Release #339
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Release | |
on: | |
push: | |
branches: [ main ] | |
pull_request: ~ | |
release: | |
types: [ created ] | |
schedule: | |
# Do not make it the first of the month and/or midnight since it is a very busy time | |
- cron: "* 10 5 * *" | |
# See https://stackoverflow.com/a/72408109 | |
concurrency: | |
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} | |
cancel-in-progress: true | |
env: | |
DOCKERFILE: Dockerfile | |
DOCKERHUB_USERNAME: humbugphp | |
jobs: | |
build-phar: | |
runs-on: ubuntu-latest | |
name: Build PHAR | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup PHP | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: '8.2' | |
ini-values: phar.readonly=0 | |
tools: composer | |
coverage: none | |
- name: Install Composer dependencies | |
uses: ./.github/actions/install-vendor | |
- name: Configure the PHP platform | |
run: composer config platform.php $(php -r 'echo phpversion();') && composer update --lock | |
- name: Build PHAR | |
run: make build | |
# Smoke test | |
- name: Ensure the PHAR works | |
run: bin/php-scoper.phar --version | |
- name: Import GPG key | |
if: github.event_name == 'release' | |
uses: crazy-max/ghaction-import-gpg@v6 | |
with: | |
gpg_private_key: ${{ secrets.GPG_KEY_74A754C9778AA03AA451D1C1A000F927D67184EE }} | |
passphrase: ${{ secrets.GPG_KEY_74A754C9778AA03AA451D1C1A000F927D67184EE_PASSPHRASE }} | |
- name: Sign the PHAR | |
if: github.event_name == 'release' | |
run: | | |
gpg --local-user [email protected] \ | |
--batch \ | |
--yes \ | |
--passphrase="${{ secrets.GPG_KEY_74A754C9778AA03AA451D1C1A000F927D67184EE_PASSPHRASE }}" \ | |
--detach-sign \ | |
--output bin/php-scoper.phar.asc \ | |
bin/php-scoper.phar | |
- name: Upload the PHAR artifact | |
uses: actions/upload-artifact@v3 | |
with: | |
name: php-scoper-phar | |
path: | | |
bin/php-scoper.phar | |
bin/php-scoper.phar.asc | |
publish-phar: | |
runs-on: ubuntu-latest | |
name: Publish PHAR | |
needs: | |
- 'build-phar' | |
if: github.event_name == 'release' | |
permissions: | |
contents: write | |
steps: | |
- uses: actions/download-artifact@v3 | |
with: | |
name: php-scoper-phar | |
path: . | |
- name: Upload php-scoper.phar | |
uses: softprops/action-gh-release@v1 | |
with: | |
token: ${{ secrets.GITHUB_TOKEN }} | |
files: | | |
php-scoper.phar | |
php-scoper.phar.asc | |
publish-docker-image: | |
runs-on: ubuntu-latest | |
name: Publish the Docker image | |
needs: | |
- build-phar | |
steps: | |
- name: Checkout | |
uses: actions/checkout@v4 | |
- name: Setup PHP | |
uses: shivammathur/setup-php@v2 | |
with: | |
php-version: '8.2' | |
- uses: actions/download-artifact@v3 | |
with: | |
name: php-scoper-phar | |
path: . | |
# See https://github.com/actions/download-artifact#limitations | |
# the permissions are not guaranteed to be preserved | |
- name: Ensure PHAR is executable | |
run: | | |
chmod 755 php-scoper.phar | |
mv -vf php-scoper.phar bin/php-scoper.phar | |
./bin/php-scoper.phar --ansi --version | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v3 | |
- name: Set up Docker Buildx | |
uses: docker/setup-buildx-action@v3 | |
- name: Login to Docker Container Registry | |
if: github.event_name == 'release' | |
uses: docker/login-action@v3 | |
with: | |
username: ${{ env.DOCKERHUB_USERNAME }} | |
password: ${{ secrets.DOCKERHUB_TOKEN }} | |
- name: Setup the Docker (release) tag(s) | |
if: github.event_name == 'release' | |
# Selects a random value for $EOF as a delimiter, and sets the DOCKER_TAGS environment variable | |
# as a multi-line environment variable. | |
run: | | |
EOF=$(dd if=/dev/urandom bs=15 count=1 status=none | base64) | |
echo "DOCKER_TAGS<<$EOF" >> $GITHUB_ENV | |
echo "${{ env.DOCKERHUB_USERNAME }}/php-scoper:${{ github.ref_name }}" >> $GITHUB_ENV | |
echo "${{ env.DOCKERHUB_USERNAME }}/php-scoper:latest" >> $GITHUB_ENV | |
echo "$EOF" >> $GITHUB_ENV | |
echo "DOCKER_TEST_TAG=${{ env.DOCKERHUB_USERNAME }}/php-scoper:latest" >> $GITHUB_ENV | |
- name: Login to GitHub Container Registry | |
if: github.event_name != 'release' | |
uses: docker/login-action@v3 | |
with: | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Setup the Docker tag(s) | |
if: github.event_name != 'release' | |
run: | | |
echo "DOCKER_TAGS=ghcr.io/humbugphp/php-scoper" >> $GITHUB_ENV | |
echo "DOCKER_TEST_TAG=ghcr.io/humbugphp/php-scoper" >> $GITHUB_ENV | |
- name: Build and export to Docker | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ${{ env.DOCKERFILE }} | |
platforms: linux/amd64 | |
tags: ${{ env.DOCKER_TAGS }} | |
load: true | |
- name: Test the (release) image | |
run: docker run --rm ${{ env.DOCKER_TEST_TAG }} --version | |
- name: Build and push | |
if: github.event_name == 'release' | |
uses: docker/build-push-action@v5 | |
with: | |
context: . | |
file: ${{ env.DOCKERFILE }} | |
platforms: linux/amd64 | |
tags: ${{ env.DOCKER_TAGS }} | |
push: true |