-
Notifications
You must be signed in to change notification settings - Fork 112
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
9 changed files
with
1,148 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,93 @@ | ||
name: Build, test and publish compatibility images | ||
|
||
on: | ||
schedule: | ||
# chosen by fair dice roll | ||
- cron: '42 18 * * 3' | ||
push: | ||
branches: | ||
- main | ||
pull_request: | ||
types: [opened, synchronize] | ||
|
||
jobs: | ||
test: | ||
name: Build and test images | ||
runs-on: ubuntu-latest | ||
if: ${{ !contains(github.event.commits[0].message, '[skip ci]') && !contains(github.event.commits[0].message, '[ci skip]') }} | ||
strategy: | ||
matrix: | ||
version: [ '5.6' ] | ||
flavor: [ '', '-apache', '-fpm' ] | ||
services: | ||
registry: | ||
image: registry:2 | ||
ports: | ||
- 5000:5000 | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
|
||
- name: Build image for testing | ||
uses: docker/build-push-action@v5 | ||
with: | ||
cache-from: type=registry,ref=chialab/php-compat:${{ matrix.version }}${{ matrix.flavor }} | ||
cache-to: type=inline | ||
context: ./compat | ||
file: ${{ format('compat/{0}.{1}{2}', 'Dockerfile', matrix.version, matrix.flavor) }} | ||
tags: localhost:5000/chialab/php-compat:${{ matrix.version }}${{ matrix.flavor }} | ||
push: true | ||
|
||
- name: Test image | ||
env: | ||
REGISTRY: localhost:5000/ | ||
VERSION: ${{ matrix.version }}${{ matrix.flavor }} | ||
run: 'docker pull localhost:5000/chialab/php-compat:${{ matrix.version }}${{ matrix.flavor }} && make -C compat test' | ||
|
||
publish: | ||
name: Build and publish multi-architecture images | ||
runs-on: ubuntu-latest | ||
needs: test | ||
if: ${{ github.event_name != 'pull_request' && !contains(github.event.commits[0].message, '[skip ci]') && !contains(github.event.commits[0].message, '[ci skip]') }} | ||
strategy: | ||
matrix: | ||
version: [ '5.6' ] | ||
flavor: [ '', '-apache', '-fpm' ] | ||
steps: | ||
- name: Checkout | ||
uses: actions/checkout@v4 | ||
|
||
- name: Set up QEMU | ||
run: | | ||
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes | ||
- name: Set up Docker Buildx | ||
uses: docker/setup-buildx-action@v3 | ||
with: | ||
driver-opts: network=host | ||
|
||
- name: Login to DockerHub | ||
uses: docker/login-action@v3 | ||
with: | ||
username: ${{ secrets.DOCKER_USERNAME }} | ||
password: ${{ secrets.DOCKER_PASSWORD }} | ||
|
||
- name: Login to GitHub Container Registry | ||
uses: docker/login-action@v3 | ||
with: | ||
registry: ghcr.io | ||
username: ${{ github.repository_owner }} | ||
password: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Build image and push to registry | ||
uses: docker/build-push-action@v5 | ||
with: | ||
platforms: linux/amd64,linux/arm64 | ||
cache-from: type=registry,ref=chialab/php-compat:${{ matrix.version }}${{ matrix.flavor }} | ||
cache-to: type=inline | ||
context: ./compat | ||
file: ${{ format('compat/{0}.{1}{2}', 'Dockerfile', matrix.version, matrix.flavor) }} | ||
tags: | | ||
chialab/php-compat:${{ matrix.version }}${{ matrix.flavor }} | ||
