Skip to content

php-base-updated

php-base-updated #24

Workflow file for this run

name: Build and Push PHP-CLI Images
# IMPORTANT: This workflow depends on php-base tier images being available.
# Do NOT add push triggers for php-cli/** paths - this would cause race conditions
# where php-cli tries to build before php-base images are pushed.
# Instead, use repository_dispatch from php-base workflow or workflow_dispatch.
on:
# NO push trigger - php-cli depends on php-base images being built first
# Use repository_dispatch from php-base workflow instead
workflow_dispatch:
inputs:
php_version:
description: 'PHP Version to build (8.2, 8.3, 8.4, or all)'
required: false
default: 'all'
os_variant:
description: 'OS variant to build (bookworm or all)'
required: false
default: 'all'
repository_dispatch:
types: [php-base-updated]
schedule:
# Weekly security rebuild - Monday 02:00 UTC (after php-base at 01:00)
- cron: '0 2 * * 1'
env:
REGISTRY: ghcr.io
IMAGE_NAME: ${{ github.repository }}/php-cli
jobs:
# ═══════════════════════════════════════════════════════════════════════════
# SLIM TIER - Minimal PHP with essential extensions (Alpine only)
# Note: Debian images don't have tiered builds - they include everything
# ═══════════════════════════════════════════════════════════════════════════
build-slim-matrix:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php_version: ['8.2', '8.3', '8.4', '8.5']
os_variant: ['bookworm']
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get build lifecycle state
id: lifecycle
run: |
chmod +x ./scripts/get-build-state.sh
BUILD_STATE=$(./scripts/get-build-state.sh ${{ matrix.php_version }} ${{ matrix.os_variant }})
echo "LIFECYCLE=$(echo "$BUILD_STATE" | jq -r '.lifecycle')" >> $GITHUB_OUTPUT
echo "Build state for PHP ${{ matrix.php_version }} ${{ matrix.os_variant }} (slim):"
echo "$BUILD_STATE" | jq .
- name: Determine Dockerfile path
id: dockerfile
run: |
echo "path=./php-cli/${{ matrix.php_version }}/debian/bookworm/Dockerfile" >> $GITHUB_OUTPUT
echo "base_os=bookworm" >> $GITHUB_OUTPUT
- name: Get PHP patch version
id: php_patch
run: |
BASE_IMAGE="php:${{ matrix.php_version }}-cli-${{ steps.dockerfile.outputs.base_os }}"
PHP_FULL=$(docker run --rm $BASE_IMAGE php -r 'echo PHP_VERSION;')
echo "version=$PHP_FULL" >> $GITHUB_OUTPUT
echo "PHP patch version: $PHP_FULL"
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=${{ matrix.php_version }}-${{ matrix.os_variant }}-slim,enable={{is_default_branch}}
type=raw,value=${{ steps.php_patch.outputs.version }}-${{ matrix.os_variant }}-slim,enable={{is_default_branch}}
type=sha,prefix=${{ matrix.php_version }}-${{ matrix.os_variant }}-slim-,enable={{is_default_branch}}
type=ref,event=branch,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-slim
type=ref,event=pr,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-slim
- name: Build and push slim Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ${{ steps.dockerfile.outputs.path }}
target: slim-root
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-slim
cache-to: type=gha,mode=max,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-slim
- name: Test slim image
if: github.event_name != 'pull_request'
run: |
IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php_version }}-${{ matrix.os_variant }}-slim"
echo "Testing slim image $IMAGE..."
docker run --rm $IMAGE php -v
docker run --rm $IMAGE php -m | grep -E "opcache|redis|pdo_mysql|gd"
docker run --rm $IMAGE composer --version
docker run --rm $IMAGE cbox-init --version
# ─────────────────────────────────────────────────────────────────────────────
# SLIM ROOTLESS (Alpine only - Debian doesn't have tiered builds)
# ─────────────────────────────────────────────────────────────────────────────
build-slim-rootless-matrix:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php_version: ['8.2', '8.3', '8.4', '8.5']
os_variant: ['bookworm']
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get build lifecycle state
id: lifecycle
run: |
chmod +x ./scripts/get-build-state.sh
BUILD_STATE=$(./scripts/get-build-state.sh ${{ matrix.php_version }} ${{ matrix.os_variant }})
echo "LIFECYCLE=$(echo "$BUILD_STATE" | jq -r '.lifecycle')" >> $GITHUB_OUTPUT
- name: Determine Dockerfile path
id: dockerfile
run: |
echo "path=./php-cli/${{ matrix.php_version }}/debian/bookworm/Dockerfile" >> $GITHUB_OUTPUT
echo "base_os=bookworm" >> $GITHUB_OUTPUT
- name: Get PHP patch version
id: php_patch
run: |
BASE_IMAGE="php:${{ matrix.php_version }}-cli-${{ steps.dockerfile.outputs.base_os }}"
PHP_FULL=$(docker run --rm $BASE_IMAGE php -r 'echo PHP_VERSION;')
echo "version=$PHP_FULL" >> $GITHUB_OUTPUT
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=${{ matrix.php_version }}-${{ matrix.os_variant }}-slim-rootless,enable={{is_default_branch}}
type=raw,value=${{ steps.php_patch.outputs.version }}-${{ matrix.os_variant }}-slim-rootless,enable={{is_default_branch}}
type=sha,prefix=${{ matrix.php_version }}-${{ matrix.os_variant }}-slim-rootless-,enable={{is_default_branch}}
type=ref,event=branch,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-slim-rootless
type=ref,event=pr,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-slim-rootless
- name: Build and push slim rootless Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ${{ steps.dockerfile.outputs.path }}
target: slim-rootless
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-slim-rootless
cache-to: type=gha,mode=max,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-slim-rootless
- name: Test slim rootless image
if: github.event_name != 'pull_request'
run: |
IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php_version }}-${{ matrix.os_variant }}-slim-rootless"
echo "Testing slim rootless image $IMAGE..."
