Skip to content

Commit

Permalink
ci: add Super-Linter (#323)
Browse files Browse the repository at this point in the history
  • Loading branch information
dunglas authored Dec 1, 2023
1 parent b675d09 commit c9bf994
Show file tree
Hide file tree
Showing 24 changed files with 897 additions and 770 deletions.
1 change: 0 additions & 1 deletion .github/FUNDING.yml

This file was deleted.

24 changes: 13 additions & 11 deletions .github/workflows/docker.yml → .github/workflows/docker.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
name: Build Docker images
on:
pull_request:
Expand Down Expand Up @@ -31,10 +32,12 @@ jobs:
name: Create variants matrix
id: matrix
run: |
METADATA=$(docker buildx bake --print | jq -c)
echo "metadata=$METADATA" >> "$GITHUB_OUTPUT"
echo "variants=$(jq -c '.group.default.targets|map(sub("runner-|builder-"; ""))|unique' <<< $METADATA)" >> "$GITHUB_OUTPUT"
echo "platforms=$(jq -c 'first(.target[]) | .platforms' <<< $METADATA)" >> "$GITHUB_OUTPUT"
METADATA="$(docker buildx bake --print | jq -c)"
{
echo metadata="$METADATA"
echo variants="$(jq -c '.group.default.targets|map(sub("runner-|builder-"; ""))|unique' <<< "$METADATA")"
echo platforms="$(jq -c 'first(.target[]) | .platforms' <<< "$METADATA")"
} >> "$GITHUB_OUTPUT"
env:
LATEST: '1' # TODO: unset this variable when releasing the first stable version
SHA: ${{github.sha}}
Expand Down Expand Up @@ -107,10 +110,10 @@ jobs:
run: |
mkdir -p /tmp/metadata/builder /tmp/metadata/runner
builderDigest=$(jq -r '."builder-${{matrix.variant}}"."containerimage.digest"' <<< $METADATA)
builderDigest="$(jq -r '."builder-${{matrix.variant}}"."containerimage.digest"' <<< "$METADATA")"
touch "/tmp/metadata/builder/${builderDigest#sha256:}"
runnerDigest=$(jq -r '."runner-${{matrix.variant}}"."containerimage.digest"' <<< $METADATA)
runnerDigest="$(jq -r '."runner-${{matrix.variant}}"."containerimage.digest"' <<< "$METADATA")"
touch "/tmp/metadata/runner/${runnerDigest#sha256:}"
env:
METADATA: ${{steps.build.outputs.metadata}}
Expand Down Expand Up @@ -138,7 +141,7 @@ jobs:
continue-on-error: ${{fromJson(needs.prepare.outputs.push)}}
run: |
docker run --platform=${{matrix.platform}} --rm \
$(jq -r '."builder-${{matrix.variant}}"."containerimage.config.digest"' <<< $METADATA) \
"$(jq -r '."builder-${{matrix.variant}}"."containerimage.config.digest"' <<< "$METADATA")" \
sh -c 'go test ${{matrix.race}} -v ./... && cd caddy && go test ${{matrix.race}} -v ./...'
env:
METADATA: ${{steps.build.outputs.metadata}}
Expand Down Expand Up @@ -176,13 +179,12 @@ jobs:
name: Create manifest list and push
working-directory: /tmp/metadata
run: |
docker buildx imagetools create $(jq -cr '.target."${{matrix.target}}-${{matrix.variant}}".tags | map("-t " + .) | join(" ")' <<< $METADATA) \
$(printf 'dunglas/frankenphp@sha256:%s ' *)
docker buildx imagetools create "$(jq -cr '.target."${{matrix.target}}-${{matrix.variant}}".tags | map("-t " + .) | join(" ")' <<< "$METADATA")" \
"$(printf 'dunglas/frankenphp@sha256:%s ' *)"
env:
METADATA: ${{needs.prepare.outputs.metadata}}
-
name: Inspect image
run: |
docker buildx imagetools inspect $(jq -cr '.target."${{matrix.target}}-${{matrix.variant}}".tags | first' <<< $METADATA)
run: docker buildx imagetools inspect "$(jq -cr '.target."${{matrix.target}}-${{matrix.variant}}".tags | first' <<< "$METADATA")"
env:
METADATA: ${{needs.prepare.outputs.metadata}}
43 changes: 43 additions & 0 deletions .github/workflows/lint.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
---
name: Lint Code Base
on:
pull_request:
branches:
- main
push:
branches:
- main

