CD: Build and push images to ghcr.io

.dockerignore

@@ -1,3 +1,4 @@
+.git
 .github
 devops
 !devops/docker/frankenphp/conf.d/xdebug.ini

.github/workflows/cd.yml

@@ -0,0 +1,70 @@
+name: Continuous Delivery for ArtefactGuide
+on: push
+#on:
+#  push:
+#    branches:
+#      - 'main'
+#    tags:
+#      - 'v*.*.*'
+
+jobs:
+  build:
+    name: Build and push Docker image to GitHub Container registry
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: read
+    steps:
+      - name: Checkout the repository
+        uses: actions/checkout@v3
+
+      - name: Docker Setup Buildx
+        uses: docker/[email protected]
+
+      - name: Docker Login
+        uses: docker/[email protected]
+        with:
+          registry: ghcr.io
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build and push Docker images
+        uses: docker/[email protected]
+        env:
+          REGISTRY: ghcr.io
+          IMAGE_NAME: ${{ github.repository }}
+        with:
+          context: .
+          file: ./devops/docker/frankenphp/Dockerfile
+          target: production
+          push: true
+          tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
+
+  deploy:
+    name: Deploy image to host
+    needs: build
+    runs-on: ubuntu-latest
+    environment: production
+    permissions:
+      packages: read
+      contents: read
+    steps:
+      - name: echo 'TEST'
+        run: echo '${{ vars.TEST }}'
+      - name: echo "TEST"
+        run: echo "${{ vars.TEST }}"
+      - name: Deploy to Docker Host via docker-compose
+        uses: wshihadeh/docker-deployment-action@878e5822321b7acbcee5fe5fdb926d61d27656d6
+        with:
+          remote_docker_host: cbag_deployer@${{ secrets.DOCKER_REMOTE_HOST}} # [email protected]
+          #remote_docker_port: 22
+          ssh_public_key: ${{ secrets.DOCKER_SSH_KNOWN_HOSTS }}
+          ssh_private_key: ${{ secrets.DOCKER_SSH_PRIVATE_KEY }}
+          deployment_mode: docker-compose
+          copy_stack_file: true
+          deploy_path: ${{ secrets.DOCKER_DEPLOY_PATH }}
+          stack_file_name: docker-compose.prod.yml
+          pull_images_first: true
+          keep_files: 5
+          docker_prune: false
+          args: up -d

.github/workflows/ci.yaml

@@ -1,6 +1,6 @@
 # GitHub Action for Symfony
 name: Run CI for ArtefactGuide
-on: [push, pull_request]
+on: [push]
 
 jobs:
   setup:
@@ -16,19 +16,22 @@ jobs:
         uses: actions/checkout@v3
 
       # Docs: https://github.com/shivammathur/setup-php
-      - name: Setup PHP
-        uses: shivammathur/setup-php@v2
+      - name: Setup PHP Action
+        uses: shivammathur/[email protected]
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # to not run into ratelimits
         with:
           php-version: ${{ matrix.php-versions }}
-          extensions: mbstring, xml, ctype, iconv, intl, pgsql
+          extensions: mbstring, xml, ctype, iconv, intl, pdo_pgsql
           coverage: xdebug
 
       - name: Get composer cache directory
         id: composer-cache
         run: echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
+        working-directory: ./app
 
       - name: Cache composer dependencies
-        uses: actions/cache@v3
+        uses: actions/cache@v3.0.11
         with:
           path: ${{ steps.composer-cache.outputs.dir }}
           # Use composer.json for key, if composer.lock is not committed.
@@ -37,13 +40,17 @@ jobs:
           restore-keys: ${{ runner.os }}-composer-
 
       - name: Setup Install dependencies
-        run: make install
+        run: make install-ci
+        working-directory: ./app
 
