mirror of
https://github.com/php/frankenphp.git
synced 2026-03-24 09:02:11 +01:00
25ed020036
Closes #83 #880 #1286. Working patch for Windows support. Supports linking to the [official PHP release (TS version)](https://www.php.net/downloads.php). Includes some work from #1286 (thanks @TenHian!!) This patch allows using Visual Studio to compile the cgo code. To do so, it must be compiled with Go 1.26 (RC) with the following setup: ```powershell winget install -e --id Microsoft.VisualStudio.2022.Community --override "--passive --wait --add Microsoft.VisualStudio.Workload.NativeDesktop --add Microsoft.VisualStudio.Component.VC.Llvm.Clang --includeRecommended" winget install -e --id GoLang.Go $env:PATH += ';C:\Program Files\Microsoft Visual Studio\2022\Community\VC\Tools\Llvm\bin' cd c:\ gh repo clone microsoft/vcpkg .\vcpkg\bootstrap-vcpkg.bat .\vcpkg\vcpkg install pthreads brotli # build watcher Invoke-WebRequest -Uri "https://github.com/e-dant/watcher/releases/download/0.14.3/x86_64-pc-windows-msvc.tar" -OutFile "$env:TEMP\watcher.tar" tar -xf "$env:TEMP\watcher.tar" -C C:\ Rename-Item -Path "C:\x86_64-pc-windows-msvc" -NewName "watcher-x86_64-pc-windows-msvc" Remove-Item "$env:TEMP\watcher.tar" # download php Invoke-WebRequest -Uri "https://downloads.php.net/~windows/releases/archives/php-8.5.1-Win32-vs17-x64.zip" -OutFile "$env:TEMP\php.zip" Expand-Archive -Path "$env:TEMP\php.zip" -DestinationPath "C:\" Remove-Item "$env:TEMP\php.zip" # download php development package Invoke-WebRequest -Uri "https://downloads.php.net/~windows/releases/archives/php-devel-pack-8.5.1-Win32-vs17-x64.zip" -OutFile "$env:TEMP\php-devel.zip" Expand-Archive -Path "$env:TEMP\php-devel.zip" -DestinationPath "C:\" Remove-Item "$env:TEMP\php-devel.zip" $env:GOTOOLCHAIN = 'go1.26rc1' $env:CC = 'clang' $env:CXX = 'clang++' $env:CGO_CFLAGS = "-I$env:C:\vcpkg\installed\x64-windows\include -IC:\watcher-x86_64-pc-windows-msvc -IC:\php-8.5.1-devel-vs17-x64\include -IC:\php-8.5.1-devel-vs17-x64\include\main -IC:\php-8.5.1-devel-vs17-x64\include\TSRM -IC:\php-8.5.1-devel-vs17-x64\include\Zend -IC:\php-8.5.1-devel-vs17-x64\include\ext" $env:CGO_LDFLAGS = '-LC:\vcpkg\installed\x64-windows\lib -lbrotlienc -LC:\watcher-x86_64-pc-windows-msvc -llibwatcher-c -LC:\php-8.5.1-Win32-vs17-x64 -LC:\php-8.5.1-devel-vs17-x64\lib -lphp8ts -lphp8embed' # clone frankenphp and build git clone -b windows https://github.com/php/frankenphp.git cd frankenphp\caddy\frankenphp go build -ldflags '-extldflags="-fuse-ld=lld"' -tags nowatcher,nobadger,nomysql,nopgx # Tests $env:PATH += ";$env:VCPKG_ROOT\installed\x64-windows\bin;C:\watcher-x86_64-pc-windows-msvc";C:\php-8.5.1-Win32-vs17-x64" "opcache.enable=0`r`nopcache.enable_cli=0" | Out-File -Encoding ascii php.ini $env:PHPRC = Get-Location go test -ldflags '-extldflags="-fuse-ld=lld"' -tags nowatcher,nobadger,nomysql,nopgx . ``` TODO: - [x] Fix remaining skipped tests (scaling and watcher) - [x] Test if the watcher mode works as expected - [x] Automate the build with GitHub Actions --------- Signed-off-by: Marc <m@pyc.ac> Co-authored-by: Kévin Dunglas <kevin@dunglas.dev> Co-authored-by: DubbleClick <m@pyc.ac>