jobs:
build:
name: Lint Code Base
runs-on: ubuntu-latest

permissions:
contents: read
packages: read
statuses: write

steps:
-
name: Checkout Code
uses: actions/checkout@v4
with:
fetch-depth: 0
-
name: Lint Code Base
uses: super-linter/super-linter@v5
env:
VALIDATE_ALL_CODEBASE: true
DEFAULT_BRANCH: main
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
LINTER_RULES_PATH: /
FILTER_REGEX_EXCLUDE: '.*C-Thread-Pool/.*'
MARKDOWN_CONFIG_FILE: .markdown-lint.yaml
VALIDATE_CPP: false
VALIDATE_JSCPD: false
VALIDATE_GO: false
VALIDATE_PHP_PHPCS: false
VALIDATE_PHP_PHPSTAN: false
VALIDATE_PHP_PSALM: false
VALIDATE_TERRAGRUNT: false
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
name: Build binary releases
on:
pull_request:
Expand Down Expand Up @@ -52,7 +53,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-
name: Copy binary
run: docker cp $(docker create --name static-builder dunglas/frankenphp:static-builder):/go/src/app/dist/frankenphp-linux-x86_64 frankenphp-linux-x86_64 ; docker rm static-builder
run: docker cp "$(docker create --name static-builder dunglas/frankenphp:static-builder):/go/src/app/dist/frankenphp-linux-x86_64" frankenphp-linux-x86_64 ; docker rm static-builder
-
name: Upload asset
if: github.ref_type == 'tag'
Expand Down
6 changes: 6 additions & 0 deletions .github/workflows/tests.yml → .github/workflows/tests.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,4 @@
---
name: Tests
on:
pull_request:
Expand Down Expand Up @@ -52,3 +53,8 @@ jobs:
name: Run Caddy module tests
working-directory: caddy/
run: go test -race -v ./...
-
name: Lint Go code
uses: golangci/golangci-lint-action@v3
with:
version: latest
6 changes: 6 additions & 0 deletions .hadolint.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
---
ignored:
- DL3006
- DL3008
- DL3018
- DL3022
4 changes: 4 additions & 0 deletions .markdown-lint.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
---
no-hard-tabs: false
MD013: false
MD033: false
72 changes: 49 additions & 23 deletions CONTRIBUTING.md
Original file line number Diff line number Diff line change
@@ -1,15 +1,20 @@
# Contributing

## Compiling PHP

### With Docker (Linux)

Build the dev Docker image:

docker build -t frankenphp-dev -f dev.Dockerfile .
docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -p 8080:8080 -p 443:443 -v $PWD:/go/src/app -it frankenphp-dev
```console
docker build -t frankenphp-dev -f dev.Dockerfile .
docker run --cap-add=SYS_PTRACE --security-opt seccomp=unconfined -p 8080:8080 -p 443:443 -v $PWD:/go/src/app -it frankenphp-dev
```

The image contains the usual development tools (Go, GDB, Valgrind, Neovim...).

If docker version is lower than 23.0, build is failed by dockerignore [pattern issue](https://github.com/moby/moby/pull/42676). Add directories to `.dockerignore`.

```patch
!testdata/*.php
!testdata/*.txt
Expand All @@ -24,80 +29,97 @@ If docker version is lower than 23.0, build is failed by dockerignore [pattern i

## Running the test suite

go test -race -v ./...
```console
go test -race -v ./...
```

## Caddy module

Build Caddy with the FrankenPHP Caddy module:

cd caddy/frankenphp/
go build
cd ../../
```console
cd caddy/frankenphp/
go build
cd ../../
```

Run the Caddy with the FrankenPHP Caddy module:

cd testdata/
../caddy/frankenphp/frankenphp run
```console
cd testdata/
../caddy/frankenphp/frankenphp run
```

The server is listening on `127.0.0.1:8080`:

curl -vk https://localhost/phpinfo.php
```console
curl -vk https://localhost/phpinfo.php
```

## Minimal test server

Build the minimal test server:

cd internal/testserver/
go build
cd ../../
```console
cd internal/testserver/
go build
cd ../../
```

Run the test server:

cd testdata/
../internal/testserver/testserver
```console
cd testdata/
../internal/testserver/testserver
```

The server is listening on `127.0.0.1:8080`:

curl -v http://127.0.0.1:8080/phpinfo.php
```console
curl -v http://127.0.0.1:8080/phpinfo.php
```

# Building Docker Images Locally
## Building Docker Images Locally

Print bake plan:

```
```console
docker buildx bake -f docker-bake.hcl --print
```

Build FrankenPHP images for amd64 locally:

```
```console
docker buildx bake -f docker-bake.hcl --pull --load --set "*.platform=linux/amd64"
```

Build FrankenPHP images for arm64 locally:

```
```console
docker buildx bake -f docker-bake.hcl --pull --load --set "*.platform=linux/arm64"
```

Build FrankenPHP images from scratch for arm64 & amd64 and push to Docker Hub:

```
```console
docker buildx bake -f docker-bake.hcl --pull --no-cache --push
```

## Debugging Segmentation Faults in GitHub Actions

1. Open `.github/workflows/tests.yml`
2. Enable PHP debug symbols