       - name: CI lint
         run: make lint
+        working-directory: ./app
 
       - name: CI analyze
         run: make analyze
+        working-directory: ./app
 
-      - name: CI test
-        run: make test-php-coverage
+      - name: CI test with coverage
+        run: make test-php-coverage
+        working-directory: ./app

.github/workflows/debug.yml

@@ -0,0 +1,20 @@
+name: Debug output
+on: push
+
+jobs:
+  dump_contexts_to_log:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Dump GitHub context
+        id: github_context_step
+        run: echo '${{ toJSON(github) }}'
+      - name: Dump job context
+        run: echo '${{ toJSON(job) }}'
+      - name: Dump steps context
+        run: echo '${{ toJSON(steps) }}'
+      - name: Dump runner context
+        run: echo '${{ toJSON(runner) }}'
+      - name: Dump strategy context
+        run: echo '${{ toJSON(strategy) }}'
+      - name: Dump matrix context
+        run: echo '${{ toJSON(matrix) }}'

.gitignore

@@ -1,31 +1,2 @@
-
-###> symfony/framework-bundle ###
-/.env.local
-/.env.local.php
-/.env.*.local
-/config/secrets/prod/prod.decrypt.private.php
-/public/bundles/
-/var/
-/vendor/
-###< symfony/framework-bundle ###
-
-###> symfony/webpack-encore-bundle ###
-/node_modules/
-/public/build/
-/public/uploads/
-npm-debug.log
-yarn-error.log
-###< symfony/webpack-encore-bundle ###
-/.php-cs-fixer.cache
-
-###> symfony/phpunit-bridge ###
-.phpunit.result.cache
-.phpunit.cache
-/phpunit.xml
-###< symfony/phpunit-bridge ###
-
-###> phpunit/phpunit ###
-/phpunit.xml
-.phpunit.result.cache
-.phpunit.cache
-###< phpunit/phpunit ###
+/devops/env/*
+/devops/database/*

Makefile

@@ -5,74 +5,22 @@ help: ## Helping devs since 2016
 	@cat $(MAKEFILE_LIST) | grep -e "^[\%a-zA-Z_\-]*: *.*## *" | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
 	@echo "For additional commands have a look at the Makefile"
 
-install: ## install
-	./bin/composer install
-	./bin/composer install -d ./devops/ci
+app-%:
+	docker compose exec artefactguide make $*
 
-dev-start: ## start dev env
-	./bin/symfony server:start -d
-dev-stop: ## stop dev env
-	./bin/symfony server:stop
+init: build-dev up app-install-dev app-install-frontend-dev app-data-restore ## Init the development environment
 
-data-restore: ## drop and restore data
-	#rm -f ./migrations/*
-	./bin/console doctrine:database:drop --force --quiet
-	./bin/console doctrine:database:create --if-not-exists --quiet
-	#./bin/console doctrine:migrations:di --no-interaction --quiet
-	./bin/console doctrine:migrations:migrate --no-interaction --quiet
-	./bin/console cbag:restore
+up: ## Start all containers
+	docker compose up -d
 
-database-setup:
-	./bin/console doctrine:migrations:migrate
+push:
+	docker-compose tag artefactguide ghcr.io/c-base/cbag3:latest
 
-database-dump: ## dumps database to a file 
-	./bin/symfony run pg_dump --data-only > var/dump.sql
+build-dev: ## Build image for development
+	docker build -f ./devops/docker/frankenphp/Dockerfile --target dev -t ghcr.io/c-base/cbag3:dev-latest .
 
-database-restore: ## restores the database from a file
-	./bin/symfony run psql < var/dump.sql
+build-production:  ## Build image for production
+	docker build -f ./devops/docker/frankenphp/Dockerfile --target production -t ghcr.io/c-base/cbag3:latest .
 