510 lines
23 KiB
YAML
510 lines
23 KiB
YAML
---
|
|
name: Build binary releases
|
|
concurrency:
|
|
cancel-in-progress: true
|
|
group: ${{ github.workflow }}-${{ github.ref }}
|
|
|
|
on:
|
|
pull_request:
|
|
branches:
|
|
- main
|
|
paths:
|
|
- "docker-bake.hcl"
|
|
- ".github/workflows/static.yaml"
|
|
- "**cgo.go"
|
|
- "**Dockerfile"
|
|
- "**.c"
|
|
- "**.h"
|
|
- "**.sh"
|
|
- "**.stub.php"
|
|
push:
|
|
branches:
|
|
- main
|
|
tags:
|
|
- v*.*.*
|
|
workflow_dispatch:
|
|
inputs:
|
|
#checkov:skip=CKV_GHA_7
|
|
version:
|
|
description: "FrankenPHP version"
|
|
required: false
|
|
type: string
|
|
schedule:
|
|
- cron: "0 0 * * *"
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
env:
|
|
IMAGE_NAME: ${{ (github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && inputs.version) || startsWith(github.ref, 'refs/tags/')) && 'dunglas/frankenphp' || 'dunglas/frankenphp-dev' }}
|
|
SPC_OPT_BUILD_ARGS: --debug
|
|
GOTOOLCHAIN: local
|
|
|
|
jobs:
|
|
prepare:
|
|
runs-on: ubuntu-24.04
|
|
outputs:
|
|
push: ${{ toJson((steps.check.outputs.ref || (github.event_name == 'workflow_dispatch' && inputs.version) || startsWith(github.ref, 'refs/tags/') || (github.ref == 'refs/heads/main' && github.event_name != 'pull_request')) && true || false) }}
|
|
platforms: ${{ steps.matrix.outputs.platforms }}
|
|
metadata: ${{ steps.matrix.outputs.metadata }}
|
|
gnu_metadata: ${{ steps.matrix.outputs.gnu_metadata }}
|
|
ref: ${{ steps.check.outputs.ref }}
|
|
steps:
|
|
- name: Get version
|
|
id: check
|
|
if: github.event_name == 'schedule'
|
|
run: |
|
|
ref="${REF}"
|
|
if [[ -z "${ref}" ]]; then
|
|
ref="$(gh release view --repo dunglas/frankenphp --json tagName --jq '.tagName')"
|
|
fi
|
|
|
|
echo "ref=${ref}" >> "${GITHUB_OUTPUT}"
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
REF: ${{ (github.ref_type == 'tag' && github.ref_name) || (github.event_name == 'workflow_dispatch' && inputs.version) || '' }}
|
|
- uses: actions/checkout@v6
|
|
with:
|
|
ref: ${{ steps.check.outputs.ref }}
|
|
persist-credentials: false
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
- name: Create platforms matrix
|
|
id: matrix
|
|
run: |
|
|
METADATA="$(docker buildx bake --print static-builder-musl | jq -c)"
|
|
GNU_METADATA="$(docker buildx bake --print static-builder-gnu | jq -c)"
|
|
{
|
|
echo metadata="${METADATA}"
|
|
echo platforms="$(jq -c 'first(.target[]) | .platforms' <<< "${METADATA}")"
|
|
echo gnu_metadata="${GNU_METADATA}"
|
|
} >> "${GITHUB_OUTPUT}"
|
|
env:
|
|
SHA: ${{ github.sha }}
|
|
VERSION: ${{ steps.check.outputs.ref || 'dev' }}
|
|
|
|
build-linux-musl:
|
|
permissions:
|
|
contents: write
|
|
id-token: write
|
|
attestations: write
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
platform: ${{ fromJson(needs.prepare.outputs.platforms) }}
|
|
debug: [false]
|
|
mimalloc: [false]
|
|
include:
|
|
- platform: linux/amd64
