Commit 3cf44f69 authored by Severin Beutler's avatar Severin Beutler
Browse files

refactoring init

parent 330aac06
# define ARGs
ARG ALPINE_VERSION
# select alpine image
FROM alpine:${ALPINE_VERSION}
ARG ALPINE_VERSION
ARG PHP_VERSION
ENV PHP_VERSION $PHP_VERSION
# install build essentials
RUN apk add --no-cache alpine-sdk sudo bash
# add user
RUN adduser -D wwd-build
RUN addgroup wwd-build abuild
RUN echo "wwd-build ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
# RUN echo "http://dl-cdn.alpinelinux.org/alpine/v${ALPINE_VERSION}/main" > /etc/apk/repositories && \
# echo "http://dl-cdn.alpinelinux.org/alpine/v${ALPINE_VERSION}/community" >> /etc/apk/repositories
# RUN echo "http://dl-cdn.alpinelinux.org/alpine/v3.14/main"
# RUN echo "http://dl-cdn.alpinelinux.org/alpine/v${ALPINE_VERSION}/main"
RUN apk add --update-cache \
alpine-sdk \
aports-build \
ncurses \
sudo \
bash \
nano
# RUN git clone https://gitlab.alpinelinux.org/alpine/aports.git
USER wwd-build
RUN echo $PHP_VERSION
ADD ./php${PHP_VERSION} /php${PHP_VERSION}
ADD ./packages /home/wwd-build/packages
RUN sudo chgrp abuild /var/cache/distfiles
RUN sudo chmod g+w /var/cache/distfiles
RUN sudo chgrp abuild /php${PHP_VERSION}
RUN sudo chmod g+w /php${PHP_VERSION}
RUN printf "/home/wwd-build/.abuild/-61289f2a.rsa\n/home/wwd-build/.abuild/-61289f82.rsa" | abuild-keygen -a -i
RUN cd /php${PHP_VERSION} && abuild checksum && abuild -r
ENTRYPOINT ["tail"]
CMD ["-f","/dev/null"]
# syntax version.
version: "3.4"
version: '3'
# volumes.
volumes:
php-alpine-cache-v3.12:
php-alpine-cache-v3.11:
php-alpine-cache-v3.10:
# services.
services:
# sandbox base image
sandbox:
network_mode: host
# enable tty.
tty: true
# build config.
build:
context: "sandbox"
network: host
args:
ALPINE_VERSION: ${ALPINE_VERSION}
APK_MAINTAINER: ${APK_MAINTAINER}
APK_PACKAGER: ${APK_PACKAGER}
# declare volumes and mounting.
volumes:
- "./bin:/opt/php-alpine/bin"
- "./scripts/v${ALPINE_VERSION}:/home/sandbox/scripts"
- "./.abuild:/home/sandbox/.abuild"
- "./repo/v${ALPINE_VERSION}:/home/sandbox/packages"
- "php-alpine-cache-v${ALPINE_VERSION}:/var/cache/apk"
# sandbox for building on alpine edge.
starter-images:
# target image.
image: "codecasts/php-alpine:alpine-v${ALPINE_VERSION}-php-${PHP_VERSION}"
build:
context: "images"
args:
ALPINE_VERSION: ${ALPINE_VERSION}
PHP_VERSION: ${PHP_VERSION}
# sandbox for building on alpine edge.
release-image:
# target image.
image: "codecasts/php-alpine:alpine-v${ALPINE_VERSION}-php-${PHP_VERSION}"
wwd-build:
container_name: wwd-build
build:
dockerfile: release/image/Dockerfile
context: "."
context: ./
dockerfile: Dockerfile
args:
ALPINE_VERSION: ${ALPINE_VERSION}
PHP_VERSION: ${PHP_VERSION}
- ALPINE_VERSION=3.14
- PHP_VERSION=8
# environment:
# - PHP_VERSION=7.4
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Valery Kartel <valery.kartel@gmail.com>
