Release 2.0: PHP 8.2, Ubuntu 22.04, major re-structure & cleanup (#59)

* Cleaned up comments

* Added Multi-arch support

* Fixed tage reference

* Removed quotes

* Optimized development script

* Upgraded development to Docker Buildx

* Added upstream support

* Added QEMU

* Added BuildX to production pipeline

* Added platforms

* Removed rare platforms

* Added base ubuntu version

* Re-added upstream channel

* Simplified development process

* Changed S6 Overlay commands to /command

* Refactored to standardized name of 'src' and 'dist'

* Updated warning

* Changed source and dist directories

* Clarified template location

* Added Ubuntu version support

* Updated commands to be compatible with S6 Overlay v3.x

* Updated note to 'dist' folder

* Changed to 'dist' folder

* Centralized workflows

* Removed requirement on calling ubuntu base versions

* Removed null variable

* Removed unused run command

* Set scripts to executable

* Separated build jobs

* Added job dependencies

* Added quotes

* Changed variables to global

* Escaped variables

* Removed environment variables

* Make services executable

* Updated all services to be executable

* Updated to bash

* Added CHMOD at Docker image level

* Fixed PHP variation

* Remove php_admin flags. Fixes #45

* Set security settings to admin flags

* Added PHP_OPEN_BASEDIR. Fixes #52. Thanks to @herpaderpaldent

* add php intl package to support laravel email validation rules

* Completed build for "int" package (ref #56)

* Added Composer variables

* added phpx.x-bcmath

Added `-bcmath` package for php `7.4`, `8.0` and `8.1` as it's a server requirement for Laravel https://laravel.com/docs/9.x/deployment#server-requirements

* Updated README to mermaid

* Upgraded to Ubuntu 22.04

* Updated Ubuntu version to be dynamic

* Added Matrix to workflow

* Updated all references to 22.04

* Restored matrix jobs to be by version only

* Restored base Ubuntu version

* Fixed order of service execution

* Converted to new S6 Overlay format

* Reset build numbers

* Configured working S6 overlay service in new format

* Decreased verbosity

* Converted runas-user to oneshot

* Converted Laravel Automations to new S6 Overlay methods

* Allow versions to be passed to the build command

* Converted Apache to new S6 Overlay standard

* Added S6 verbosity

* Updated NGINX to S6 overlay standard

* Converted services to S6 overlay standards

* Add Readiness Checks (#75)

Add Readiness Checks

* Adjusted upstream names

* Removed debugging

* Adjusted to multi-stage build

* Removed wget

* Adjusted repo config

* Fixed dependency issues

* Cleanup/remove templating (#77)

* Removed build files

* Removed yasha dependency

* Removed variables

* FPM not working

* Fixed PHP-FPM reference

* Fixed version reference

* Static reference to PHP

* Adjusted to listen on TCP only

* Added healthcheck

* Updated actions to new standard

* Clarified Docker Desktop

* Adjusted version to run from the matrix

* Added ca-certificates to repo-config stage

* FIxed READMEs

* Fixed README

* Add PHP 8.2 Support (#78)

* Added 8.2 to security policy

* Added images

* Added 8.2

* Clarified directory

* Alphabetized packages

* Removed php-redis (package not found)

* Allow SSL settings to be configured with "SSL_MODE" (#79)

* Added warning about PHP 8.2

* Tidy up scripts

* Enhanced healthcheck script

* Added documentation for SSL

* Moved cloudflare IPs to standalone file

* Removed default site

* Updated SSL generator for NGINX

* Set execution order for best UX

* Added SSL_MODE support for NGINX

* Improved UX on check script

* Improved UX of service startup

* Set sleep delay for Apache

* Added SSL_MODE support script

* Remove old config

* Added Apache configuration support for SSL_MODE

* Removed redundant exec keyword

* Disable S6 service timeouts (Fixes #81)

* Set the webuser via S6 Overlay's method

* Change production images to only be run on releases

* Revert "Change production images to only be run on releases"

This reverts commit b94f201.

