Skip to content

Release/8.2 version upgrades- added php 8.2.19, 8.2.20 #460

Release/8.2 version upgrades- added php 8.2.19, 8.2.20

Release/8.2 version upgrades- added php 8.2.19, 8.2.20 #460

Workflow file for this run

name: CI
on:
push:
branches:
- 'release/**'
pull_request:
env:
ALIAS_VERSION: '8.2'
VERSION_FOR_ALIAS: '8.2.19'
jobs:
ci:
name: Build PHP ${{ matrix.php-version }}
runs-on: ubuntu-latest
continue-on-error: true
strategy:
matrix:
php-version:
- '8.2.19'
- '8.2.18'
- '8.2.17'
- '8.2.16'
- '8.2.15'
- '8.2.14'
- '8.2.13'
- '8.2.12'
- '8.2.11'
- '8.2.10'
- '8.2.9'
- '8.2.8'
- '8.2.7'
- '8.2.6'
- '8.2.5'
- '8.2.4'
- '8.2.3'
- '8.2.2'
- '8.2.1'
- '8.2.0'
steps:
- name: "Checkout code"
uses: actions/checkout@v2
- name: "Build Alpine"
run: ./build_alpine_version.sh ${{ matrix.php-version }}
- name: "Check Alpine -i"
run: docker run --rm -t exozet/php-fpm:${{ matrix.php-version }}-alpine php -i
- name: "Check Alpine -v"
run: docker run --rm -t exozet/php-fpm:${{ matrix.php-version }}-alpine php -v
- name: "Build standard"
run: ./build_version.sh ${{ matrix.php-version }}
- name: "Check Standard -i"
run: docker run --rm -t exozet/php-fpm:${{ matrix.php-version }} php -i
- name: "Check Standard -v"
run: docker run --rm -t exozet/php-fpm:${{ matrix.php-version }} php -v
- name: Run Alpine Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
image-ref: 'exozet/php-fpm:${{ matrix.php-version }}-alpine'
format: 'table'
exit-code: '0' # we don't break the build if vulnerabilities are included!
ignore-unfixed: true
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'
- if: contains(github.ref, 'refs/heads/release/') && matrix.php-version == env.VERSION_FOR_ALIAS
name: Run Alpine Trivy vulnerability scanner and upload to github security tab
uses: aquasecurity/trivy-action@master
with:
image-ref: 'exozet/php-fpm:${{ matrix.php-version }}-alpine'
format: 'sarif'
output: 'trivy-results.sarif'
- if: contains(github.ref, 'refs/heads/release/') && matrix.php-version == env.VERSION_FOR_ALIAS
name: Upload Alpine Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v1
with:
sarif_file: 'trivy-results.sarif'
- if: contains(github.ref, 'refs/heads/release/')
name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- if: contains(github.ref, 'refs/heads/release/')
name: Login to Quay.io
uses: docker/login-action@v1
with:
registry: quay.io
username: ${{ secrets.QUAY_USERNAME }}
password: ${{ secrets.QUAY_PASSWORD }}
- if: contains(github.ref, 'refs/heads/release/') && matrix.php-version == env.VERSION_FOR_ALIAS
name: "Push PHP ${{ matrix.php-version }} and for version alias ${{ env.ALIAS_VERSION }}"
run: ./push_version.sh ${{ matrix.php-version }} ${{ env.ALIAS_VERSION }}
- if: contains(github.ref, 'refs/heads/release/') && matrix.php-version != env.VERSION_FOR_ALIAS
name: "Push PHP ${{ matrix.php-version }}"
run: ./push_version.sh ${{ matrix.php-version }}