extensions: Update simdjson_php #657

Workflow file for this run

.github/workflows/docker-image.yml at 7dd0034

	name: Docker Image CI

	on:
	push:
	branches: [ main ]
	pull_request:
	branches: [ main ]
	workflow_dispatch:
	inputs:
	misp_ref:
	description: 'MISP branch or tag to build'
	required: true
	default: 'develop'

	env:
	REGISTRY_IMAGE: ghcr.io/nukib/misp
	BUCKET_NAME: testbucket
	MINIO_ROOT_USER: testuser
	MINIO_ROOT_PASSWORD: i5Qkesr8fbV0Vezn0zojaIyKvnObUtNMXFu38wlT

	jobs:
	build:
	runs-on: ${{ matrix.runner }}
	strategy:
	matrix:
	runner: [ ubuntu-24.04-arm, ubuntu-latest ]
	timeout-minutes: 60
	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Fetch variables
	run: for v in $(python3 .github/workflows/docker-version.py ${{ github.event.inputs.misp_ref }}); do echo $v >> $GITHUB_ENV; done
	id: variables

	- name: Cache Docker layers
	uses: actions/cache@v4
	with:
	path: /tmp/.buildx-cache
	key: ${{ runner.os }}-${{ runner.arch }}-buildx-${{ github.sha }}
	restore-keys: \|
	${{ runner.os }}-${{ runner.arch }}-buildx-

	- name: Build Docker image
	uses: docker/build-push-action@v6
	with:
	context: .
	load: true
	tags: \|
	${{ env.REGISTRY_IMAGE }}
	nukib/misp
	cache-from: type=local,src=/tmp/.buildx-cache
	cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
	build-args: \|
	CACHEBUST=${{ env.MISP_COMMIT }}
	MISP_VERSION=${{ env.MISP_VERSION }}

	- name: Image history and inspect
	run: \|
	docker inspect ${{ env.REGISTRY_IMAGE }}
	docker history ${{ env.REGISTRY_IMAGE }}

	- name: Start contains for testing
	env:
	BUCKET_NAME: ${{ env.BUCKET_NAME }}
	S3_ACCESS_KEY: ${{ env.MINIO_ROOT_USER }}
	S3_SECRET_KEY: ${{ env.MINIO_ROOT_PASSWORD }}
	run: \|
	cp .github/workflows/test/.test-env.sh ./.env_s3
	MISP_IMAGE=${{ env.REGISTRY_IMAGE }} docker compose up --detach --quiet-pull
	python3 .github/workflows/wait.py http://127.0.0.1:8080 # Wait until MISP container is ready

	- name: Show MISP container logs
	if: always()
	run: \|
	docker ps -a
	docker logs misp

	- name: Test
	env:
	MISP_USER: admin@admin.test # default user
	BUCKET_NAME: ${{ env.BUCKET_NAME }}
	S3_ACCESS_KEY: ${{ env.MINIO_ROOT_USER }}
	S3_SECRET_KEY: ${{ env.MINIO_ROOT_PASSWORD }}
	run: \|
	docker exec misp su-exec apache /var/www/MISP/app/Console/cake user init # Ensure default user init
	AUTHKEY=$(docker exec misp su-exec apache /var/www/MISP/app/Console/cake user change_authkey $MISP_USER \| sed -n -e 's/Authentication key changed to: //p')
	VERSION=$(curl --fail -v -H "Authorization: $AUTHKEY" -H "Accept: application/json" http://127.0.0.1:8080/servers/getVersion)
	echo $VERSION \| jq
	.github/workflows/test/test_minio.sh $S3_ACCESS_KEY $S3_SECRET_KEY $BUCKET_NAME $AUTHKEY
	docker restart misp # Also test restart
	python3 .github/workflows/wait.py http://127.0.0.1:8080 # Wait until MISP container is ready
	curl --fail -v -H "Authorization: $AUTHKEY" -H "Accept: application/json" http://127.0.0.1:8080/servers/getVersion
	docker compose down

	# Temp fix
	# https://github.com/docker/build-push-action/issues/252
	# https://github.com/moby/buildkit/issues/1896
	- name: Move cache
	run: \|
	rm -rf /tmp/.buildx-cache
	mv /tmp/.buildx-cache-new /tmp/.buildx-cache
	du -sh /tmp/.buildx-cache

	- name: Login to GitHub Container Registry
	if: github.event_name != 'pull_request'
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Login to DockerHub
	if: github.event_name != 'pull_request'
	uses: docker/login-action@v3
	with:
	username: nukib
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Push by digest
	if: github.event_name != 'pull_request'
	id: build
	uses: docker/build-push-action@v6
	with:
	tags: \|
	${{ env.REGISTRY_IMAGE }}
	nukib/misp
	outputs: type=image,push-by-digest=true,name-canonical=true,push=true

	- name: Export digest
	if: github.event_name != 'pull_request'
	run: \|
	mkdir -p ${{ runner.temp }}/digests
	digest="${{ steps.build.outputs.digest }}"
	touch "${{ runner.temp }}/digests/${digest#sha256:}"

	- name: Upload digest
	if: github.event_name != 'pull_request'
	uses: actions/upload-artifact@v4
	with:
	name: digests-${{ runner.arch == 'X64' && 'amd64' \|\| 'arm64' }}
	path: ${{ runner.temp }}/digests/*
	if-no-files-found: error
	retention-days: 1

	push:
	runs-on: ubuntu-latest
	needs: build
	if: github.event_name != 'pull_request'
	steps:
	- name: Download digests
	uses: actions/download-artifact@v4
	with:
	path: ${{ runner.temp }}/digests
	pattern: digests-*
	merge-multiple: true

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Login to GitHub Container Registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}

	- name: Login to DockerHub
	uses: docker/login-action@v3
	with:
	username: nukib
	password: ${{ secrets.DOCKERHUB_TOKEN }}

	- name: Create manifest list and push
	working-directory: ${{ runner.temp }}/digests
	run: \|
	docker buildx imagetools create --tag ${{ env.REGISTRY_IMAGE }}:latest $(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
	docker buildx imagetools create --tag nukib/misp:latest $(printf 'nukib/misp@sha256:%s ' *)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

extensions: Update simdjson_php #657

Workflow file

extensions: Update simdjson_php #657

Uh oh!

Workflow file for this run