Skip to content

Fix typo and hadolint #86

Fix typo and hadolint

Fix typo and hadolint #86

Workflow file for this run

name: DevOps
on:
schedule:
- cron: '5 4 * * 2'
push:
pull_request:
env:
GHCR_REGISTRY: ghcr.io
IMAGE_NAME: llaumgui/php-fpm
LATEST: '8.2'
jobs:
##############################################################################
# Dockerfile tests job
#
test_dockerfiles:
runs-on: ubuntu-latest
name: Linters for Dockerfile
steps:
- name: Git checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: hadolint
if: github.event.schedule == ''
uses: hadolint/[email protected]
with:
recursive: true
##############################################################################
# Several linter tests job
#
test_linters:
runs-on: ubuntu-latest
name: Linters and checkstyle
steps:
- name: Git checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Use markdownlint-cli2
uses: DavidAnson/markdownlint-cli2-action@v11
with:
config: .markdownlint.yaml
- name: Use editorconfig-checker
uses: editorconfig-checker/action-editorconfig-checker@main
##############################################################################
# Build and tests job
#
build_test:
runs-on: ubuntu-latest
name: Build and test docker images
strategy:
fail-fast: false
matrix:
php-version: ["8.1", "8.2", "8.2-nextcloud"]
steps:
- name: Git checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v4
with:
images:
${{ env.IMAGE_NAME }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build Docker image
uses: docker/build-push-action@v4
with:
context: ${{ matrix.php-version }}
tags: |
${{ github.actor }}/php:${{ matrix.php-version }}
labels: ${{ steps.meta.outputs.labels }}
# Test with Trivy
# https://github.com/aquasecurity/trivy-action
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: ${{ github.actor }}/php:${{ matrix.php-version }}
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results.sarif'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results.sarif'
##############################################################################
# Build and deploy job (only on main)
#
build_deploy:
if: github.ref == 'refs/heads/main'
needs: [
test_dockerfiles,
test_linters,
build_test
]
runs-on: ubuntu-latest
name: Build and deploy docker images
strategy:
fail-fast: false
matrix:
php-version: ["8.1", "8.2", "8.2-nextcloud"]
steps:
- name: Git checkout
uses: actions/checkout@v3
with:
fetch-depth: 0
# Login against 2 Docker registries except on PR
# https://github.com/docker/login-action
- name: Log in to Docker Hub
if: github.event_name != 'pull_request'
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Log into registry ${{ env.GHCR_REGISTRY }}
if: github.event_name != 'pull_request'
uses: docker/login-action@v2
with:
registry: ${{ env.GHCR_REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Extract metadata (tags, labels) for Docker
# https://github.com/docker/metadata-action
- name: Extract Docker metadata
id: meta
uses: docker/metadata-action@v4
with:
images: |
${{ env.IMAGE_NAME }}
${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}
# Build and push Docker image with Buildx (don't push on PR)
# https://github.com/docker/build-push-action
- name: Build and push Docker image
if: matrix.php-version == ${{ env.LATEST }}
uses: docker/build-push-action@v4
with:
context: ${{ matrix.php-version }}
push: ${{ github.event_name != 'pull_request' }}
tags: |
${{ github.actor }}/php:${{ matrix.php-version }}
${{ github.actor }}/php:latest
${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php-version }}
${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:latest
labels: ${{ steps.meta.outputs.labels }}
- name: Build and push Docker image
if: matrix.php-version != ${{ env.LATEST }}
uses: docker/build-push-action@v4
with:
context: ${{ matrix.php-version }}
push: ${{ github.event_name != 'pull_request' }}
tags: |
${{ github.actor }}/php:${{ matrix.php-version }}
${{ env.GHCR_REGISTRY }}/${{ env.IMAGE_NAME }}:${{ matrix.php-version }}
labels: ${{ steps.meta.outputs.labels }}