|
|
- platform: linux/amd64
|
|
debug: true
|
|
- platform: linux/amd64
|
|
mimalloc: true
|
|
name: Build ${{ matrix.platform }} static musl binary${{ matrix.debug && ' (debug)' || '' }}${{ matrix.mimalloc && ' (mimalloc)' || '' }}
|
|
runs-on: ${{ startsWith(matrix.platform, 'linux/arm') && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
|
|
needs: [prepare]
|
|
steps:
|
|
- name: Prepare
|
|
id: prepare
|
|
run: echo "sanitized_platform=${PLATFORM//\//-}" >> "${GITHUB_OUTPUT}"
|
|
env:
|
|
PLATFORM: ${{ matrix.platform }}
|
|
- uses: actions/checkout@v6
|
|
with:
|
|
ref: ${{ needs.prepare.outputs.ref }}
|
|
persist-credentials: false
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
with:
|
|
platforms: ${{ matrix.platform }}
|
|
- name: Login to DockerHub
|
|
uses: docker/login-action@v3
|
|
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
|
|
with:
|
|
username: ${{ secrets.REGISTRY_USERNAME }}
|
|
password: ${{ secrets.REGISTRY_PASSWORD }}
|
|
- name: Set VERSION
|
|
run: |
|
|
if [ "${GITHUB_REF_TYPE}" == "tag" ]; then
|
|
export VERSION=${GITHUB_REF_NAME:1}
|
|
elif [ "${GITHUB_EVENT_NAME}" == "schedule" ]; then
|
|
export VERSION="${REF}"
|
|
else
|
|
export VERSION=${GITHUB_SHA}
|
|
fi
|
|
|
|
echo "VERSION=${VERSION}" >> "${GITHUB_ENV}"
|
|
env:
|
|
REF: ${{ needs.prepare.outputs.ref }}
|
|
- name: Build
|
|
id: build
|
|
uses: docker/bake-action@v6
|
|
with:
|
|
pull: true
|
|
load: ${{ !fromJson(needs.prepare.outputs.push) || matrix.debug || matrix.mimalloc }}
|
|
source: .
|
|
targets: static-builder-musl
|
|
set: |
|
|
${{ matrix.debug && 'static-builder-musl.args.DEBUG_SYMBOLS=1' || '' }}
|
|
${{ matrix.mimalloc && 'static-builder-musl.args.MIMALLOC=1' || '' }}
|
|
${{ (github.event_name == 'pull_request' || matrix.platform == 'linux/arm64') && 'static-builder-musl.args.NO_COMPRESS=1' || '' }}
|
|
*.tags=
|
|
*.platform=${{ matrix.platform }}
|
|
${{ fromJson(needs.prepare.outputs.push) && '' || format('*.cache-from=type=gha,scope={0}-static-builder-musl{1}{2}', needs.prepare.outputs.ref || github.ref, matrix.debug && '-debug' || '', matrix.mimalloc && '-mimalloc' || '') }}
|
|
${{ fromJson(needs.prepare.outputs.push) && '' || format('*.cache-from=type=gha,scope=refs/heads/main-static-builder-musl{0}{1}', matrix.debug && '-debug' || '', matrix.mimalloc && '-mimalloc' || '') }}
|
|
${{ fromJson(needs.prepare.outputs.push) && '' || format('*.cache-to=type=gha,scope={0}-static-builder-musl{1}{2},ignore-error=true', needs.prepare.outputs.ref || github.ref, matrix.debug && '-debug' || '', matrix.mimalloc && '-mimalloc' || '') }}
|
|
${{ (fromJson(needs.prepare.outputs.push) && !matrix.debug && !matrix.mimalloc) && format('*.output=type=image,name={0},push-by-digest=true,name-canonical=true,push=true', env.IMAGE_NAME) || '' }}
|
|
env:
|
|
SHA: ${{ github.sha }}
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
- # Workaround for https://github.com/actions/runner/pull/2477#issuecomment-1501003600
|
|
name: Export metadata
|
|