* Cleaned up comments

* Upgraded Github Actions to latest versions

* Added sponsors workflow

* Updated to latest tj-actions/branch-names

Co-authored-by: Skyler Katz <[email protected]>
Co-authored-by: Alex Justesen <[email protected]>

Author: 3 people

.git-config/hooks/pre-commit

@@ -1,98 +1,44 @@
 name: Docker Publish (Beta Images)
 
 on:
-  # When changes are pushed to the "dev" branch, run it
   push:
     branches:
       - dev
-
-  # Run every week at 0800 UTC to update the images
   schedule:
     - cron: '0 8 * * 1'
 
 jobs:
-  push:
-    runs-on: ubuntu-20.04
-
-    # Configure our deployment strategy. Order is important here and we want it to go: CLI < FPM < FPM-NGINX
-    strategy:
-      # We want to limit the number of jobs to the number of versions that we're offering (since we want the dependency order to be built correctly)
-      max-parallel: 3
-      # Set our base image and versions here
-      matrix:
-        ####################################################################################################################
-        # Possibly delete this "base-image" thing. (See https://github.com/serversideup/docker-php/issues/8)
-        ####################################################################################################################
-        # base-image:
-        #   - ubuntu:20.04
-        php-variation:
-          - cli
-          - fpm
-          - fpm-nginx
-          - fpm-apache
-        php-version: 
-          - "7.4"
-          - "8.0"
-          - "8.1"
-
-    steps:
-      - uses: actions/checkout@v2
-        with:
-          ref: dev
-
-      - name: Login to DockerHub
-        uses: docker/login-action@v1 
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
-
-      ####################################################################
-      # Commenting this out for further testing & structure (See https://github.com/serversideup/docker-php/issues/8)
-      ####################################################################
-      # - name: Cache base image digest
-      #   uses: actions/cache@v2
-      #   with:
-      #     path: ${{ runner.temp }}/.base-image-digest
-      #     key: base-image-digest
-
-      # - name: Read cached base image digest
-      #   id: cached-base-image-digest
-      #   run: |
-      #     touch "${{ runner.temp }}/.base-image-digest"
-      #     echo "::set-output name=sha256::$(head -n 1 "${{ runner.temp }}/.base-image-digest")"
-
-      # - name: Pull base image
-      #   run: docker pull ${{ matrix.base-image }}
-
-      # - name: Set base image digest
-      #   id: base-image-digest
-      #   run: echo "::set-output name=sha256::$(docker inspect --format='{{index .RepoDigests 0}}' ${{ matrix.base-image }})"
-
-      # - name: Build image
-      #   if: steps.base-image-digest.outputs.sha256 != steps.cached-base-image-digest.outputs.sha256
-      #   run: docker build php/${{ matrix.php-version }}/. --tag serversideup/php:${{ matrix.php-version }}
-
-      # - name: Push image to DockerHub
-      #   if: steps.base-image-digest.outputs.sha256 != steps.cached-base-image-digest.outputs.sha256
-      #   run: docker push serversideup/php:${{ matrix.php-version }}
-
-      # - name: Update base image digest cache
-      #   run: |
-      #     echo "${{ steps.base-image-digest.outputs.sha256 }}" >"${{ runner.temp }}/.base-image-digest"
-      ####################################################################
-
-      - name: Build and tag image
-        run: docker build --build-arg UPSTREAM_CHANNEL="beta-" --pull generated-dockerfiles/${{ matrix.php-version }}/${{ matrix.php-variation }}/. --tag serversideup/php:beta-${{ matrix.php-version }}-${{ matrix.php-variation }}
-
-      - name: Push version image to DockerHub
-        run: docker push serversideup/php:beta-${{ matrix.php-version }}-${{ matrix.php-variation }}
-
-  ##################################################
-  # Commenting this out until further notice
-  ##################################################
-  # trigger_downstream_jobs:
-  #   needs: push
-  #   runs-on: ubuntu-20.04
-  #   steps:
-  #     - name: Trigger downstream builds
-  #       run: curl --fail --output "/dev/null" --silent --show-error -X POST -F token=${{ secrets.DOWNSTREAM_BUILD_TOKEN }} -F ref=$GITHUB_REF ${{ secrets.DOWNSTREAM_BUILD_WEBHOOK_ENDPOINT }}
+  cli:
+    uses: ./.github/workflows/workflow-docker-publish.yml
+    with:
+      upstream-channel-prefix: "beta-"
+      tag-prefix: "beta-"
+      php-variation: cli
+    secrets: inherit
+
+  fpm:
+    needs: cli
+    uses: ./.github/workflows/workflow-docker-publish.yml
+    with:
+      upstream-channel-prefix: "beta-"
+      tag-prefix: "beta-"
+      php-variation: fpm
+    secrets: inherit
+
+  fpm-nginx:
+    needs: fpm
+    uses: ./.github/workflows/workflow-docker-publish.yml
+    with:
+      upstream-channel-prefix: "beta-"
+      tag-prefix: "beta-"
+      php-variation: fpm-nginx
+    secrets: inherit
+
+  fpm-apache:
+    needs: fpm
+    uses: ./.github/workflows/workflow-docker-publish.yml
+    with:
+      upstream-channel-prefix: "beta-"
+      tag-prefix: "beta-"
+      php-variation: fpm-apache
+    secrets: inherit