# Bundled libraries
#
# Name | License | Location | State
# ----------+---------------------+------------------------+---------
# bcmath | LGPL-2.1-or-later | ext/bcmath/libbcmath | used
# date | MIT | ext/date/lib | used
# fileinfo | BSD-2-Clause | ext/fileinfo/libmagic | used
# gd | BSD | ext/gd/libgd | used
# hash | CC0-1.0 | ext/hash/sha3 | used
# libmbfl | LGPL-2.1-only | ext/mbstring/libmbfl | used
# pcre | BSD-3-Clause | ext/pcre/pcrelib | not used
# sqlite3 | Public | ext/sqlite3/libsqlite | not used
# libXMLRPC | BSD-3-Clause | ext/xmlrpc/libxmlrpc | used
# libzip | BSD-3-Clause | ext/zip/lib | not used
# Static extensions
#
# Name | Reason
# ----------+--------------------------------------------
# zlib | https://bugs.alpinelinux.org/issues/8299
pkgname=php7
_pkgreal=php
pkgver=7.4.22
pkgrel=2
_apiver=20190902
_suffix=${pkgname#php}
# Is this package the default (latest) PHP version?
_default_php="yes"
pkgdesc="The PHP$_suffix language runtime engine"
url="https://www.php.net/"
arch="all"
license="PHP-3.01 BSD-3-Clause LGPL-2.0-or-later MIT Zend-2.0"
depends="$pkgname-common"
depends_dev="$pkgname=$pkgver-r$pkgrel autoconf pcre2-dev re2c"
# Most dependencies between extensions is auto-discovered (see _extension()).
_depends_mysqlnd="$pkgname-openssl"
_depends_pdo_mysql="$pkgname-pdo $pkgname-mysqlnd"
_depends_phar="$pkgname"
# openssl is actually transitive dependency here, but we need to because of
# load index based on number of dependencies.
_depends_mysqli="$pkgname-mysqlnd $pkgname-openssl"
makedepends="
$depends_dev
apache2-dev
argon2-dev
aspell-dev
bison
bzip2-dev
curl-dev
enchant2-dev
freetds-dev
freetype-dev
gdbm-dev
gettext-dev
gmp-dev
icu-dev
imap-dev
krb5-dev
libedit-dev
libical-dev
libjpeg-turbo-dev
libpng-dev
lmdb-dev
oniguruma-dev
openssl-dev
libsodium-dev
libwebp-dev
libxml2-dev
libxpm-dev
libxslt-dev
libzip-dev
net-snmp-dev
openldap-dev
postgresql-dev
sqlite-dev
tidyhtml-dev
unixodbc-dev
zlib-dev
"
provides="$pkgname-cli php-cli php" # for backward compatibility
provider_priority=100
subpackages="$pkgname-dbg $pkgname-dev $pkgname-doc
$pkgname-phpdbg $pkgname-apache2
$pkgname-embed $pkgname-cgi $pkgname-fpm
$pkgname-pear::noarch
"
source="https://php.net/distributions/$_pkgreal-$pkgver.tar.xz
$pkgname-fpm.initd
$pkgname-fpm.logrotate
$pkgname-module.conf
disabled-tests.list
install-pear.patch
includedir.patch
sharedir.patch
php7-fpm-version-suffix.patch
fix-tests-devserver.patch
enchant-2.patch
"
builddir="$srcdir/$_pkgreal-$pkgver"
_libdir="/usr/lib/$pkgname"
_extension_dir="$_libdir/modules"
_extension_confd="/etc/$pkgname/conf.d"
_extensions="
bcmath
bz2
calendar
ctype
curl
dba
dom
enchant
exif
ffi
fileinfo
ftp
gd
gettext
gmp
iconv
imap
intl
json
ldap
mbstring
mysqli
mysqlnd
odbc
opcache
openssl
pcntl
pdo
pdo_dblib
pdo_mysql
pdo_odbc
pdo_pgsql
pdo_sqlite
pgsql
phar
posix
pspell
session
shmop
simplexml
snmp
soap
sodium
sockets
sqlite3
sysvmsg
sysvsem
sysvshm
tidy
tokenizer
xml
xmlreader
xmlrpc
xmlwriter
xsl
zip
"
for _ext in $_extensions; do
case "$_ext" in
phar) subpackages="$subpackages $pkgname-$_ext:$_ext";;
*) subpackages="$subpackages $pkgname-$_ext:_extension";;
esac
done
subpackages="$subpackages $pkgname-common::noarch"