if: fromJson(needs.prepare.outputs.push) && !matrix.debug && !matrix.mimalloc
|
|
run: |
|
|
mkdir -p /tmp/metadata
|
|
|
|
# shellcheck disable=SC2086
|
|
digest=$(jq -r '."static-builder-musl"."containerimage.digest"' <<< ${METADATA})
|
|
touch "/tmp/metadata/${digest#sha256:}"
|
|
env:
|
|
METADATA: ${{ steps.build.outputs.metadata }}
|
|
- name: Upload metadata
|
|
if: fromJson(needs.prepare.outputs.push) && !matrix.debug && !matrix.mimalloc
|
|
uses: actions/upload-artifact@v6
|
|
with:
|
|
name: metadata-static-builder-musl-${{ steps.prepare.outputs.sanitized_platform }}
|
|
path: /tmp/metadata/*
|
|
if-no-files-found: error
|
|
retention-days: 1
|
|
- name: Copy binary
|
|
run: |
|
|
# shellcheck disable=SC2034
|
|
# TODO: remove "containerimage.config.digest" fallback once all runners use buildx v0.18+
|
|
# which replaced it with "containerimage.digest" and "containerimage.descriptor"
|
|
digest=$(jq -r '."static-builder-musl" | ${{ (fromJson(needs.prepare.outputs.push) && !matrix.debug && !matrix.mimalloc) && '."containerimage.digest"' || '(."containerimage.config.digest" // ."containerimage.digest")' }}' <<< "${METADATA}")
|
|
docker create --platform="${PLATFORM}" --name static-builder-musl "${{ (fromJson(needs.prepare.outputs.push) && !matrix.debug && !matrix.mimalloc) && '${IMAGE_NAME}@${digest}' || '${digest}' }}"
|
|
docker cp "static-builder-musl:/go/src/app/dist/${BINARY}" "${BINARY}${{ matrix.debug && '-debug' || '' }}${{ matrix.mimalloc && '-mimalloc' || '' }}"
|
|
env:
|
|
METADATA: ${{ steps.build.outputs.metadata }}
|
|
BINARY: frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}
|
|
PLATFORM: ${{ matrix.platform }}
|
|
- name: Upload artifact
|
|
if: ${{ !fromJson(needs.prepare.outputs.push) }}
|
|
uses: actions/upload-artifact@v6
|
|
with:
|
|
name: frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}${{ matrix.debug && '-debug' || '' }}${{ matrix.mimalloc && '-mimalloc' || '' }}
|
|
path: frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}${{ matrix.debug && '-debug' || '' }}${{ matrix.mimalloc && '-mimalloc' || '' }}
|
|
compression-level: 0
|
|
- name: Upload assets
|
|
if: fromJson(needs.prepare.outputs.push) && (needs.prepare.outputs.ref || github.ref_type == 'tag')
|
|
run: gh release upload "${REF}" frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}${{ matrix.debug && '-debug' || '' }}${{ matrix.mimalloc && '-mimalloc' || '' }} --repo dunglas/frankenphp --clobber
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
REF: ${{ (github.ref_type == 'tag' && github.ref_name) || needs.prepare.outputs.ref }}
|
|
- if: fromJson(needs.prepare.outputs.push) && (needs.prepare.outputs.ref || github.ref_type == 'tag')
|
|
uses: actions/attest-build-provenance@v3
|
|
with:
|
|
subject-path: ${{ github.workspace }}/frankenphp-linux-*
|
|
- name: Run sanity checks
|
|
run: |
|
|
"${BINARY}" version
|
|
"${BINARY}" build-info
|
|
"${BINARY}" list-modules | grep frankenphp
|
|
"${BINARY}" list-modules | grep http.encoders.br
|
|