.github/dependency-diagram.png

@@ -1,63 +1,54 @@
 name: Docker Publish (Production Images)
 
 on:
-  # When changes are pushed to the "main" branch, run it
   push:
     branches:
       - main
-
-  # Run every week at 0800 UTC to update the images
   schedule:
     - cron: '0 8 * * 2'
 
 jobs:
-  push:
-    runs-on: ubuntu-20.04
+  cli:
+    uses: ./.github/workflows/workflow-docker-publish.yml
+    with:
+      upstream-channel-prefix: ''
+      tag-prefix: ''
+      php-variation: cli
+    secrets: inherit
 
-    # Configure our deployment strategy. Order is important here and we want it to go: CLI < FPM < FPM-NGINX
-    strategy:
-      # We want to limit the number of jobs to the number of versions that we're offering (since we want the dependency order to be built correctly)
-      max-parallel: 3
-      # Set our base image and versions here
-      matrix:
-        ####################################################################################################################
-        # Possibly delete this "base-image" thing. (See https://github.com/serversideup/docker-php/issues/8)
-        ####################################################################################################################
-        # base-image:
-        #   - ubuntu:20.04
-        php-variation:
-          - cli
-          - fpm
-          - fpm-nginx
-          - fpm-apache
-        php-version: 
-          - "7.4"
-          - "8.0"
-          - "8.1"
+  fpm:
+    needs: cli
+    uses: ./.github/workflows/workflow-docker-publish.yml
+    with:
+      upstream-channel-prefix: ''
+      tag-prefix: ''
+      php-variation: fpm
+    secrets: inherit
 
-    steps:
-      - uses: actions/checkout@v2
-        with:
-          ref: main
-
-      - name: Login to DockerHub
-        uses: docker/login-action@v1 
-        with:
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+  fpm-nginx:
+    needs: fpm
+    uses: ./.github/workflows/workflow-docker-publish.yml
+    with:
+      upstream-channel-prefix: ''
+      tag-prefix: ''
+      php-variation: fpm-nginx
+    secrets: inherit
 
-      - name: Build and tag image
-        run: docker build --pull generated-dockerfiles/${{ matrix.php-version }}/${{ matrix.php-variation }}/. --tag serversideup/php:${{ matrix.php-version }}-${{ matrix.php-variation }}-v1.5.0
+  fpm-apache:
+    needs: fpm
+    uses: ./.github/workflows/workflow-docker-publish.yml
+    with:
+      upstream-channel-prefix: ''
+      tag-prefix: ''
+      php-variation: fpm-apache
+    secrets: inherit
 
