diff --git a/.github/actions/build-push.yml b/.github/actions/build-push.yml new file mode 100644 index 00000000000..f4bbd2a674c --- /dev/null +++ b/.github/actions/build-push.yml @@ -0,0 +1,120 @@ +name: Build and push OCI images +description: Build and push OCI images with kaniko. Almost drop in replacement for docker/build-push-action +author: shopware +branding: + icon: "anchor" + color: "blue" + +inputs: + build-args: + description: "List of build-time variables" + required: false + context: + description: "Build's context is the set of files located in the specified PATH or URL" + required: false + file: + description: "Path to the Dockerfile" + required: false + labels: + description: "List of metadata for an image" + required: false + no-cache: + description: "Do not use cache when building the image" + required: false + default: "false" + platforms: + description: "List of target platforms for build" + required: false + provenance: + description: "Generate provenance attestation for the build (shorthand for --attest=type=provenance)" + required: false + pull: + description: "Always attempt to pull all referenced images" + required: false + default: "false" + push: + description: "Push is a shorthand for --output=type=registry" + required: false + default: "false" + secrets: + description: "List of secrets to expose to the build (e.g., key=string, GIT_AUTH_TOKEN=mytoken)" + required: false + secret-envs: + description: "List of secret env vars to expose to the build (e.g., key=envname, MY_SECRET=MY_ENV_VAR)" + required: false + secret-files: + description: "List of secret files to expose to the build (e.g., key=filename, MY_SECRET=./secret.txt)" + required: false + tags: + description: "List of tags" + required: false + target: + description: "Sets the target stage to build" + required: false + github-token: + description: "GitHub Token used to authenticate against a repository for Git context" + default: ${{ github.token }} + required: false + + # not supported (yet) + + annotations: + description: "List of annotation to set to the image" + required: false + attests: + description: "List of attestation parameters (e.g., type=sbom,generator=image)" + required: false + add-hosts: + description: "List of a customs host-to-IP mapping (e.g., docker:10.180.0.1)" + required: false + allow: + description: "List of extra privileged entitlement (e.g., network.host,security.insecure)" + required: false + build-contexts: + description: "List of additional build contexts (e.g., name=path)" + required: false + builder: + description: "Builder instance" + required: false + cache-from: + description: "List of external cache sources for buildx (e.g., user/app:cache, type=local,src=path/to/dir)" + required: false + cache-to: + description: "List of cache export destinations for buildx (e.g., user/app:cache, type=local,dest=path/to/dir)" + required: false + cgroup-parent: + description: "Optional parent cgroup for the container used in the build" + required: false + network: + description: "Set the networking mode for the RUN instructions during build" + required: false + no-cache-filters: + description: "Do not cache specified stages" + required: false + load: + description: "Load is a shorthand for --output=type=docker" + required: false + default: "false" + outputs: + description: "List of output destinations (format: type=local,dest=path)" + required: false + sbom: + description: "Generate SBOM attestation for the build (shorthand for --attest=type=sbom)" + required: false + shm-size: + description: "Size of /dev/shm (e.g., 2g)" + required: false + ssh: + description: "List of SSH agent socket or keys to expose to the build" + required: false + ulimit: + description: "Ulimit options (e.g., nofile=1024:1024)" + required: false + +outputs: + imageid: + description: "Image ID" + digest: + description: "Image digest" + metadata: + description: "Build result metadata" diff --git a/.github/split.bash b/.github/split.bash new file mode 100755 index 00000000000..ca583972df6 --- /dev/null +++ b/.github/split.bash @@ -0,0 +1,16 @@ +#!