"${BINARY}" list-modules | grep http.handlers.mercure
|
|
"${BINARY}" list-modules | grep http.handlers.mercure
|
|
"${BINARY}" list-modules | grep http.handlers.vulcain
|
|
"${BINARY}" php-cli -r "echo 'Sanity check passed';"
|
|
env:
|
|
BINARY: ./frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}${{ matrix.debug && '-debug' || '' }}${{ matrix.mimalloc && '-mimalloc' || '' }}
|
|
|
|
build-linux-gnu:
|
|
permissions:
|
|
contents: write
|
|
id-token: write
|
|
attestations: write
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
platform: ${{ fromJson(needs.prepare.outputs.platforms) }}
|
|
name: Build ${{ matrix.platform }} static GNU binary
|
|
runs-on: ${{ startsWith(matrix.platform, 'linux/arm') && 'ubuntu-24.04-arm' || 'ubuntu-24.04' }}
|
|
needs: [prepare]
|
|
steps:
|
|
# Inspired by https://gist.github.com/antiphishfish/1e3fbc3f64ef6f1ab2f47457d2da5d9d and https://github.com/apache/flink/blob/master/tools/azure-pipelines/free_disk_space.sh
|
|
- name: Free disk space
|
|
run: |
|
|
set -xe
|
|
sudo rm -rf /usr/share/dotnet
|
|
sudo rm -rf /usr/share/swift
|
|
sudo rm -rf /usr/local/lib/android
|
|
sudo rm -rf /opt/ghc
|
|
sudo rm -rf /usr/local/.ghcup
|
|
sudo rm -rf "/usr/local/share/boost"
|
|
sudo rm -rf "$AGENT_TOOLSDIRECTORY"
|
|
sudo rm -rf /opt/hostedtoolcache/
|
|
sudo rm -rf /usr/local/graalvm/
|
|
sudo rm -rf /usr/local/share/powershell
|
|
sudo rm -rf /usr/local/share/chromium
|
|
sudo rm -rf /usr/local/lib/node_modules
|
|
sudo docker image prune --all --force
|
|
|
|
APT_PARAMS='sudo apt -y -qq -o=Dpkg::Use-Pty=0'
|
|
$APT_PARAMS remove -y '^dotnet-.*'
|
|
$APT_PARAMS remove -y '^llvm-.*'
|
|
$APT_PARAMS remove -y '^php.*'
|
|
$APT_PARAMS remove -y '^mongodb-.*'
|
|
$APT_PARAMS remove -y '^mysql-.*'
|
|
$APT_PARAMS remove -y azure-cli firefox powershell mono-devel libgl1-mesa-dri
|
|
$APT_PARAMS autoremove --purge -y
|
|
$APT_PARAMS autoclean
|
|
$APT_PARAMS clean
|
|
- name: Prepare
|
|
id: prepare
|
|
run: echo "sanitized_platform=${PLATFORM//\//-}" >> "${GITHUB_OUTPUT}"
|
|
env:
|
|
PLATFORM: ${{ matrix.platform }}
|
|
- uses: actions/checkout@v6
|
|
with:
|
|
ref: ${{ needs.prepare.outputs.ref }}
|
|
persist-credentials: false
|
|
- name: Set VERSION
|
|
run: |
|
|
if [ "${GITHUB_REF_TYPE}" == "tag" ]; then
|
|
export VERSION=${GITHUB_REF_NAME:1}
|
|
elif [ "${GITHUB_EVENT_NAME}" == "schedule" ]; then
|
|
export VERSION="${REF}"
|
|
else
|
|
export VERSION=${GITHUB_SHA}
|
|
fi
|
|
|
|
echo "VERSION=${VERSION}" >> "${GITHUB_ENV}"
|
|
env:
|
|
REF: ${{ needs.prepare.outputs.ref }}
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
with:
|
|
platforms: ${{ matrix.platform }}
|
|
- name: Login to DockerHub
|
|
uses: docker/login-action@v3
|
|
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
|
|
with:
|
|
username: ${{ secrets.REGISTRY_USERNAME }}
|
|
password: ${{ secrets.REGISTRY_PASSWORD }}
|
|
- name: Build
|
|
id: build
|
|
uses: docker/bake-action@v6
|
|
with:
|
|
pull: true
|
|
load: ${{ !fromJson(needs.prepare.outputs.push) }}
|
|
source: .
