From c7994f5228bd27e4c2be7f2f12566dadec19f2de Mon Sep 17 00:00:00 2001
From: "Eloy Lafuente (stronk7)" <stronk7@moodle.org>
Date: Thu, 5 Aug 2021 15:22:46 +0200
Subject: [PATCH] First cut to moodle-php-apache multiarch builder

First attempt to switch the automated building of moodle-php-apache
images from DockerHub to GHA. Main reason being that the former doesn't
support multiarch builds (only multiarch storage).

Link: https://github.com/docker/hub-feedback/issues/1874

Experimentally we'll be, also, sending the images to both DockerHub
and GitHub registries in case we need to switch some day.

This requires:

1. Some secrets to be created:
  - DOCKERHUB_USERNAME
  - DOCKERHUB_TOKEN (write perms)
  - DOCKERHUB_PASSWORD, grrr, descriptions cannot be updated using PATs,
    see https://github.com/peter-evans/dockerhub-description/issues/10
  - GH_USERNAME
2. Autobuilds @ DockerHub to be disabled (this takes exactly on them)

Remove old dockerhub hook, because now GHA is in charge of tagging.
---
 .github/workflows/buildx_and_publish.yml | 78 ++++++++++++++++++++++++
 README.md                                | 16 ++---
 hooks/post_push                          | 15 -----
 3 files changed, 87 insertions(+), 22 deletions(-)
 create mode 100644 .github/workflows/buildx_and_publish.yml
 delete mode 100644 hooks/post_push

diff --git a/.github/workflows/buildx_and_publish.yml b/.github/workflows/buildx_and_publish.yml
new file mode 100644
index 0000000..be7185d
--- /dev/null
+++ b/.github/workflows/buildx_and_publish.yml
@@ -0,0 +1,78 @@
+name: Docker multiarch publish
+
+on: push
+
+env:
+  REPOSITORY: moodle-php-apache
+  DOCKERHUB_OWNER: moodlehq
+  GH_OWNER: moodlehq
+
+jobs:
+  Build:
+    # Completely avoid forks to try this workflow.
+    if: github.repository_owner == 'moodlehq'
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v2
+
+      # Calculate the tags to be pussed to the registries.
+      - name: Calculate image tag names
+        id: calculatetags
+        uses: docker/metadata-action@v3
+        with:
+          images: |
+            ${{ env.DOCKERHUB_OWNER }}/${{ env.REPOSITORY }}
+            ghcr.io/${{ env.GH_OWNER }}/${{ env.REPOSITORY }}
+          flavor: |
+            latest=false
+          tags: |
+            type=raw,value={{branch}}
+            type=match,pattern=(\d+.\d+),value={{branch}}
+
+      # https://github.com/docker/setup-qemu-action#usage
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v1
+
+      # https://github.com/marketplace/actions/docker-setup-buildx
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v1
+
+      # https://github.com/docker/login-action#docker-hub
+      - name: Login to Docker Hub
+        uses: docker/login-action@v1
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+
+      # https://github.com/docker/login-action#github-container-registry
+      - name: Login to GitHub Container Registry
+        uses: docker/login-action@v1
+        with:
+          registry: ghcr.io
+          username: ${{ secrets.GH_USERNAME }}
+          password: ${{ secrets.GITHUB_TOKEN }}
+
+      # https://github.com/docker/build-push-action#multi-platform-image
+      - name: Build and push to Docker Hub and Github registries
+        uses: docker/build-push-action@v2
+        with:
+          context: .
+          file: Dockerfile
+          platforms: linux/amd64,linux/arm64
+          push: true
+          tags: ${{ steps.calculatetags.outputs.tags }}
+
+      # https://github.com/peter-evans/dockerhub-description
+      # It's horrible that we need to use password here instead of PAT, because
+      # that's only available via CLI what defeats 2FA. Anyway, we need to
+      # auto-update de description, so using it (till available via PAT).
+      # Link: https://github.com/peter-evans/dockerhub-description/issues/10
+      # Note that we only update the description with the master branch version.
+      - name: Set Docker Hub description from README.md
+        if: github.ref == 'refs/heads/master'
+        uses: peter-evans/dockerhub-description@v2
+        with:
+          username: ${{ secrets.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_PASSWORD }}
+          repository: ${{ env.DOCKERHUB_OWNER }}/${{ env.REPOSITORY }}
diff --git a/README.md b/README.md
index bdcb182..98b30f9 100644
--- a/README.md
+++ b/README.md
@@ -10,29 +10,31 @@ A Moodle PHP environment configured for Moodle development based on [Official PH
 
 For a complete list of supported versions, look to the [master README](https://github.com/moodlehq/moodle-php-apache/tree/master).
 
-# Example usage
+## Example usage
 The following command will expose the current working directory on port 8080:
 ```bash
 $ docker run --name web0 -p 8080:80  -v $PWD:/var/www/html moodlehq/moodle-php-apache:7.1
 ```
 
-# Features
-
+## Features
 * Preconfigured with all php extensions required for Moodle development and all database drivers
 * Serves wwroot configured at /var/www/html/
-* Verified by [automated tests](https://travis-ci.com/moodlehq/moodle-php-apache)
-
-# Directories
+* For PHP 7.3 and up, both `linux/amd64` and `linux/arm64` images are being built. Note that `linux/arm64` doesn't support the sqlsrv and oci extensions yet. Other than that, both architectures work exactly the same.
+* Verified by [automated tests](https://travis-ci.com/moodlehq/moodle-php-apache).
+* Autobuilt from GHA, on push.
 
+## Directories
 To faciliate testing and easy setup the following directories are created and owned by www-data by default:
+
 * `/var/www/moodledata`
 * `/var/www/phpunitdata`
 * `/var/www/behatdata`
 * `/var/www/behatfaildumps`
 
 
-# See also
+## See also
 This container is part of a set of containers for Moodle development, see also:
+
 * [moodle-docker](https://github.com/moodlehq/moodle-docker) a docker-composer based set of tools to get Moodle development running with zero configuration
 * [moodle-db-mssql](https://github.com/moodlehq/moodle-db-mssql) Microsoft SQL Server for Linux configured for Moodle development
 * [moodle-db-oracle](https://github.com/moodlehq/moodle-db-oracle) Oracle XE configured for Moodle development
diff --git a/hooks/post_push b/hooks/post_push
deleted file mode 100644
index 332fe40..0000000
--- a/hooks/post_push
+++ /dev/null
@@ -1,15 +0,0 @@
-#!/bin/bash
-
-set -e
-
-# A space-separated list of additional tags to place on this image.
-additionalTags=(8.0)
-
-# Tag and push image for each additional tag
-for tag in ${additionalTags[@]}; do
-    echo "Tagging {$IMAGE_NAME} as ${DOCKER_REPO}:${tag}"
-    docker tag $IMAGE_NAME ${DOCKER_REPO}:${tag}
-
-    echo "Pushing ${DOCKER_REPO}:${tag}"
-    docker push ${DOCKER_REPO}:${tag}
-done