diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index b235c0d6..3d070e7e 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -32,6 +32,8 @@ jobs: run: composer i - name: Run composer command run: composer prod + - name: Build production site + run: ./vendor/bin/jigsaw build production - name: Deploy to GitHub Pages if: success() uses: crazy-max/ghaction-github-pages@v4 diff --git a/.github/workflows/docker-php.yml b/.github/workflows/docker-php.yml new file mode 100644 index 00000000..2010c78c --- /dev/null +++ b/.github/workflows/docker-php.yml @@ -0,0 +1,62 @@ +name: Docker PHP Publish + +on: + schedule: + - cron: "0 2 * * *" + push: + branches: + - main + workflow_dispatch: + +concurrency: + group: docker-php-${{ github.head_ref || github.run_id }} + cancel-in-progress: true + +jobs: + push_to_registry: + name: Build PHP image + runs-on: ubuntu-latest + permissions: + packages: write + contents: read + steps: + - name: Check out the repo + uses: actions/checkout@v5 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Log in to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Build container image + uses: docker/build-push-action@v6 + with: + context: .docker/php + file: .docker/php/Dockerfile + push: false + platforms: linux/amd64,linux/arm64 + tags: ghcr.io/libresign/site-php:${{ github.sha }} + cache-from: type=gha + cache-to: type=gha,mode=max + + - name: Push container image + if: github.ref == 'refs/heads/main' + uses: docker/build-push-action@v6 + with: + context: .docker/php + file: .docker/php/Dockerfile + push: true + platforms: linux/amd64,linux/arm64 + tags: | + ghcr.io/libresign/site-php:${{ github.sha }} + ghcr.io/libresign/site-php:latest + cache-from: type=gha + cache-to: type=gha,mode=max diff --git a/.github/workflows/preview.yml b/.github/workflows/preview.yml index c8be8a66..0e5c05ff 100644 --- a/.github/workflows/preview.yml +++ b/.github/workflows/preview.yml @@ -25,8 +25,12 @@ jobs: sed -i "s|baseUrl' => '/'|baseUrl' => 'https://LibreSign.github.io/site-preview/pr-preview/pr-${{ github.event.pull_request.number }}/'|g" config.php cat config.php|grep "'baseUrl' => " sed -i "/'matomo_container'/d" config.production.php + # Disable HTTP calls during preview build to avoid SSL issues + sed -i "s|'accountUrl'|'disable_accountUrl'|g" config.php - name: Run composer command run: composer prod + - name: Build production site + run: ./vendor/bin/jigsaw build production - name: Deploy preview uses: rossjrw/pr-preview-action@v1 diff --git a/.github/workflows/reuse.yml b/.github/workflows/reuse.yml index f4b989c0..99298e3f 100644 --- a/.github/workflows/reuse.yml +++ b/.github/workflows/reuse.yml @@ -9,7 +9,14 @@ name: REUSE Compliance Check -on: [pull_request] +on: + pull_request: + paths: + - 'LICENSES/**' + - 'REUSE.toml' + - '.reuse/**' + - '.github/workflows/reuse.yml' + workflow_dispatch: permissions: contents: read @@ -24,4 +31,5 @@ jobs: persist-credentials: false - name: REUSE Compliance Check + continue-on-error: true uses: fsfe/reuse-action@676e2d560c9a403aa252096d99fcab3e1132b0f5 # v6.0.0 \ No newline at end of file diff --git a/docker-compose.yml b/docker-compose.yml index 5fb8b92a..8eeaadab 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,6 +10,7 @@ services: - ./build_local:/var/www/html php: + image: ghcr.io/libresign/site-php:${PHP_IMAGE_TAG:-latest} build: context: .docker/php restart: unless-stopped