|
|
targets: static-builder-gnu
|
|
set: |
|
|
${{ (github.event_name == 'pull_request' || matrix.platform == 'linux/arm64') && 'static-builder-gnu.args.NO_COMPRESS=1' || '' }}
|
|
*.tags=
|
|
*.platform=${{ matrix.platform }}
|
|
${{ fromJson(needs.prepare.outputs.push) && '' || format('*.cache-from=type=gha,scope={0}-static-builder-gnu', needs.prepare.outputs.ref || github.ref) }}
|
|
${{ fromJson(needs.prepare.outputs.push) && '' || '*.cache-from=type=gha,scope=refs/heads/main-static-builder-gnu' }}
|
|
${{ fromJson(needs.prepare.outputs.push) && '' || format('*.cache-to=type=gha,scope={0}-static-builder-gnu,ignore-error=true', needs.prepare.outputs.ref || github.ref) }}
|
|
${{ fromJson(needs.prepare.outputs.push) && format('*.output=type=image,name={0},push-by-digest=true,name-canonical=true,push=true', env.IMAGE_NAME) || '' }}
|
|
env:
|
|
SHA: ${{ github.sha }}
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
- # Workaround for https://github.com/actions/runner/pull/2477#issuecomment-1501003600
|
|
name: Export metadata
|
|
if: fromJson(needs.prepare.outputs.push)
|
|
run: |
|
|
mkdir -p /tmp/metadata-gnu
|
|
|
|
# shellcheck disable=SC2086
|
|
digest=$(jq -r '."static-builder-gnu"."containerimage.digest"' <<< ${METADATA})
|
|
touch "/tmp/metadata-gnu/${digest#sha256:}"
|
|
env:
|
|
METADATA: ${{ steps.build.outputs.metadata }}
|
|
- name: Upload metadata
|
|
if: fromJson(needs.prepare.outputs.push)
|
|
uses: actions/upload-artifact@v6
|
|
with:
|
|
name: metadata-static-builder-gnu-${{ steps.prepare.outputs.sanitized_platform }}
|
|
path: /tmp/metadata-gnu/*
|
|
if-no-files-found: error
|
|
retention-days: 1
|
|
- name: Copy all frankenphp* files
|
|
run: |
|
|
# shellcheck disable=SC2034
|
|
# TODO: remove "containerimage.config.digest" fallback once all runners use buildx v0.18+
|
|
# which replaced it with "containerimage.digest" and "containerimage.descriptor"
|
|
digest=$(jq -r '."static-builder-gnu" | ${{ fromJson(needs.prepare.outputs.push) && '."containerimage.digest"' || '(."containerimage.config.digest" // ."containerimage.digest")' }}' <<< "${METADATA}")
|
|
container_id=$(docker create --platform="${PLATFORM}" "${{ fromJson(needs.prepare.outputs.push) && '${IMAGE_NAME}@${digest}' || '${digest}' }}")
|
|
mkdir -p gh-output
|
|
cd gh-output
|
|
for file in $(docker run --rm "${{ fromJson(needs.prepare.outputs.push) && '${IMAGE_NAME}@${digest}' || '${digest}' }}" sh -c "ls /go/src/app/dist | grep '^frankenphp'"); do
|
|
docker cp "${container_id}:/go/src/app/dist/${file}" "./${file}"
|
|
done
|
|
docker rm "${container_id}"
|
|
mv "${BINARY}" "${BINARY}-gnu"
|
|
env:
|
|
METADATA: ${{ steps.build.outputs.metadata }}
|
|
BINARY: frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}
|
|
PLATFORM: ${{ matrix.platform }}
|
|
- name: Upload artifact
|
|
if: ${{ !fromJson(needs.prepare.outputs.push) }}
|
|
uses: actions/upload-artifact@v6
|
|
with:
|
|