docker run --rm $IMAGE id -u | grep -E "^(33|82)$"
docker run --rm $IMAGE php -v
docker run --rm $IMAGE composer --version
# ═══════════════════════════════════════════════════════════════════════════
# STANDARD TIER (DEFAULT) - With ImageMagick, vips, Node.js
# ═══════════════════════════════════════════════════════════════════════════
build-matrix:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php_version: ['8.2', '8.3', '8.4', '8.5']
os_variant: ['bookworm']
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get build lifecycle state
id: lifecycle
run: |
chmod +x ./scripts/get-build-state.sh
BUILD_STATE=$(./scripts/get-build-state.sh ${{ matrix.php_version }} ${{ matrix.os_variant }})
echo "LIFECYCLE=$(echo "$BUILD_STATE" | jq -r '.lifecycle')" >> $GITHUB_OUTPUT
echo "PHP_EOL=$(echo "$BUILD_STATE" | jq -r '.php_eol')" >> $GITHUB_OUTPUT
echo "REMOVAL_DATE=$(echo "$BUILD_STATE" | jq -r '.removal_date // empty')" >> $GITHUB_OUTPUT
echo "PREVIEW_STATUS=$(echo "$BUILD_STATE" | jq -r '.status // empty')" >> $GITHUB_OUTPUT
echo "TAGS_SUFFIX=$(echo "$BUILD_STATE" | jq -r '.tags_suffix // empty')" >> $GITHUB_OUTPUT
echo "Build state for PHP ${{ matrix.php_version }} ${{ matrix.os_variant }}:"
echo "$BUILD_STATE" | jq .
- name: Determine Dockerfile path
id: dockerfile
run: |
echo "path=./php-cli/${{ matrix.php_version }}/debian/bookworm/Dockerfile" >> $GITHUB_OUTPUT
echo "base_os=bookworm" >> $GITHUB_OUTPUT
- name: Get PHP patch version
id: php_patch
run: |
BASE_IMAGE="php:${{ matrix.php_version }}-cli-${{ steps.dockerfile.outputs.base_os }}"
PHP_FULL=$(docker run --rm $BASE_IMAGE php -r 'echo PHP_VERSION;')
echo "version=$PHP_FULL" >> $GITHUB_OUTPUT
echo "PHP patch version: $PHP_FULL"
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
# Rolling version tags (recommended for most users)
type=raw,value=${{ matrix.php_version }}-${{ matrix.os_variant }},enable={{is_default_branch}}
# PHP patch version tags for version pinning (e.g., 8.4.7-alpine)
type=raw,value=${{ steps.php_patch.outputs.version }}-${{ matrix.os_variant }},enable={{is_default_branch}}
# Latest tag (points to 8.4-alpine)
type=raw,value=latest-${{ matrix.os_variant }},enable=${{ matrix.php_version == '8.4' && github.ref == 'refs/heads/main' }}
# Immutable SHA tags for reproducibility
type=sha,prefix=${{ matrix.php_version }}-${{ matrix.os_variant }}-,enable={{is_default_branch}}
# Branch tags
type=ref,event=branch,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}
type=ref,event=pr,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}
- name: Build and push Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ${{ steps.dockerfile.outputs.path }}
target: root
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}
cache-to: type=gha,mode=max,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}
- name: Test image
if: github.event_name != 'pull_request'
run: |
IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php_version }}-${{ matrix.os_variant }}"
echo "Testing $IMAGE..."