-      - name: Push version image to DockerHub
-        run: docker push serversideup/php:${{ matrix.php-version }}-${{ matrix.php-variation }}-v1.5.0
-  
   update_container_readme:
     runs-on: ubuntu-latest
     name: Push README to Docker Hub
     steps:
       - name: git checkout
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
         with:
           ref: main
 
@@ -74,7 +65,7 @@ jobs:
 
   trigger_downstream_jobs:
     needs: push
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
     steps:
       - name: Trigger downstream builds
         run: curl --fail --output "/dev/null" --silent --show-error -X POST -F token=${{ secrets.DOWNSTREAM_BUILD_TOKEN }} -F ref=$GITHUB_REF ${{ secrets.DOWNSTREAM_BUILD_WEBHOOK_ENDPOINT }}

.github/workflows/docker-publish-beta.yml

@@ -0,0 +1,28 @@
+name: Generate Sponsors README
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: 30 15 * * 0-6
+jobs:
+  deploy:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout 🛎️
+        uses: actions/checkout@v3
+
+      - name: Generate Sponsors 💖
+        uses: JamesIves/github-sponsors-readme-action@v1
+        with:
+          organization: true
+          maximum: 500
+          fallback: '<p align="center"><a href="https://github.com/sponsors/serversideup"><img src="https://521public.s3.amazonaws.com/serversideup/sponsors/sponsor-empty-state.png" alt="Sponsors"></a></p>'
+          token: ${{ secrets.SPONSORS_README_ACTION_PERSONAL_ACCESS_TOKEN }}
+          marker: 'supporters'
+          template: '<a href="https://github.com/{{{ login }}}"><img src="https://github.com/{{{ login }}}.png" width="40px" alt="{{{ login }}}" /></a>&nbsp;&nbsp;'
+          file: 'README.md'
+
+      - name: Deploy to GitHub Pages 🚀
+        uses: JamesIves/github-pages-deploy-action@v4
+        with:
+          branch: main
+          folder: '.'

.github/workflows/docker-publish-production.yml

@@ -0,0 +1,70 @@
+on:
+  workflow_call:
+    inputs:
+      upstream-channel-prefix:
+        required: true
+        type: string
+        default: ''
+      base-os-flavor:
+        required: false
+        type: string
+        default: 'ubuntu'
+      base-os-version:
+        required: false
+        type: string
+        default: '22.04'
+      tag-prefix:
+        required: true
+        type: string
+        default: 'beta-'
+      php-variation:
+        required: true
+        type: string
+
+jobs:
+  docker-publish:
+    runs-on: ubuntu-22.04
+    strategy:
+      matrix:
+        php-version: 
+          - "7.4"
+          - "8.0"
+          - "8.1"
+          - "8.2"
+    steps:
+      - name: Get branch name
+        id: branch-name
+        uses: tj-actions/branch-names@v6
+
+      - uses: actions/checkout@v3
+        with:
+          ref: ${{ steps.branch-name.outputs.current_branch }}
+
+      - name: Login to DockerHub
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          build-args: |
+            UPSTREAM_CHANNEL=${{ inputs.upstream-channel-prefix }}
+            BASE_OS_FLAVOR=${{ inputs.base-os-flavor }}
+            BASE_OS_VERSION=${{ inputs.base-os-version }}
+            PHP_VERSION=${{ matrix.php-version }}
+          context: src/${{ inputs.php-variation }}/.
+          platforms: |
+            linux/amd64
+            linux/arm/v7
+            linux/arm64/v8
+          pull: true
+          push: true
+          tags: serversideup/php:${{ inputs.tag-prefix}}${{ matrix.php-version }}-${{ inputs.php-variation }}