zishuo/frankenphp
1
0
Fork 0
mirror of https://github.com/dunglas/frankenphp.git synced 2025-09-27 03:45:59 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
refactor/php-cli
frankenphp/static-builder-gnu.Dockerfile
Kévin Dunglas 6e120283e9 chore: add support for GITHUB_TOKEN in static-builder-gnu
2025-07-17 16:52:54 +02:00

168 lines
5.0 KiB
Docker
Raw Permalink Blame History

# syntax=docker/dockerfile:1
#checkov:skip=CKV_DOCKER_2
#checkov:skip=CKV_DOCKER_3
FROM centos:7
ARG FRANKENPHP_VERSION=''
ENV FRANKENPHP_VERSION=${FRANKENPHP_VERSION}
ARG BUILD_PACKAGES=''
ARG PHP_VERSION=''
ENV PHP_VERSION=${PHP_VERSION}
# args passed to static-php-cli
ARG PHP_EXTENSIONS=''
ARG PHP_EXTENSION_LIBS=''
# args passed to xcaddy
ARG XCADDY_ARGS=''
ARG CLEAN=''
ARG EMBED=''
ARG DEBUG_SYMBOLS=''
ARG MIMALLOC=''
ARG NO_COMPRESS=''
# Go
ARG GO_VERSION
ENV GOTOOLCHAIN=local
SHELL ["/bin/bash", "-o", "pipefail", "-c"]
# labels, same as static-builder.Dockerfile
LABEL org.opencontainers.image.title=FrankenPHP
LABEL org.opencontainers.image.description="The modern PHP app server"
LABEL org.opencontainers.image.url=https://frankenphp.dev
LABEL org.opencontainers.image.source=https://github.com/php/frankenphp
LABEL org.opencontainers.image.licenses=MIT
LABEL org.opencontainers.image.vendor="Kévin Dunglas"
# yum update
RUN sed -i 's/mirror.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo && \
sed -i 's/^#.*baseurl=http/baseurl=http/g' /etc/yum.repos.d/*.repo && \
sed -i 's/^mirrorlist=http/#mirrorlist=http/g' /etc/yum.repos.d/*.repo && \
yum clean all && \
yum makecache && \
yum update -y && \
yum install -y centos-release-scl
# different arch for different scl repo
RUN if [ "$(uname -m)" = "aarch64" ]; then \
sed -i 's|mirror.centos.org/centos|vault.centos.org/altarch|g' /etc/yum.repos.d/CentOS-SCLo-scl-rh.repo ; \
sed -i 's|mirror.centos.org/centos|vault.centos.org/altarch|g' /etc/yum.repos.d/CentOS-SCLo-scl.repo ; \
sed -i 's/^#.*baseurl=http/baseurl=http/g' /etc/yum.repos.d/*.repo ; \
sed -i 's/^mirrorlist=http/#mirrorlist=http/g' /etc/yum.repos.d/*.repo ; \
else \
sed -i 's/mirror.centos.org/vault.centos.org/g' /etc/yum.repos.d/*.repo ; \
sed -i 's/^#.*baseurl=http/baseurl=http/g' /etc/yum.repos.d/*.repo ; \
sed -i 's/^mirrorlist=http/#mirrorlist=http/g' /etc/yum.repos.d/*.repo ; \
fi; \
yum update -y && \
yum install -y devtoolset-10-gcc-* && \
echo "source scl_source enable devtoolset-10" >> /etc/bashrc && \
source /etc/bashrc
# install newer cmake to build some newer libs
RUN curl -o cmake.tar.gz -fsSL https://github.com/Kitware/CMake/releases/download/v3.31.4/cmake-3.31.4-linux-$(uname -m).tar.gz && \
mkdir /cmake && \
tar -xzf cmake.tar.gz -C /cmake --strip-components 1 && \
rm cmake.tar.gz
# install build essentials
RUN yum install -y \
perl \
make \
bison \
flex \
git \
autoconf \
automake \
tar \
unzip \
gzip \
gcc \
bzip2 \
patch \
xz \
libtool \
perl-IPC-Cmd ; \
curl -o make.tar.gz -fsSL https://ftp.gnu.org/gnu/make/make-4.4.tar.gz && \
tar -zxvf make.tar.gz && \
cd make-* && \
./configure && \
make && \
make install && \
ln -sf /usr/local/bin/make /usr/bin/make && \
cd .. && \
rm -Rf make* && \
if [ "$(uname -m)" = "aarch64" ]; then \
GO_ARCH="arm64" ; \
else \
GO_ARCH="amd64" ; \
fi; \
curl -o /usr/local/bin/jq -fsSL https://github.com/jqlang/jq/releases/download/jq-1.7.1/jq-linux-${GO_ARCH} && \
chmod +x /usr/local/bin/jq && \
curl -o go.tar.gz -fsSL https://go.dev/dl/$(curl -fsS https://go.dev/dl/?mode=json | jq -r "first(first(.[] | select(.stable and (.version | startswith(\"go${GO_VERSION}\")))).files[] | select(.os == \"linux\" and (.kind == \"archive\") and (.arch == \"${GO_ARCH}\"))).filename") && \
rm -rf /usr/local/go && \
tar -C /usr/local -xzf go.tar.gz && \
rm go.tar.gz && \
/usr/local/go/bin/go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
ENV PATH="/opt/rh/devtoolset-10/root/usr/bin:/cmake/bin:/usr/local/go/bin:$PATH"
# Apply GNU mode
ENV SPC_DEFAULT_C_FLAGS='-fPIE -fPIC -O3'
ENV SPC_LIBC='glibc'
ENV SPC_CMD_VAR_PHP_MAKE_EXTRA_LDFLAGS_PROGRAM='-Wl,-O3 -pie'
ENV SPC_CMD_VAR_PHP_MAKE_EXTRA_LIBS='-ldl -lpthread -lm -lresolv -lutil -lrt'
ENV SPC_OPT_BUILD_ARGS='--with-config-file-path=/etc/frankenphp --with-config-file-scan-dir=/etc/frankenphp/php.d'
ENV SPC_REL_TYPE='binary'
ENV EXTENSION_DIR='/usr/lib/frankenphp/modules'
# not sure if this is needed
ENV COMPOSER_ALLOW_SUPERUSER=1
# install tools to build packages, if requested - needs gcc 10
RUN if [ -n "${BUILD_PACKAGES}" ]; then \
yum install -y \
bzip2 \
libffi-devel \
libyaml \
libyaml-devel \
make \
openssl-devel \
rpm-build \
sudo \
zlib-devel && \
curl -o ruby.tar.gz -fsSL https://cache.ruby-lang.org/pub/ruby/3.4/ruby-3.4.4.tar.gz && \
tar -xzf ruby.tar.gz && \
cd ruby-* && \
./configure --without-baseruby && \
make && \
make install && \
cd .. && \
rm -rf ruby* && \
gem install fpm; \
fi
WORKDIR /go/src/app
COPY go.mod go.sum ./
RUN go mod download
WORKDIR /go/src/app/caddy
COPY caddy/go.mod caddy/go.sum ./
RUN go mod download
WORKDIR /go/src/app
COPY --link *.* ./
COPY --link caddy caddy
COPY --link internal internal
COPY --link package package
RUN --mount=type=secret,id=github-token \
GITHUB_TOKEN=$(cat /run/secrets/github-token) ./build-static.sh && \
if [ -n "${BUILD_PACKAGES}" ]; then \
./build-packages.sh; \
fi; \
rm -Rf dist/static-php-cli/source/*
Reference in New Issue View Git Blame Copy Permalink