docker run --rm $IMAGE php -v
docker run --rm $IMAGE php -m | grep -E "opcache|redis|pdo_mysql|gd|imagick"
docker run --rm $IMAGE composer --version
docker run --rm $IMAGE node --version
docker run --rm $IMAGE cbox-init --version
# ─────────────────────────────────────────────────────────────────────────────
# STANDARD ROOTLESS
# ─────────────────────────────────────────────────────────────────────────────
build-rootless-matrix:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php_version: ['8.2', '8.3', '8.4', '8.5']
os_variant: ['bookworm']
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get build lifecycle state
id: lifecycle
run: |
chmod +x ./scripts/get-build-state.sh
BUILD_STATE=$(./scripts/get-build-state.sh ${{ matrix.php_version }} ${{ matrix.os_variant }})
echo "LIFECYCLE=$(echo "$BUILD_STATE" | jq -r '.lifecycle')" >> $GITHUB_OUTPUT
echo "PHP_EOL=$(echo "$BUILD_STATE" | jq -r '.php_eol')" >> $GITHUB_OUTPUT
echo "REMOVAL_DATE=$(echo "$BUILD_STATE" | jq -r '.removal_date // empty')" >> $GITHUB_OUTPUT
echo "PREVIEW_STATUS=$(echo "$BUILD_STATE" | jq -r '.status // empty')" >> $GITHUB_OUTPUT
echo "TAGS_SUFFIX=$(echo "$BUILD_STATE" | jq -r '.tags_suffix // empty')" >> $GITHUB_OUTPUT
echo "Build state for PHP ${{ matrix.php_version }} ${{ matrix.os_variant }} (rootless):"
echo "$BUILD_STATE" | jq .
- name: Determine Dockerfile path
id: dockerfile
run: |
echo "path=./php-cli/${{ matrix.php_version }}/debian/bookworm/Dockerfile" >> $GITHUB_OUTPUT
echo "base_os=bookworm" >> $GITHUB_OUTPUT
- name: Get PHP patch version
id: php_patch
run: |
BASE_IMAGE="php:${{ matrix.php_version }}-cli-${{ steps.dockerfile.outputs.base_os }}"
PHP_FULL=$(docker run --rm $BASE_IMAGE php -r 'echo PHP_VERSION;')
echo "version=$PHP_FULL" >> $GITHUB_OUTPUT
echo "PHP patch version: $PHP_FULL"
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata for rootless images
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
# Rolling version tags (recommended for most users)
type=raw,value=${{ matrix.php_version }}-${{ matrix.os_variant }}-rootless,enable={{is_default_branch}}
# PHP patch version tags for version pinning (e.g., 8.4.7-alpine-rootless)
type=raw,value=${{ steps.php_patch.outputs.version }}-${{ matrix.os_variant }}-rootless,enable={{is_default_branch}}
# Latest tag (points to 8.4-alpine-rootless)
type=raw,value=latest-${{ matrix.os_variant }}-rootless,enable=${{ matrix.php_version == '8.4' && github.ref == 'refs/heads/main' }}
# Immutable SHA tags for reproducibility
type=sha,prefix=${{ matrix.php_version }}-${{ matrix.os_variant }}-rootless-,enable={{is_default_branch}}
# Branch tags
type=ref,event=branch,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-rootless
type=ref,event=pr,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-rootless
- name: Build and push rootless Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ${{ steps.dockerfile.outputs.path }}
target: rootless
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-rootless
cache-to: type=gha,mode=max,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-rootless
- name: Test rootless image
if: github.event_name != 'pull_request'
run: |
IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php_version }}-${{ matrix.os_variant }}-rootless"
echo "Testing rootless image $IMAGE..."
