Build and push Docker images #712

Workflow file for this run

.github/workflows/build-and-push.yml at 342acd0

	name: Build and push Docker images

	on:
	workflow_dispatch:
	schedule:
	- cron: "30 2 * * *" # Runs at 02:30 UTC every day
	push:
	tags:
	- "..*"
	permissions:
	contents: read
	env:
	BUILD_PLATFORMS: linux/amd64, linux/arm64

	jobs:
	build-php-images:
	name: Build PHP images
	runs-on: ubuntu-latest
	strategy:
	matrix:
	php: ["8.2", "8.1", "8.0"]
	type: ["php-fpm", "cli"]
	include:
	- type: php-fpm
	type_short: fpm

	- type: cli
	type_short: cli
	steps:
	- name: Set env
	run: \|
	echo "PROD_IMAGE_REF=craftcms/${{ matrix.type }}:${{ matrix.php }}" >> $GITHUB_ENV
	echo "DEV_IMAGE_REF=craftcms/${{ matrix.type }}:${{ matrix.php }}-dev" >> $GITHUB_ENV
	echo "PROD_DOCKERFILE=${{ matrix.php }}/Dockerfile" >> $GITHUB_ENV
	echo "DEV_DOCKERFILE=${{ matrix.php }}/dev.Dockerfile" >> $GITHUB_ENV

	- name: Check out the repository
	uses: actions/checkout@v2

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v1

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	with:
	install: true

	- name: Build production image for Snyk test
	uses: docker/build-push-action@v2
	with:
	context: ${{ matrix.php }}
	push: false
	load: true
	tags: ${{ env.PROD_IMAGE_REF }}
	build-args: \|
	PROJECT_TYPE=${{ matrix.type_short }}
	PHP_VERSION=${{ matrix.php }}

	- name: Snyk test production image
	uses: snyk/actions/docker@master
	env:
	SNYK_CFG_ORG: ${{ secrets.SNYK_CFG_ORG }}
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	image: ${{ env.PROD_IMAGE_REF }}
	args: --file=${{ env.PROD_DOCKERFILE }}

	- name: Login to Docker Hub
	uses: docker/login-action@v1
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Build & push production image
	uses: docker/build-push-action@v2
	with:
	context: ${{ matrix.php }}
	push: true
	platforms: ${{ env.BUILD_PLATFORMS }}
	tags: ${{ env.PROD_IMAGE_REF }}
	build-args: \|
	PROJECT_TYPE=${{ matrix.type_short }}
	PHP_VERSION=${{ matrix.php }}

	- name: Build development image for Snyk test
	uses: docker/build-push-action@v2
	with:
	context: ${{ matrix.php }}
	file: ${{ env.DEV_DOCKERFILE }}
	push: false
	load: true
	tags: ${{ env.DEV_IMAGE_REF }}
	build-args: \|
	PROJECT_TYPE=${{ matrix.type }}
	PHP_VERSION=${{ matrix.php }}

	- name: Snyk test development image
	uses: snyk/actions/docker@master
	env:
	SNYK_CFG_ORG: ${{ secrets.SNYK_CFG_ORG }}
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	image: ${{ env.DEV_IMAGE_REF }}
	args: --file=${{ env.DEV_DOCKERFILE }}

	- name: Build & push development image
	uses: docker/build-push-action@v2
	with:
	context: ${{ matrix.php }}
	file: ${{ env.DEV_DOCKERFILE }}
	push: true
	platforms: ${{ env.BUILD_PLATFORMS }}
	tags: ${{ env.DEV_IMAGE_REF }}
	build-args: \|
	PROJECT_TYPE=${{ matrix.type }}
	PHP_VERSION=${{ matrix.php }}

	build-nginx-images:
	name: Build NGINX images
	needs: build-php-images
	runs-on: ubuntu-latest
	strategy:
	matrix:
	php: ["8.2", "8.1", "8.0"]
	steps:
	- name: Set env
	run: \|
	echo "PROD_IMAGE_REF=craftcms/nginx:${{ matrix.php }}" >> $GITHUB_ENV
	echo "DEV_IMAGE_REF=craftcms/nginx:${{ matrix.php }}-dev" >> $GITHUB_ENV
	echo "BASE_PROD_IMAGE_TAG=${{ matrix.php }}" >> $GITHUB_ENV
	echo "BASE_DEV_IMAGE_TAG=${{ matrix.php }}-dev" >> $GITHUB_ENV

	- name: Check out the repository
	uses: actions/checkout@v2

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v1

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v1
	with:
	install: true

	- name: Build production image for Snyk test
	uses: docker/build-push-action@v2
	with:
	context: nginx
	push: false
	load: true
	tags: ${{ env.PROD_IMAGE_REF }}
	build-args: \|
	PHP_VERSION=${{ env.BASE_PROD_IMAGE_TAG }}

	- name: Snyk test production image
	uses: snyk/actions/docker@master
	env:
	SNYK_CFG_ORG: ${{ secrets.SNYK_CFG_ORG }}
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	image: ${{ env.PROD_IMAGE_REF }}
	args: --file=nginx/Dockerfile

	- name: Login to Docker Hub
	uses: docker/login-action@v1
	with:
	username: ${{ secrets.DOCKERHUB_USERNAME }}
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Build & push production image
	uses: docker/build-push-action@v2
	with:
	context: nginx
	push: true
	platforms: ${{ env.BUILD_PLATFORMS }}
	tags: ${{ env.PROD_IMAGE_REF }}
	build-args: \|
	PHP_VERSION=${{ env.BASE_PROD_IMAGE_TAG }}

	- name: Build development image for Snyk test
	uses: docker/build-push-action@v2
	with:
	context: nginx
	push: false
	load: true
	tags: ${{ env.DEV_IMAGE_REF }}
	build-args: \|
	PHP_VERSION=${{ env.BASE_DEV_IMAGE_TAG }}
	NGINX_CONF=dev.default.conf

	- name: Snyk test development image
	uses: snyk/actions/docker@master
	env:
	SNYK_CFG_ORG: ${{ secrets.SNYK_CFG_ORG }}
	SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
	with:
	image: ${{ env.DEV_IMAGE_REF }}
	args: --file=nginx/Dockerfile

	- name: Build & push development image
	uses: docker/build-push-action@v2
	with:
	context: nginx
	push: true
	platforms: ${{ env.BUILD_PLATFORMS }}
	tags: ${{ env.DEV_IMAGE_REF }}
	build-args: \|
	PHP_VERSION=${{ env.BASE_DEV_IMAGE_TAG }}
	NGINX_CONF=dev.default.conf
	bump_tag:
	name: Bump Version Tag
	if: ${{ github.event_name != 'push' }}
	needs:
	- build-php-images
	- build-nginx-images
	runs-on: ubuntu-latest
	steps:
	- name: Bump version and push tag
	uses: mathieudutour/github-tag-action@v6.0
	with:
	github_token: ${{ secrets.TAG_ACTION_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Build and push Docker images #712

Workflow file

Build and push Docker images #712

Jobs

Run details

Workflow file for this run