# secfixes:
# 7.4.21-r0:
# - CVE-2021-21705
# 7.4.15-r0:
# - CVE-2021-21702
# 7.4.14-r0:
# - CVE-2020-7071
# 7.4.11-r0:
# - CVE-2020-7069
# - CVE-2020-7070
# 7.3.18-r0:
# - CVE-2019-11048
# 7.3.17-r0:
# - CVE-2020-7067
# 7.3.16-r0:
# - CVE-2020-7064
# - CVE-2020-7065
# - CVE-2020-7066
# 7.3.15-r0:
# - CVE-2020-7061
# - CVE-2020-7062
# - CVE-2020-7063
# 7.3.14-r0:
# - CVE-2020-7059
# - CVE-2020-7060
# 7.3.13-r0:
# - CVE-2019-11045
# - CVE-2019-11047
# - CVE-2019-11050
# 7.3.11-r0:
# - CVE-2019-11043
# 7.3.9-r0:
# - CVE-2019-13224
# 7.3.8-r0:
# - CVE-2019-11041
# - CVE-2019-11042
# 7.2.19-r0:
# - CVE-2019-11039
# - CVE-2019-11040
# 7.2.18-r0:
# - CVE-2019-11036
# 7.2.17-r0:
# - CVE-2019-11034
# - CVE-2019-11035
# 7.2.16-r0:
# - CVE-2019-9641
# - CVE-2019-9640
# - CVE-2019-9639
# - CVE-2019-9638
# - CVE-2019-9637
# 7.2.14-r0:
# - CVE-2019-9024
# - CVE-2019-9023
# - CVE-2019-9022
# - CVE-2019-9021
# - CVE-2019-9020
# 7.2.13-r0:
# - CVE-2018-20783
# 7.2.8-r0:
# - CVE-2015-9253
# - CVE-2018-12882
# - CVE-2018-12883
# - CVE-2018-14851
# 7.2.5-r0:
# - CVE-2018-5712
# - CVE-2018-10546
# - CVE-2018-10547
# - CVE-2018-10548
# - CVE-2018-10549
prepare() {
default_prepare
local vapi=$(sed -n '/#define PHP_API_VERSION/{s/.* //;p}' main/php.h)
if [ "$vapi" != "$_apiver" ]; then
error "Upstream API version is now $vapi. Expecting $_apiver"
error "After updating _apiver, all 3rd-party extensions must be rebuilt."
return 1
fi
# https://bugs.php.net/63362 - Not needed but installed headers.
# Drop some Windows specific headers to avoid installation,
# before build to ensure they are really not needed.
rm -f TSRM/tsrm_win32.h \
TSRM/tsrm_config.w32.h \
Zend/zend_config.w32.h \
ext/mysqlnd/config-win.h \
ext/standard/winver.h
# Fix some bogus permissions.
find . -name '*.[ch]' -exec chmod 644 {} \;
# XXX: Delete failing tests.
sed -n '/^[^#]/p' "$srcdir"/disabled-tests.list | while read -r item; do
rm -r $item # do it in this way to apply globbing...
done
autoconf
}
# Notes:
# * gd-jis-conv breaks any non-latin font rendering (vakartel).
# * libxml cannot be build as shared.
# * -D_LARGEFILE_SOURCE and -D_FILE_OFFSET_BITS=64 (https://www.php.net/manual/en/intro.filesystem.php andypost)
# * -O2 optimize for apps usage (andypost)
_build() {
local common_flags="-D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64"
export CFLAGS="${CFLAGS/-Os/-O2} $common_flags"
export CXXFLAGS="${CXXFLAGS/-Os/-O2} $common_flags"
local without_pcre_jit
[ "$CARCH" = "s390x" ] && without_pcre_jit="--without-pcre-jit"
EXTENSION_DIR=$_extension_dir ./configure \
--build=$CBUILD \
--host=$CHOST \
--prefix=/usr \
--program-suffix=$_suffix \
--libdir=$_libdir \
--datadir=/usr/share/$pkgname \
--sysconfdir=/etc/$pkgname \
--localstatedir=/var \
--with-layout=GNU \
--with-pic \
--with-pear=/usr/share/$pkgname \
--with-config-file-path=/etc/$pkgname \
--with-config-file-scan-dir=$_extension_confd \
--disable-short-tags \
\
--enable-bcmath=shared \
--with-bz2=shared \
--enable-calendar=shared \
--enable-ctype=shared \
--with-curl=shared \
--enable-dba=shared \
--with-dbmaker=shared \
--with-gdbm \
--with-lmdb \
--enable-dom=shared \
--with-enchant=shared \
--enable-exif=shared \
--with-ffi=shared \
--enable-fileinfo=shared \
--enable-ftp=shared \
--enable-gd=shared \
--with-freetype \
--with-jpeg \
--with-webp \
--with-xpm \
--disable-gd-jis-conv \
--with-gettext=shared \
--with-gmp=shared \
--with-iconv=shared \
--with-imap=shared \
--with-imap-ssl \
--enable-intl=shared \
--enable-json=shared \