/usr/bin/env bash + +source "$(dirname ${BASH_SOURCE[0]})/../.gitlab/bin/split.sh" + +if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then + set -o errexit + set -o pipefail + + if [ -n "${DEBUG:-}" ]; then + set -x + fi + + PLATFORM_DIR="${CI_PROJECT_DIR:-$(pwd)}" + + "$@" +fi \ No newline at end of file diff --git a/.github/workflows/02-acceptance.yml b/.github/workflows/02-acceptance.yml index 4b61251881c..2662946c94f 100644 --- a/.github/workflows/02-acceptance.yml +++ b/.github/workflows/02-acceptance.yml @@ -3,6 +3,7 @@ on: push: branches: [ trunk ] pull_request: + workflow_dispatch: permissions: packages: write @@ -31,6 +32,7 @@ jobs: with: php-version: 8.2 coverage: none + extensions: gd, xml, dom, curl, pdo, mysqli, mbstring, pdo_mysql, bcmath - uses: actions/setup-node@v4 with: node-version: 20 diff --git a/.github/workflows/05-prepare-release.yml b/.github/workflows/05-prepare-release.yml new file mode 100644 index 00000000000..174075ca69f --- /dev/null +++ b/.github/workflows/05-prepare-release.yml @@ -0,0 +1,80 @@ +name: Prepare release + +on: + workflow_dispatch: + pull_request: + +jobs: + build: + runs-on: ubuntu-latest + # if: github.repository == 'shopware/shopware' + # container: + # image: ghcr.io/catthehacker/ubuntu:act-22.04 + env: + SHOPWARE_ADMIN_SKIP_SOURCEMAP_GENERATION: "1" + DATABASE_URL: mysql://root:root@127.0.0.1:3306/root + services: + database: + image: mysql:8.0 + env: + MYSQL_ROOT_PASSWORD: root + MYSQL_DATABASE: root + options: '--mount="type=tmpfs,destination=/var/lib/mysql" --health-cmd="mysqladmin ping -h 127.0.0.1" --health-interval=5s --health-timeout=2s --health-retries=3' + ports: + - "3306:3306" + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: '0' + fetch-tags: 'true' + - name: Setup PHP + uses: shivammathur/setup-php@v2 + with: + php-version: 8.2 + coverage: none + extensions: gd, xml, dom, curl, pdo, mysqli, mbstring, pdo_mysql, bcmath + - uses: actions/setup-node@v4 + with: + node-version: 20 + - name: build shopware + run: | + composer setup + - uses: actions/upload-artifact@v4 + with: + name: context + path: | + . + !public + !**/node_modules + !vendor + !vendor-bin + + split: + needs: build + runs-on: ubuntu-latest + strategy: + matrix: + package: [ Administration, Storefront, Core, Elasticsearch ] + steps: + - uses: actions/download-artifact@v4 + with: + name: context + - name: debug platform + run: | + git log -n 10 + - name: split + run: | + bash .github/split.bash split_repo "${{ matrix.package }}" + - name: debug 1 + run: | + P=${{ matrix.package }} + git -C repos/${P@L} log -n 10 + - name: Incldue assets + run: | + bash .gitlab/bin/split.sh include_assets "${{ matrix.package }}" + +# split into packages +# build js apps +# push split packages + diff --git a/.gitlab/bin/split.sh b/.gitlab/bin/split.sh index 13e51be01b5..2ecc835cb1f 100755 --- a/.gitlab/bin/split.sh +++ b/.gitlab/bin/split.sh @@ -1,11 +1,4 @@ #!/usr/bin/env sh -set -eu - -if [ -n "${DEBUG:-}" ]; then - set -x -fi - -PLATFORM_DIR="${CI_PROJECT_DIR:-$(pwd)}" # Transforms input into lowercase-only. # @@ -183,4 +176,33 @@ push() { fi } -"$@" +include_assets() { + local package="$1" + + if [[ ${package@L} == "administration" || ${package@L} == "storefront" ]]; then + copy_assets $package + fi + + check_assets + + if [[ ${package@L} == "administration" ]]; then + include_admin_assets + fi + + if [[ ${package@L} == "storefront" ]]; then + include_storefront_assets + fi +} + +if [[ "${BASH_SOURCE[0]}" == "${0}" ]]; then + set -o errexit + set -o pipefail + + if [ -n "${DEBUG:-}" ]; then + set -x + fi + + PLATFORM_DIR="${CI_PROJECT_DIR:-$(pwd)}" + + "$@" +fi