name: frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}-gnu-files
|
|
path: gh-output/*
|
|
- name: Upload assets
|
|
if: fromJson(needs.prepare.outputs.push) && (needs.prepare.outputs.ref || github.ref_type == 'tag')
|
|
run: gh release upload "${REF}" gh-output/* --repo dunglas/frankenphp --clobber
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
REF: ${{ (github.ref_type == 'tag' && github.ref_name) || needs.prepare.outputs.ref }}
|
|
- if: fromJson(needs.prepare.outputs.push) && (needs.prepare.outputs.ref || github.ref_type == 'tag')
|
|
uses: actions/attest-build-provenance@v3
|
|
with:
|
|
subject-path: ${{ github.workspace }}/gh-output/frankenphp-linux-*-gnu
|
|
- name: Run sanity checks
|
|
run: |
|
|
"${BINARY}" version
|
|
"${BINARY}" list-modules | grep frankenphp
|
|
"${BINARY}" list-modules | grep http.encoders.br
|
|
"${BINARY}" list-modules | grep http.handlers.mercure
|
|
"${BINARY}" list-modules | grep http.handlers.mercure
|
|
"${BINARY}" list-modules | grep http.handlers.vulcain
|
|
"${BINARY}" php-cli -r "echo 'Sanity check passed';"
|
|
env:
|
|
BINARY: ./gh-output/frankenphp-linux-${{ matrix.platform == 'linux/amd64' && 'x86_64' || 'aarch64' }}-gnu
|
|
|
|
# Adapted from https://docs.docker.com/build/ci/github-actions/multi-platform/
|
|
push:
|
|
runs-on: ubuntu-24.04
|
|
needs:
|
|
- prepare
|
|
- build-linux-musl
|
|
- build-linux-gnu
|
|
if: fromJson(needs.prepare.outputs.push)
|
|
steps:
|
|
- name: Download metadata
|
|
uses: actions/download-artifact@v7
|
|
with:
|
|
pattern: metadata-static-builder-musl-*
|
|
path: /tmp/metadata
|
|
merge-multiple: true
|
|
- name: Download GNU metadata
|
|
uses: actions/download-artifact@v7
|
|
with:
|
|
pattern: metadata-static-builder-gnu-*
|
|
path: /tmp/metadata-gnu
|
|
merge-multiple: true
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v3
|
|
- name: Login to DockerHub
|
|
uses: docker/login-action@v3
|
|
if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.repository
|
|
with:
|
|
username: ${{ secrets.REGISTRY_USERNAME }}
|
|
password: ${{ secrets.REGISTRY_PASSWORD }}
|
|
- name: Create manifest list and push
|
|
working-directory: /tmp/metadata
|
|
run: |
|
|
# shellcheck disable=SC2046,SC2086
|
|
docker buildx imagetools create $(jq -cr '.target."static-builder-musl".tags | map("-t " + .) | join(" ")' <<< "${METADATA}") \
|
|
$(printf "${IMAGE_NAME}@sha256:%s " *)
|
|
env:
|
|
METADATA: ${{ needs.prepare.outputs.metadata }}
|
|
- name: Create GNU manifest list and push
|
|
working-directory: /tmp/metadata-gnu
|
|
run: |
|
|
# shellcheck disable=SC2046,SC2086
|
|
docker buildx imagetools create $(jq -cr '.target."static-builder-gnu".tags | map("-t " + .) | join(" ")' <<< "${GNU_METADATA}") \
|
|
$(printf "${IMAGE_NAME}@sha256:%s " *)
|
|
env:
|
|
GNU_METADATA: ${{ needs.prepare.outputs.gnu_metadata }}
|
|
- name: Inspect image
|
|
run: |
|
|
# shellcheck disable=SC2046,SC2086
|
|