ghcr.io/chialab/php-compat:${{ matrix.version }}${{ matrix.flavor }} | ||
push: true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,260 @@ | ||
# | ||
# This is taken from the official PHP image's Dockerfile (https://github.com/docker-library/php/tree/783878384a8f3953ed571e5a34ba0fe546726c85) | ||
# and slightly fixed to work in this day and age. | ||
# | ||
|
||
FROM debian:stretch-slim | ||
|
||
LABEL maintainer="[email protected]" | ||
|
||
# Fix Debian 9 (Stretch) source list, because it has been moved to archive, and update packages. | ||
RUN sed -i -e 's/deb.debian.org/archive.debian.org/g' \ | ||
-e 's/security.debian.org/archive.debian.org/g' \ | ||
-e '/stretch-updates/d' /etc/apt/sources.list \ | ||
&& apt-get update && apt-get upgrade -y | ||
|
||
# prevent Debian's PHP packages from being installed | ||
# https://github.com/docker-library/php/pull/542 | ||
RUN set -eux; \ | ||
{ \ | ||
echo 'Package: php*'; \ | ||
echo 'Pin: release *'; \ | ||
echo 'Pin-Priority: -1'; \ | ||
} > /etc/apt/preferences.d/no-debian-php | ||
|
||
# dependencies required for running "phpize" | ||
# (see persistent deps below) | ||
ENV PHPIZE_DEPS \ | ||
autoconf \ | ||
dpkg-dev \ | ||
file \ | ||
g++ \ | ||
gcc \ | ||
libc-dev \ | ||
make \ | ||
pkg-config \ | ||
re2c | ||
|
||
# persistent / runtime deps | ||
RUN apt-get update && apt-get install -y \ | ||
$PHPIZE_DEPS \ | ||
ca-certificates \ | ||
curl \ | ||
xz-utils \ | ||
--no-install-recommends && rm -r /var/lib/apt/lists/* | ||
|
||
ENV PHP_INI_DIR /usr/local/etc/php | ||
RUN mkdir -p $PHP_INI_DIR/conf.d | ||
|
||
##<autogenerated>## | ||
##</autogenerated>## | ||
|
||
# Apply stack smash protection to functions using local buffers and alloca() | ||
# Make PHP's main executable position-independent (improves ASLR security mechanism, and has no performance impact on x86_64) | ||
# Enable optimization (-O2) | ||
# Enable linker optimization (this sorts the hash buckets to improve cache locality, and is non-default) | ||
# Adds GNU HASH segments to generated executables (this is used if present, and is much faster than sysv hash; in this configuration, sysv hash is also generated) | ||
# https://github.com/docker-library/php/issues/272 | ||
ENV PHP_CFLAGS="-fstack-protector-strong -fpic -fpie -O2" | ||
ENV PHP_CPPFLAGS="$PHP_CFLAGS" | ||
ENV PHP_LDFLAGS="-Wl,-O1 -Wl,--hash-style=both -pie" | ||
|
||
ENV GPG_KEYS 0BD78B5F97500D450838F95DFE857D9A90D90EC1 6E4F6AB321FDC07F2C332E3AC2BF0BC433CFC8B3 | ||
|
||
ENV PHP_VERSION 5.6.40 | ||
ENV PHP_URL="https://secure.php.net/get/php-5.6.40.tar.xz/from/this/mirror" PHP_ASC_URL="https://secure.php.net/get/php-5.6.40.tar.xz.asc/from/this/mirror" | ||
ENV PHP_SHA256="1369a51eee3995d7fbd1c5342e5cc917760e276d561595b6052b21ace2656d1c" PHP_MD5="" | ||
|
||
RUN set -xe; \ | ||
\ | ||
fetchDeps=' \ | ||
wget \ | ||
'; \ | ||
if ! command -v gpg > /dev/null; then \ | ||
fetchDeps="$fetchDeps \ | ||
dirmngr \ | ||
gnupg \ | ||
"; \ | ||
fi; \ | ||
apt-get update; \ | ||
apt-get install -y --no-install-recommends $fetchDeps; \ | ||
