Update dockerfile and CI

bkildow · bkildow · commit 34d819ded6af · 2022-03-04T14:35:44.000-05:00
diff --git a/.github/workflows/default.yml b/.github/workflows/default.yml
@@ -0,0 +1,75 @@
+---
+name: 'build images'
+
+on:
+  push:
+    branches:
+      - main
+  workflow_dispatch:
+  
+jobs:
+  build:
+    name: "Build: ${{ matrix.version }}"
+    runs-on: ubuntu-20.04
+
+    strategy:
+      fail-fast: false # Don't cancel other jobs if one fails
+      matrix:
+        include:
+          - version: '7.4'
+          - version: '8.0'
+          - version: '8.1'
+
+    env:
+      VERSION: ${{ matrix.version }}
+      
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      - name: Prepare
+        id: prep
+        run: |
+          DOCKER_IMAGE=${{ secrets.DOCKER_USERNAME }}/${GITHUB_REPOSITORY#*/}
+          VERSION=php${{ matrix.version }}
+          SHORTREF=${GITHUB_SHA::8}
+
+          TAGS="${DOCKER_IMAGE}:${VERSION},${DOCKER_IMAGE}:${SHORTREF}"
+
+          # Set output parameters.
+          echo ::set-output name=tags::${TAGS}
+          echo ::set-output name=docker_image::${DOCKER_IMAGE}
+
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+        with:
+          platforms: all
+
+      - name: Set up Docker Buildx
+        id: buildx
+        uses: docker/setup-buildx-action@v1
+
+      - name: Login to DockerHub
+        if: github.event_name != 'pull_request'
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKER_USERNAME }}
+          password: ${{ secrets.DOCKER_TOKEN }}
+      # -
+      #   name: Login to GitHub Container Registry
+      #   uses: docker/login-action@v1 
+      #   with:
+      #     registry: ghcr.io
+      #     username: ${{ github.repository_owner }}
+      #     password: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Build
+        uses: docker/build-push-action@v2
+        with:
+          builder: ${{ steps.buildx.outputs.name }}
+          context: ./src
+          file: ./src/Dockerfile
+          build-args: CLI_VERSION=php${{ matrix.version }}
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.prep.outputs.tags }}
diff --git a/.hadolint.yml b/.hadolint.yml
@@ -0,0 +1,2 @@
+ignored:
+  - DL4001
diff --git a/Dockerfile b/Dockerfile
diff --git a/src/Dockerfile b/src/Dockerfile
@@ -0,0 +1,63 @@
+ARG CLI_VERSION={{cli_version}}
+
+# Extend the Docksal CLI per https://docs.docksal.io/stack/extend-images/
+FROM docksal/cli:${CLI_VERSION}
+
+# See https://github.com/hadolint/hadolint/wiki/DL4006
+SHELL ["/bin/bash", "-o", "pipefail", "-c"]
+
+# NOTE: This only works on X86_64 Arch. 
+#
+# Puppeteer dependencies taken from https://github.com/puppeteer/puppeteer/blob/main/docs/troubleshooting.md#running-puppeteer-in-docker
+# Install addtional apt packages needed for pa11y and puppeteer
+# Add vim
+# hadolint ignore=DL3015,DL3008
+# RUN apt-get update && \
+#   apt-get install -y wget gnupg && \
+#   wget -q -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \
+#   sh -c 'echo "deb [arch=$(dpkg --print-architecture)] http://dl.google.com/linux/chrome/deb/ stable main" >> /etc/apt/sources.list.d/google.list' && \
+#   apt-get update && \
+#   apt-get install -y --no-install-recommends google-chrome-stable \
+#   fonts-ipafont-gothic \
+#   fonts-wqy-zenhei \
+#   fonts-thai-tlwg \ 
+#   fonts-kacst \
+#   fonts-freefont-ttf \
+#   libxss1 \ 
+#    && \
+#   apt-get install -y vim --no-install-recommends && \
+#   rm -rf /var/lib/apt/lists/*
+
+ARG HELM_VERSION=v2.17.0
+
+# Install kubectl and helm client
+RUN curl -o /usr/local/bin/kubectl -LO "https://storage.googleapis.com/kubernetes-release/release/$(curl -s https://storage.googleapis.com/kubernetes-release/release/stable.txt)/bin/linux/$(dpkg --print-architecture)/kubectl" && \
+  chmod +x /usr/local/bin/kubectl && \
+  curl -o ./install_helm.sh https://raw.githubusercontent.com/kubernetes/helm/master/scripts/get && \
+  chmod +x ./install_helm.sh && \
+  ./install_helm.sh -v ${HELM_VERSION} && \
+  helm init --client-only
+
+# Install AWS cli
+COPY awscli.pubkey /tmp/
+RUN curl "https://awscli.amazonaws.com/awscli-exe-linux-$(uname -m).zip" -o "awscliv2.zip" && \
+  gpg --import /tmp/awscli.pubkey && \
+  curl -s -o awscliv2.sig https://awscli.amazonaws.com/awscli-exe-linux-$(uname -m).zip.sig && \
+  gpg --verify awscliv2.sig awscliv2.zip && \
+  unzip -q awscliv2.zip && \
+  ./aws/install && \
+  rm awscliv2.zip && rm -rf aws
+
+# All further commands will be performed as the docker user.
