundle + - curl + - git + - php81 + - php81-common + - php81-curl + - php81-openssl + - php81-dev + - php81-pear + - php81-xml + - php81-dom + - autoconf + - dpkg-dev + - file + - g++ + - gcc + - libc-dev + - make + - re2c + - composer + - libuv-dev + - icu-dev +# - libevent-dev + - openssl-dev + - coreutils + - procps + +pipeline: + - name: install pear + runs: | + set -x + wget -q pear.php.net/go-pear.phar + php go-pear.phar + mkdir -p $(php-config --extension-dir 2>/dev/null) + mkdir -p "${{targets.destdir}}$(php-config --extension-dir 2>/dev/null)" + mkdir -p "${{targets.destdir}}$(php-config --ini-dir 2>/dev/null)" + - name: ext-uv + runs: | + git clone https://github.com/amphp/ext-uv uv + cd uv + git fetch + git pull + phpize + ./configure + cat Makefile + make install + echo "extension=uv.so" > "${{targets.destdir}}$(php-config --ini-dir 2>/dev/null)/uv.ini" + cp "$(php-config --extension-dir 2>/dev/null)/uv.so" "${{targets.destdir}}$(php-config --extension-dir 2>/dev/null)/uv.so" + - name: ext-eio + runs: | + pecl install eio || pecl install eio-beta + echo "extension=eio.so" > "${{targets.destdir}}$(php-config --ini-dir 2>/dev/null)/eio.ini" + cp "$(php-config --extension-dir 2>/dev/null)/eio.so" "${{targets.destdir}}$(php-config --extension-dir 2>/dev/null)/eio.so" +# - name: ext-event +# runs: | +# pecl install event +# echo "extension=event.so" > "${{targets.destdir}}$(php-config --ini-dir 2>/dev/null)/event.ini" +# cp "$(php-config --extension-dir 2>/dev/null)/event.so" "${{targets.destdir}}$(php-config --extension-dir 2>/dev/null)/event.so" + - name: wait-for + runs: | + mkdir -p "${{targets.destdir}}/bin" + wget -q -O - https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh > "${{targets.destdir}}/bin/wait-for" + - name: clean up pear + runs: | + rm go-pear.phar + - uses: strip diff --git a/wolfi-apk-8.1.yaml b/wolfi-apk-8.1.yaml new file mode 100644 index 0000000..0669d55 --- /dev/null +++ b/wolfi-apk-8.1.yaml @@ -0,0 +1,29 @@ +package: + name: php-81 + version: 0.1.0 + description: PHP 8.1 + target-architecture: + - all + copyright: + - license: MIT + paths: + - "*" + dependencies: + runtime: + - php81-slim + - php81-gd + - php81-vips + +environment: + contents: + keyring: + - /work/melange.rsa.pub + repositories: + - https://dl-cdn.alpinelinux.org/alpine/edge/main + - https://dl-cdn.alpinelinux.org/alpine/edge/community + - '@local /work/packages' + packages: + - php81-slim@local + +pipeline: + - uses: strip diff --git a/wolfi-apk-8.2-slim.yaml b/wolfi-apk-8.2-slim.yaml new file mode 100644 index 0000000..6a4d803 --- /dev/null +++ b/wolfi-apk-8.2-slim.yaml @@ -0,0 +1,107 @@ +package: + name: php-82-slim + version: 0.1.0 + description: PHP 8.2 Slim + target-architecture: + - all + copyright: + - license: MIT + paths: + - "*" + dependencies: + runtime: + - php82 + - php82-common + - php82-curl + - php82-openssl + - php82-dev + - php82-pear + - php82-xml + - php82-dom + - php82-pcntl + - php82-pgsql + - php82-pdo + - php82-pdo_pgsql + - php82-bcmath + - php82-zip + - php82-gmp + - php82-iconv + - php82-opcache + - php82-intl + - php82-sockets + - libuv-dev + - icu-dev +# - libevent-dev + +environment: + contents: + repositories: + - https://dl-cdn.alpinelinux.org/alpine/edge/main + - https://dl-cdn.alpinelinux.org/alpine/edge/community + packages: + - ca-certificates-bundle + - curl + - git + - php82 + - php82-common + - php82-curl + - php82-openssl + - php82-dev + - php82-pear + - php82-xml + - php82-dom + - autoconf + - dpkg-dev + - file + - g++ + - gcc + - libc-dev + - make + - re2c + - composer + - libuv-dev + - icu-dev + # - libevent-dev + - openssl-dev + - coreutils + - procps + +pipeline: +# - name: install pear +# runs: | +# set -x +# wget -q pear.php.net/go-pear.phar +# php go-pear.phar +# mkdir -p $(php-config --extension-dir 2>/dev/null) +# mkdir -p "${{targets.destdir}}$(php-config --extension-dir 2>/dev/null)" +# mkdir -p "${{targets.destdir}}$(php-config --ini-dir 2>/dev/null)" +# - name: ext-uv +# runs: | +# git clone https://github.com/amphp/ext-uv uv +# cd uv +# git fetch +# git pull +# phpize +# ./configure +# cat Makefile +# make install +# echo "extension=uv.so" > "${{targets.destdir}}$(php-config --ini-dir 2>/dev/null)/uv.ini" +# cp "$(php-config --extension-dir 2>/dev/null)/uv.so" "${{targets.destdir}}$(php-config --extension-dir 2>/dev/null)/uv.so" +# - name: ext-eio +# runs: | +# pecl install eio || pecl install eio-beta +# echo "extension=eio.so" > "${{targets.destdir}}$(php-config --ini-dir 2>/dev/null)/eio.ini" +# cp "$(php-config --extension-dir 2>/dev/null)/eio.so" "${{targets.destdir}}$(php-config --extension-dir 2>/dev/null)/eio.so" + # - name: ext-event + # runs: | + # pecl install event + # echo "extension=event.so" > "${{targets.destdir}}$(php-config --ini-dir 2>/dev/null)/event.ini" + # cp "$(php-config --extension-dir 2>/dev/null)/event.so" "${{targets.destdir}}$(php-config --extension-dir 2>/dev/null)/event.so" + - name: wait-for + runs: | + mkdir -p "${{targets.destdir}}/bin" + wget -q -O - https://raw.githubusercontent.com/vishnubob/wait-for-it/master/wait-for-it.sh > "${{targets.destdir}}/bin/wait-for" +# - name: clean up pear +# runs: | +# rm go-pear.phar + - uses: strip diff --git a/wolfi-apk-8.2.yaml b/wolfi-apk-8.2.yaml new file mode 100644 index 0000000..cc6e01c --- /dev/null +++ b/wolfi-apk-8.2.yaml @@ -0,0 +1,18 @@ +package: + name: php-82 + version: 0.1.0 + description: PHP 8.2 + target-architecture: + - all + copyright: + - license: MIT + paths: + - "*" + dependencies: + runtime: + - php82-slim + - php82-gd + - php82-vips + +pipeline: + - uses: strip diff --git a/wolfi-image-8.1-slim.yaml b/wolfi-image-8.1-slim.yaml new file mode 100644 index 0000000..e5ea391 --- /dev/null +++ b/wolfi-image-8.1-slim.yaml @@ -0,0 +1,19 @@ +contents: + repositories: + - https://dl-cdn.alpinelinux.org/alpine/edge/main + - https://dl-cdn.alpinelinux.org/alpine/edge/community + - '@local /work/packages' + packages: + - alpine-baselayout-data + - ca-certificates-bundle + - php-81-slim@local +accounts: + groups: + - groupname: nonroot + gid: 65532 + users: + - username: nonroot + uid: 65532 + run-as: 65532 +entrypoint: + command: php diff --git a/wolfi-image-8.1.yaml b/wolfi-image-8.1.yaml new file mode 100644 index 0000000..047dde0 --- /dev/null +++ b/wolfi-image-8.1.yaml @@ -0,0 +1,20 @@ +contents: + repositories: + - https://dl-cdn.alpinelinux.org/alpine/edge/main + - https://dl-cdn.alpinelinux.org/alpine/edge/community + - '@local /work/packages' + packages: + - alpine-baselayout-data + - ca-certificates-bundle + - php-81-slim@local + - php-81@local +accounts: + groups: + - groupname: nonroot + gid: 65532 + users: + - username: nonroot + uid: 65532 + run-as: 65532 +entrypoint: + command: php diff --git a/wolfi-image-8.2-slim.yaml b/wolfi-image-8.2-slim.yaml new file mode 100644 index 0000000..becf58d --- /dev/null +++ b/wolfi-image-8.2-slim.yaml @@ -0,0 +1,19 @@ +contents: + repositories: + - https://dl-cdn.alpinelinux.org/alpine/edge/main + - https://dl-cdn.alpinelinux.org/alpine/edge/community + - '@local /work/packages' + packages: + - alpine-baselayout-data + - ca-certificates-bundle + - php-82-slim@local +accounts: + groups: + - groupname: nonroot + gid: 65532 + users: + - username: nonroot + uid: 65532 + run-as: 65532 +entrypoint: + command: php diff --git a/wolfi-image-8.2.yaml b/wolfi-image-8.2.yaml new file mode 100644 index 0000000..88001ea --- /dev/null +++ b/wolfi-image-8.2.yaml @@ -0,0 +1,20 @@ +contents: + repositories: + - https://dl-cdn.alpinelinux.org/alpine/edge/main + - https://dl-cdn.alpinelinux.org/alpine/edge/community + - '@local /work/packages' + packages: + - alpine-baselayout-data + - ca-certificates-bundle + - php-82-slim@local + - php-82@local +accounts: + groups: + - groupname: nonroot + gid: 65532 + users: + - username: nonroot + uid: 65532 + run-as: 65532 +entrypoint: + command: php