rm -rf /var/lib/apt/lists/*; \ | ||
\ | ||
mkdir -p /usr/src; \ | ||
cd /usr/src; \ | ||
\ | ||
wget -O php.tar.xz "$PHP_URL"; \ | ||
\ | ||
if [ -n "$PHP_SHA256" ]; then \ | ||
echo "$PHP_SHA256 *php.tar.xz" | sha256sum -c -; \ | ||
fi; \ | ||
if [ -n "$PHP_MD5" ]; then \ | ||
echo "$PHP_MD5 *php.tar.xz" | md5sum -c -; \ | ||
fi; \ | ||
\ | ||
if [ -n "$PHP_ASC_URL" ]; then \ | ||
wget -O php.tar.xz.asc "$PHP_ASC_URL"; \ | ||
export GNUPGHOME="$(mktemp -d)"; \ | ||
for key in $GPG_KEYS; do \ | ||
gpg --batch --keyserver keyserver.ubuntu.com --recv-keys "$key"; \ | ||
done; \ | ||
gpg --batch --verify php.tar.xz.asc php.tar.xz; \ | ||
command -v gpgconf > /dev/null && gpgconf --kill all; \ | ||
rm -rf "$GNUPGHOME"; \ | ||
fi; \ | ||
\ | ||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false $fetchDeps | ||
|
||
COPY --from=php:5.6 /usr/local/bin/docker-php-source /usr/local/bin/ | ||
|
||
RUN set -eux; \ | ||
\ | ||
savedAptMark="$(apt-mark showmanual)"; \ | ||
apt-get update; \ | ||
apt-get install -y --no-install-recommends \ | ||
libcurl4-openssl-dev \ | ||
libedit-dev \ | ||
libsqlite3-dev \ | ||
libssl1.0-dev \ | ||
libxml2-dev \ | ||
zlib1g-dev \ | ||
libmariadb2 libmariadbclient-dev-compat \ | ||
${PHP_EXTRA_BUILD_DEPS:-} \ | ||
; \ | ||
rm -rf /var/lib/apt/lists/*; \ | ||
\ | ||
export \ | ||
CFLAGS="$PHP_CFLAGS" \ | ||
CPPFLAGS="$PHP_CPPFLAGS" \ | ||
LDFLAGS="$PHP_LDFLAGS" \ | ||
; \ | ||
docker-php-source extract; \ | ||
cd /usr/src/php; \ | ||
gnuArch="$(dpkg-architecture --query DEB_BUILD_GNU_TYPE)"; \ | ||
debMultiarch="$(dpkg-architecture --query DEB_BUILD_MULTIARCH)"; \ | ||
# https://bugs.php.net/bug.php?id=74125 | ||
if [ ! -d /usr/include/curl ]; then \ | ||
ln -sT "/usr/include/$debMultiarch/curl" /usr/local/include/curl; \ | ||
fi; \ | ||
./configure \ | ||
--build="$gnuArch" \ | ||
--with-config-file-path="$PHP_INI_DIR" \ | ||
--with-config-file-scan-dir="$PHP_INI_DIR/conf.d" \ | ||
\ | ||
# make sure invalid --configure-flags are fatal errors intead of just warnings | ||
--enable-option-checking=fatal \ | ||
\ | ||
# https://github.com/docker-library/php/issues/439 | ||
--with-mhash \ | ||
\ | ||
# --enable-ftp is included here because ftp_ssl_connect() needs ftp to be compiled statically (see https://github.com/docker-library/php/issues/236) | ||
--enable-ftp \ | ||
# --enable-mbstring is included here because otherwise there's no way to get pecl to use it properly (see https://github.com/docker-library/php/issues/195) | ||
--enable-mbstring \ | ||
# Use MariaDB's libmysqlclient library instead of mysqlnd to be able to communicate with MySQL 8+, which uses new locales of the utf8mb4 family that are unknown to old mysqlnd | ||
--disable-mysqlnd \ | ||
--with-mysql="/usr" \ | ||
--with-mysqli="/usr/bin/mysql_config" \ | ||
--with-pdo-mysql="/usr" \ | ||
\ | ||
--with-curl \ | ||
--with-libedit \ | ||
--with-openssl \ | ||
--with-zlib \ | ||
\ | ||
# bundled pcre does not support JIT on s390x | ||
# https://manpages.debian.org/stretch/libpcre3-dev/pcrejit.3.en.html#AVAILABILITY_OF_JIT_SUPPORT | ||
$(test "$gnuArch" = 's390x-linux-gnu' && echo '--without-pcre-jit') \ | ||