+USER docker
+SHELL ["/bin/bash", "-c"]
+
+# Install additional global npm dependencies
+RUN \
+  # Initialize the user environment (this loads nvm)
+  . "$HOME"/.profile && \
+  # Install node packages
+  yarn global add puppeteer@1.20.0 pa11y@5 pa11y-ci@2 http-server
+
+# IMPORTANT! Switching back to the root user as the last instruction.
+USER root
diff --git a/src/awscli.pubkey b/src/awscli.pubkey
@@ -0,0 +1,29 @@
+-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQINBF2Cr7UBEADJZHcgusOJl7ENSyumXh85z0TRV0xJorM2B/JL0kHOyigQluUG
+ZMLhENaG0bYatdrKP+3H91lvK050pXwnO/R7fB/FSTouki4ciIx5OuLlnJZIxSzx
+PqGl0mkxImLNbGWoi6Lto0LYxqHN2iQtzlwTVmq9733zd3XfcXrZ3+LblHAgEt5G
+TfNxEKJ8soPLyWmwDH6HWCnjZ/aIQRBTIQ05uVeEoYxSh6wOai7ss/KveoSNBbYz
+gbdzoqI2Y8cgH2nbfgp3DSasaLZEdCSsIsK1u05CinE7k2qZ7KgKAUIcT/cR/grk
+C6VwsnDU0OUCideXcQ8WeHutqvgZH1JgKDbznoIzeQHJD238GEu+eKhRHcz8/jeG
+94zkcgJOz3KbZGYMiTh277Fvj9zzvZsbMBCedV1BTg3TqgvdX4bdkhf5cH+7NtWO
+lrFj6UwAsGukBTAOxC0l/dnSmZhJ7Z1KmEWilro/gOrjtOxqRQutlIqG22TaqoPG
+fYVN+en3Zwbt97kcgZDwqbuykNt64oZWc4XKCa3mprEGC3IbJTBFqglXmZ7l9ywG
+EEUJYOlb2XrSuPWml39beWdKM8kzr1OjnlOm6+lpTRCBfo0wa9F8YZRhHPAkwKkX
+XDeOGpWRj4ohOx0d2GWkyV5xyN14p2tQOCdOODmz80yUTgRpPVQUtOEhXQARAQAB
+tCFBV1MgQ0xJIFRlYW0gPGF3cy1jbGlAYW1hem9uLmNvbT6JAlQEEwEIAD4WIQT7
+Xbd/1cEYuAURraimMQrMRnJHXAUCXYKvtQIbAwUJB4TOAAULCQgHAgYVCgkICwIE
+FgIDAQIeAQIXgAAKCRCmMQrMRnJHXJIXEAChLUIkg80uPUkGjE3jejvQSA1aWuAM
+yzy6fdpdlRUz6M6nmsUhOExjVIvibEJpzK5mhuSZ4lb0vJ2ZUPgCv4zs2nBd7BGJ
+MxKiWgBReGvTdqZ0SzyYH4PYCJSE732x/Fw9hfnh1dMTXNcrQXzwOmmFNNegG0Ox
+au+VnpcR5Kz3smiTrIwZbRudo1ijhCYPQ7t5CMp9kjC6bObvy1hSIg2xNbMAN/Do
+ikebAl36uA6Y/Uczjj3GxZW4ZWeFirMidKbtqvUz2y0UFszobjiBSqZZHCreC34B
+hw9bFNpuWC/0SrXgohdsc6vK50pDGdV5kM2qo9tMQ/izsAwTh/d/GzZv8H4lV9eO
+tEis+EpR497PaxKKh9tJf0N6Q1YLRHof5xePZtOIlS3gfvsH5hXA3HJ9yIxb8T0H
+QYmVr3aIUes20i6meI3fuV36VFupwfrTKaL7VXnsrK2fq5cRvyJLNzXucg0WAjPF
+RrAGLzY7nP1xeg1a0aeP+pdsqjqlPJom8OCWc1+6DWbg0jsC74WoesAqgBItODMB
+rsal1y/q+bPzpsnWjzHV8+1/EtZmSc8ZUGSJOPkfC7hObnfkl18h+1QtKTjZme4d
+H17gsBJr+opwJw/Zio2LMjQBOqlm3K1A4zFTh7wBC7He6KPQea1p2XAMgtvATtNe
+YLZATHZKTJyiqA==
+=vYOk
+-----END PGP PUBLIC KEY BLOCK-----