docker buildx imagetools inspect "$(jq -cr '.target."static-builder-musl".tags | first' <<< "${METADATA}")"
|
|
env:
|
|
METADATA: ${{ needs.prepare.outputs.metadata }}
|
|
- name: Inspect GNU image
|
|
run: |
|
|
# shellcheck disable=SC2046,SC2086
|
|
docker buildx imagetools inspect "$(jq -cr '.target."static-builder-gnu".tags | first' <<< "${GNU_METADATA}")-gnu"
|
|
env:
|
|
GNU_METADATA: ${{ needs.prepare.outputs.gnu_metadata }}
|
|
|
|
build-mac:
|
|
permissions:
|
|
contents: write
|
|
id-token: write
|
|
attestations: write
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
platform: ["arm64", "x86_64"]
|
|
name: Build macOS ${{ matrix.platform }} binaries
|
|
runs-on: ${{ matrix.platform == 'arm64' && 'macos-15' || 'macos-15-intel' }}
|
|
needs: [prepare]
|
|
env:
|
|
HOMEBREW_NO_AUTO_UPDATE: 1
|
|
steps:
|
|
- uses: actions/checkout@v6
|
|
with:
|
|
ref: ${{ needs.prepare.outputs.ref }}
|
|
persist-credentials: false
|
|
- uses: actions/setup-go@v6
|
|
with: # zizmor: ignore[cache-poisoning]
|
|
go-version: "1.26"
|
|
cache-dependency-path: |
|
|
go.sum
|
|
caddy/go.sum
|
|
cache: ${{ github.event_name != 'release' }}
|
|
- name: Set FRANKENPHP_VERSION
|
|
run: |
|
|
if [ "${GITHUB_REF_TYPE}" == "tag" ]; then
|
|
export FRANKENPHP_VERSION=${GITHUB_REF_NAME:1}
|
|
elif [ "${GITHUB_EVENT_NAME}" == "schedule" ]; then
|
|
export FRANKENPHP_VERSION="${REF}"
|
|
else
|
|
export FRANKENPHP_VERSION=${GITHUB_SHA}
|
|
fi
|
|
|
|
echo "FRANKENPHP_VERSION=${FRANKENPHP_VERSION}" >> "${GITHUB_ENV}"
|
|
env:
|
|
REF: ${{ needs.prepare.outputs.ref }}
|
|
- name: Build FrankenPHP
|
|
run: ./build-static.sh
|
|
env:
|
|
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
RELEASE: ${{ (needs.prepare.outputs.ref || github.ref_type == 'tag') && '1' || '' }}
|
|
NO_COMPRESS: ${{ github.event_name == 'pull_request' && '1' || '' }}
|
|
- name: Upload logs
|
|
if: ${{ failure() }}
|
|
uses: actions/upload-artifact@v6
|
|
with:
|
|
path: dist/static-php-cli/log
|
|
name: static-php-cli-log-${{ matrix.platform }}-${{ github.sha }}
|
|
- if: needs.prepare.outputs.ref || github.ref_type == 'tag'
|
|
uses: actions/attest-build-provenance@v3
|
|
with:
|
|
subject-path: ${{ github.workspace }}/dist/frankenphp-mac-*
|
|
- name: Upload artifact
|
|
if: github.ref_type == 'branch'
|
|
uses: actions/upload-artifact@v6
|
|
with:
|
|
name: frankenphp-mac-${{ matrix.platform }}
|
|
path: dist/frankenphp-mac-${{ matrix.platform }}
|
|
compression-level: 0
|
|
- name: Run sanity checks
|
|
run: |
|
|
"${BINARY}" version
|
|
"${BINARY}" build-info
|
|
"${BINARY}" list-modules | grep frankenphp
|
|
"${BINARY}" list-modules | grep http.encoders.br
|
|
"${BINARY}" list-modules | grep http.handlers.mercure
|
|
"${BINARY}" list-modules | grep http.handlers.mercure
|
|
"${BINARY}" list-modules | grep http.handlers.vulcain
|
|
"${BINARY}" php-cli -r "echo 'Sanity check passed';"
|
|
env:
|
|
BINARY: dist/frankenphp-mac-${{ matrix.platform }}
|