--with-libdir="lib/$debMultiarch" \ | ||
\ | ||
${PHP_EXTRA_CONFIGURE_ARGS:-} \ | ||
; \ | ||
make -j "$(nproc)"; \ | ||
make install; \ | ||
find /usr/local/bin /usr/local/sbin -type f -executable -exec strip --strip-all '{}' + || true; \ | ||
make clean; \ | ||
\ | ||
# https://github.com/docker-library/php/issues/692 (copy default example "php.ini" files somewhere easily discoverable) | ||
cp -v php.ini-* "$PHP_INI_DIR/"; \ | ||
\ | ||
cd /; \ | ||
docker-php-source delete; \ | ||
\ | ||
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies | ||
apt-mark auto '.*' > /dev/null; \ | ||
[ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; \ | ||
find /usr/local -type f -executable -exec ldd '{}' ';' \ | ||
| awk '/=>/ { print $(NF-1) }' \ | ||
| sort -u \ | ||
| xargs -r dpkg-query --search \ | ||
| cut -d: -f1 \ | ||
| sort -u \ | ||
| xargs -r apt-mark manual \ | ||
; \ | ||
apt-get purge -y --auto-remove -o APT::AutoRemove::RecommendsImportant=false; \ | ||
\ | ||
php --version; \ | ||
\ | ||
# https://github.com/docker-library/php/issues/443 | ||
pecl update-channels; \ | ||
rm -rf /tmp/pear ~/.pearrc | ||
|
||
COPY --from=php:5.6 /usr/local/bin/docker-php-ext-* /usr/local/bin/docker-php-entrypoint /usr/local/bin/ | ||
|
||
ENTRYPOINT ["docker-php-entrypoint"] | ||
##<autogenerated>## | ||
CMD ["php", "-a"] | ||
##</autogenerated>## | ||
|
||
# Download script to install PHP extensions and dependencies | ||
ADD https://github.com/mlocati/docker-php-extension-installer/releases/latest/download/install-php-extensions /usr/local/bin/ | ||
|
||
RUN chmod +x /usr/local/bin/install-php-extensions | ||
|
||
RUN DEBIAN_FRONTEND=noninteractive apt-get update -q \ | ||
&& DEBIAN_FRONTEND=noninteractive apt-get install -qq -y \ | ||
curl \ | ||
git \ | ||
zip unzip \ | ||
# iconv, mbstring and pdo_sqlite are omitted as they are already installed | ||
&& PHP_EXTENSIONS=" \ | ||
amqp \ | ||
bcmath \ | ||
bz2 \ | ||
calendar \ | ||
event \ | ||
exif \ | ||
gd \ | ||
gettext \ | ||
imagick \ | ||
intl \ | ||
ldap \ | ||
mcrypt \ | ||
memcached \ | ||
mysql \ | ||
mysqli \ | ||
opcache \ | ||
pdo_mysql \ | ||
pdo_pgsql \ | ||
pgsql \ | ||
redis \ | ||
soap \ | ||
sockets \ | ||
xsl \ | ||
zip \ | ||
" \ | ||
&& install-php-extensions $PHP_EXTENSIONS | ||
|
||
# Install Composer. | ||
ENV PATH=$PATH:/root/composer/vendor/bin \ | ||
COMPOSER_ALLOW_SUPERUSER=1 \ | ||
COMPOSER_HOME=/root/composer | ||
RUN cd /opt \ | ||
# Download installer and check for its integrity. | ||
&& curl -sSL https://getcomposer.org/installer > composer-setup.php \ | ||
&& curl -sSL https://composer.github.io/installer.sha384sum > composer-setup.sha384sum \ | ||
&& sha384sum --check composer-setup.sha384sum \ | ||
# Install Composer 2. | ||
&& php composer-setup.php --install-dir=/usr/local/bin --filename=composer --2 \ | ||
# Remove installer files. | ||
&& rm /opt/composer-setup.php /opt/composer-setup.sha384sum |
Oops, something went wrong.