# Verify running as non-root (www-data = uid 82 on Alpine, 33 on Debian)
docker run --rm $IMAGE id -u | grep -E "^(33|82)$"
docker run --rm $IMAGE php -v
docker run --rm $IMAGE php -m | grep -E "opcache|redis|pdo_mysql|gd|imagick"
docker run --rm $IMAGE composer --version
docker run --rm $IMAGE node --version
docker run --rm $IMAGE cbox-init --version
# ═══════════════════════════════════════════════════════════════════════════
# FULL TIER - With Chromium for Browsershot/Dusk (Alpine only)
# ═══════════════════════════════════════════════════════════════════════════
build-full-matrix:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php_version: ['8.2', '8.3', '8.4', '8.5']
os_variant: ['bookworm']
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get build lifecycle state
id: lifecycle
run: |
chmod +x ./scripts/get-build-state.sh
BUILD_STATE=$(./scripts/get-build-state.sh ${{ matrix.php_version }} ${{ matrix.os_variant }})
echo "LIFECYCLE=$(echo "$BUILD_STATE" | jq -r '.lifecycle')" >> $GITHUB_OUTPUT
- name: Determine Dockerfile path
id: dockerfile
run: |
echo "path=./php-cli/${{ matrix.php_version }}/debian/bookworm/Dockerfile" >> $GITHUB_OUTPUT
echo "base_os=bookworm" >> $GITHUB_OUTPUT
- name: Get PHP patch version
id: php_patch
run: |
BASE_IMAGE="php:${{ matrix.php_version }}-cli-${{ steps.dockerfile.outputs.base_os }}"
PHP_FULL=$(docker run --rm $BASE_IMAGE php -r 'echo PHP_VERSION;')
echo "version=$PHP_FULL" >> $GITHUB_OUTPUT
echo "PHP patch version: $PHP_FULL"
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=${{ matrix.php_version }}-${{ matrix.os_variant }}-full,enable={{is_default_branch}}
type=raw,value=${{ steps.php_patch.outputs.version }}-${{ matrix.os_variant }}-full,enable={{is_default_branch}}
type=sha,prefix=${{ matrix.php_version }}-${{ matrix.os_variant }}-full-,enable={{is_default_branch}}
type=ref,event=branch,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-full
type=ref,event=pr,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-full
- name: Build and push full Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ${{ steps.dockerfile.outputs.path }}
target: full-root
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-full
cache-to: type=gha,mode=max,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-full
- name: Test full image
if: github.event_name != 'pull_request'
run: |
IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php_version }}-${{ matrix.os_variant }}-full"
echo "Testing full image $IMAGE..."
docker run --rm $IMAGE php -v
docker run --rm $IMAGE php -m | grep -E "opcache|redis|pdo_mysql|gd|imagick"
docker run --rm $IMAGE composer --version
docker run --rm $IMAGE node --version
docker run --rm $IMAGE cbox-init --version
# Verify Chromium is installed
docker run --rm $IMAGE which chromium-browser || docker run --rm $IMAGE which chromium
# ─────────────────────────────────────────────────────────────────────────────
# FULL ROOTLESS (Alpine only - Debian doesn't have tiered builds)
# ─────────────────────────────────────────────────────────────────────────────
build-full-rootless-matrix:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
php_version: ['8.2', '8.3', '8.4', '8.5']
os_variant: ['bookworm']
permissions:
contents: read
packages: write
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Get build lifecycle state
id: lifecycle
run: |
chmod +x ./scripts/get-build-state.sh
BUILD_STATE=$(./scripts/get-build-state.sh ${{ matrix.php_version }} ${{ matrix.os_variant }})
echo "LIFECYCLE=$(echo "$BUILD_STATE" | jq -r '.lifecycle')" >> $GITHUB_OUTPUT
- name: Determine Dockerfile path
id: dockerfile
run: |
echo "path=./php-cli/${{ matrix.php_version }}/debian/bookworm/Dockerfile" >> $GITHUB_OUTPUT
echo "base_os=bookworm" >> $GITHUB_OUTPUT
- name: Get PHP patch version
id: php_patch
run: |
BASE_IMAGE="php:${{ matrix.php_version }}-cli-${{ steps.dockerfile.outputs.base_os }}"
PHP_FULL=$(docker run --rm $BASE_IMAGE php -r 'echo PHP_VERSION;')
echo "version=$PHP_FULL" >> $GITHUB_OUTPUT
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: network=host
- name: Log in to Container Registry
uses: docker/login-action@v3
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Extract metadata
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
tags: |
type=raw,value=${{ matrix.php_version }}-${{ matrix.os_variant }}-full-rootless,enable={{is_default_branch}}
type=raw,value=${{ steps.php_patch.outputs.version }}-${{ matrix.os_variant }}-full-rootless,enable={{is_default_branch}}
type=sha,prefix=${{ matrix.php_version }}-${{ matrix.os_variant }}-full-rootless-,enable={{is_default_branch}}
type=ref,event=branch,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-full-rootless
type=ref,event=pr,suffix=-${{ matrix.php_version }}-${{ matrix.os_variant }}-full-rootless
- name: Build and push full rootless Docker image
uses: docker/build-push-action@v5
with:
context: .
file: ${{ steps.dockerfile.outputs.path }}
target: full-rootless
platforms: linux/amd64,linux/arm64
push: ${{ github.event_name != 'pull_request' }}
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-full-rootless
cache-to: type=gha,mode=max,scope=cli-${{ matrix.php_version }}-${{ matrix.os_variant }}-full-rootless
- name: Test full rootless image
if: github.event_name != 'pull_request'
run: |
IMAGE="${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php_version }}-${{ matrix.os_variant }}-full-rootless"
echo "Testing full rootless image $IMAGE..."
docker run --rm $IMAGE id -u | grep -E "^(33|82)$"
docker run --rm $IMAGE php -v
docker run --rm $IMAGE composer --version
docker run --rm $IMAGE which chromium-browser || docker run --rm $IMAGE which chromium