-frontend-dev: ## install frontend dev
-	yarn encore dev
-
-frontend-prod: ## install frontend production
-	yarn encore production
-
-ci: composer analyze-phpstan lint test ## run CI
-
-composer:
-	./bin/composer validate
-	./bin/composer outdated --direct
-	./bin/composer validate -d ./devops/ci
-	./bin/composer outdated --direct -d ./devops/ci
-
-analyze: analyze-phpstan ## Run all analyzer tools
-
-analyze-deptrac: ## Run deptrac
-	./devops/ci/vendor/bin/deptrac analyse --config-file=./devops/ci/config/depfile.yaml --cache-file=./devops/ci/cache/.deptrac.cache
-
-analyze-phpstan: ## run phpstan
-	php -d memory_limit=-1 ./devops/ci/vendor/bin/phpstan analyse --configuration ./devops/ci/config/phpstan.neon --xdebug
-
-analyze-phpstan-baseline: ## run phpstan and update the baseline
-	php -d memory_limit=-1 ./devops/ci/vendor/bin/phpstan analyse --configuration ./devops/ci/config/phpstan.neon --generate-baseline ./devops/ci/config/phpstan-baseline.neon
-
-analyze-rector: ## Run rector
-	php devops/ci/vendor/bin/rector process --config=devops/ci/config/rector.php --xdebug --clear-cache
-
-lint: lint-php ## Runn all lint tools
-
-lint-php: ## cs fixer dry-run
-	PHP_CS_FIXER_IGNORE_ENV=1 ./devops/ci/vendor/bin/php-cs-fixer fix --show-progress=dots --diff --dry-run src
-	PHP_CS_FIXER_IGNORE_ENV=1 ./devops/ci/vendor/bin/php-cs-fixer fix --show-progress=dots --diff --dry-run tests
-
-lint-php-fix: ## cs fixer
-	PHP_CS_FIXER_IGNORE_ENV=1 ./devops/ci/vendor/bin/php-cs-fixer fix --show-progress=dots --diff src
-	PHP_CS_FIXER_IGNORE_ENV=1 ./devops/ci/vendor/bin/php-cs-fixer fix --show-progress=dots --diff tests
-
-test: test-php ## Run all tests
-
-test-php: ## Run tests
-	./vendor/bin/phpunit -c ./devops/ci/config/phpunit.xml
-
-test-php-coverage: ## Run tests with coverage
-	XDEBUG_MODE=coverage ./vendor/bin/phpunit -c ./devops/ci/config/phpunit.xml --coverage-text --coverage-html ./devops/ci/result/phpunit/coverage-html
+lint-docker: ## Lint Dockerfiles
+	cat ./devops/docker/frankenphp/Dockerfile | docker run --rm -i hadolint/hadolint || true

README.md

@@ -22,8 +22,8 @@
 * [ ] Add audit-trail
 * [ ] Add Notification when images are added
 * [ ] Handle http status 401
-  * [x] add primary image
-  * [ ] upload image
+* [x] add primary image
+* [x] upload image
 
 ## TODO
 * [ ] add `updatedAt` field to artefact and image

app/.gitignore

@@ -0,0 +1,35 @@
+
+/ci/vendor/*
+/ci/cache/*
+
+
+###> symfony/framework-bundle ###
+/.env.local
+/.env.local.php
+/.env.*.local
+/config/secrets/prod/prod.decrypt.private.php
+/public/bundles/
+/var/
+/vendor/
+###< symfony/framework-bundle ###
+
+###> symfony/webpack-encore-bundle ###
+/node_modules/
+/public/build/
+/public/uploads/
+npm-debug.log
+yarn-error.log
+###< symfony/webpack-encore-bundle ###
+/.php-cs-fixer.cache
+
+###> symfony/phpunit-bridge ###
+.phpunit.result.cache
+.phpunit.cache
+/phpunit.xml
+###< symfony/phpunit-bridge ###
+
+###> phpunit/phpunit ###
+/phpunit.xml
+.phpunit.result.cache
+.phpunit.cache
+###< phpunit/phpunit ###