```patch
- uses: shivammathur/setup-php@v2
# ...
env:
phpts: ts
+ debug: true
```

3. Enable `tmate` to connect to the container

```patch
-
name: Set CGO flags
Expand All @@ -110,19 +132,24 @@ docker buildx bake -f docker-bake.hcl --pull --no-cache --push
+ -
+ uses: mxschmitt/action-tmate@v3
```

4. Connect to the container
5. Open `frankenphp.go`
6. Enable `cgosymbolizer`

```patch
- //_ "github.com/ianlancetaylor/cgosymbolizer"
+ _ "github.com/ianlancetaylor/cgosymbolizer"
```

7. Download the module: `go get`
8. In the container, you can use GDB and the like:
```sh

```console
go test -c -ldflags=-w
gdb --args ./frankenphp.test -test.run ^MyTest$
```

9. When the bug is fixed, revert all these changes

## Misc Dev Resources
Expand All @@ -142,10 +169,9 @@ docker buildx bake -f docker-bake.hcl --pull --no-cache --push
* [Bake file definition](https://docs.docker.com/build/customize/bake/file-definition/)
* [docker buildx build](https://docs.docker.com/engine/reference/commandline/buildx_build/)


## Useful Command

```
```console
apk add strace util-linux gdb
strace -e 'trace=!futex,epoll_ctl,epoll_pwait,tgkill,rt_sigreturn' -p 1
```
16 changes: 9 additions & 7 deletions Dockerfile
Original file line number Diff line number Diff line change
Expand Up @@ -46,6 +46,7 @@ LABEL org.opencontainers.image.vendor="Kévin Dunglas"
FROM common AS builder

ARG FRANKENPHP_VERSION='dev'
SHELL ["/bin/bash", "-o", "pipefail", "-c"]

COPY --from=golang-base /usr/local/go /usr/local/go

Expand All @@ -71,12 +72,11 @@ WORKDIR /go/src/app
COPY --link go.mod go.sum ./
RUN go mod graph | awk '{if ($1 !~ "@") print $2}' | xargs go get

RUN mkdir caddy && cd caddy
COPY --link caddy/go.mod caddy/go.sum ./caddy/

RUN cd caddy && \
go mod graph | awk '{if ($1 !~ "@") print $2}' | xargs go get
WORKDIR /go/src/app/caddy
COPY --link caddy/go.mod caddy/go.sum ./
RUN go mod graph | awk '{if ($1 !~ "@") print $2}' | xargs go get

WORKDIR /go/src/app
COPY --link *.* ./
COPY --link caddy caddy
COPY --link C-Thread-Pool C-Thread-Pool
Expand All @@ -87,12 +87,14 @@ COPY --link testdata testdata
# see https://github.com/docker-library/php/blob/master/8.2/bookworm/zts/Dockerfile#L57-L59 for PHP values
ENV CGO_LDFLAGS="-lssl -lcrypto -lreadline -largon2 -lcurl -lonig -lz $PHP_LDFLAGS" CGO_CFLAGS="-DFRANKENPHP_VERSION=$FRANKENPHP_VERSION $PHP_CFLAGS" CGO_CPPFLAGS=$PHP_CPPFLAGS

RUN cd caddy/frankenphp && \
GOBIN=/usr/local/bin go install -ldflags "-X 'github.com/caddyserver/caddy/v2.CustomVersion=FrankenPHP $FRANKENPHP_VERSION PHP $PHP_VERSION Caddy'" && \
WORKDIR /go/src/app/caddy/frankenphp
RUN GOBIN=/usr/local/bin go install -ldflags "-X 'github.com/caddyserver/caddy/v2.CustomVersion=FrankenPHP $FRANKENPHP_VERSION PHP $PHP_VERSION Caddy'" && \
setcap cap_net_bind_service=+ep /usr/local/bin/frankenphp && \
cp Caddyfile /etc/caddy/Caddyfile && \
frankenphp version

WORKDIR /go/src/app


FROM common AS runner

Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ FrankenPHP is a modern application server for PHP built on top of the [Caddy](ht

FrankenPHP gives superpowers to your PHP apps thanks to its stunning features: [*Early Hints*](docs/early-hints.md), [worker mode](docs/worker.md), [real-time capabilities](docs/mercure.md), automatic HTTPS, HTTP/2, and HTTP/3 support...

FrankenPHP works with any PHP app and makes your Symfony projects faster than ever thanks to provided integration with the worker mode (Laravel Octane support coming).
FrankenPHP works with any PHP app and makes your Symfony projects faster than ever thanks to the provided integration with the worker mode (Laravel Octane support coming).

FrankenPHP can also be used as a standalone Go library to embed PHP in any app using `net/http`.

Expand Down
Loading

0 comments on commit c9bf994

Please sign in to comment.