--with-ldap=shared \
--with-ldap-sasl \
--with-libedit \
--with-libxml \
--enable-mbstring=shared \
--with-mysqli=shared,mysqlnd \
--with-mysql-sock=/run/mysqld/mysqld.sock \
--enable-mysqlnd=shared \
--enable-opcache=shared \
--with-openssl=shared \
--with-kerberos \
--with-system-ciphers \
--with-password-argon2 \
--enable-pcntl=shared \
--with-external-pcre \
$without_pcre_jit \
--enable-pdo=shared \
--with-pdo-dblib=shared \
--with-pdo-mysql=shared,mysqlnd \
--with-pdo-odbc=shared,unixODBC,/usr \
--with-pdo-pgsql=shared \
--with-pdo-sqlite=shared \
--with-pgsql=shared \
--enable-phar=shared \
--enable-posix=shared \
--with-pspell=shared \
--without-readline \
--enable-session=shared \
--enable-shmop=shared \
--enable-simplexml=shared \
--with-snmp=shared \
--enable-soap=shared \
--with-sodium=shared \
--enable-sockets=shared \
--with-sqlite3=shared \
--enable-sysvmsg=shared \
--enable-sysvsem=shared \
--enable-sysvshm=shared \
--with-tidy=shared \
--enable-tokenizer=shared \
--with-unixODBC=shared,/usr \
--enable-xml=shared \
--enable-xmlreader=shared \
--with-xmlrpc=shared \
--enable-xmlwriter=shared \
--with-xsl=shared \
--with-zip=shared \
--with-zlib \
"$@"
make
}
build() {
# apache2 module
_build --disable-phpdbg \
--disable-cli \
--with-apxs2
mv libs/libphp$_suffix.so sapi/apache2handler/mod_php$_suffix.so
# cgi, cli, fpm, embed, pear
_build --enable-phpdbg \
--enable-phpdbg-webhelper \
--with-pear=/usr/share/$pkgname \
--enable-fpm \
--enable-embed
}
check() {
# PHP is so stupid that it's not able to resolve dependencies
# between extensions and load them in correct order, so we must
# help it...
# opcache is Zend extension, it's handled specially in Makefile
local php_modules=$(_extensions_by_load_order \
| grep -vx opcache \
| xargs -n 1 printf "'$builddir/modules/%s.la' ")
sed -i "/^PHP_TEST_SHARED_EXTENSIONS/,/extension=/ \
s|in \$(PHP_MODULES)\"*|in $php_modules|" Makefile
# XXX: Few tests fail on the named platforms.
# Ignore it for now and continue build even on test failures.
local allow_fail='no'
case "$CARCH" in
x86 | s390x | mips*) allow_fail='yes'
esac
TESTS="${TESTS:- --show-diff}" NO_INTERACTION=1 REPORT_EXIT_STATUS=1 \
SKIP_SLOW_TESTS=1 SKIP_ONLINE_TESTS=1 TEST_TIMEOUT=10 \
TZ='' LANG='' LC_ALL='' \
TRAVIS=true SKIP_IO_CAPTURE_TESTS=1 \
make test || [ "$allow_fail" = yes ]
echo 'NOTE: We have skipped quite a lot tests, see disabled-tests.list.'
}
package() {
make -j1 INSTALL_ROOT="$pkgdir" install
install -Dm644 php.ini-production "$pkgdir"/etc/$pkgname/php.ini
local file; for file in pear peardev pecl; do
sed -i -e "s|/usr/bin/php|/usr/bin/php$_suffix|g" \
-e "s|PHP=php|PHP=php$_suffix|" \
"$pkgdir"/usr/bin/$file
done
find "$pkgdir" -name '.*' -print0 | xargs -0 rm -rf
rmdir "$pkgdir"/var/run
if [ "$_default_php" = yes ]; then
ln -s php$_suffix "$pkgdir"/usr/bin/php
fi
}
dev() {
default_dev
replaces="php-dev"
cd "$pkgdir"
_mv usr/bin/php-config$_suffix \
usr/bin/phpize$_suffix \
"$subpkgdir"/usr/bin/
_mv ./$_libdir/build "$subpkgdir"/$_libdir/
if [ "$_default_php" = yes ]; then
ln -s phpize$_suffix "$subpkgdir"/usr/bin/phpize
ln -s php-config$_suffix "$subpkgdir"/usr/bin/php-config
fi
}
doc() {
default_doc
cd "$builddir"
mkdir -p "$subpkgdir"/usr/share/doc/$pkgname
cp CODING_STANDARDS.md EXTENSIONS LICENSE NEWS \
README* UPGRADING* \
"$subpkgdir"/usr/share/doc/$pkgname/
}
apache2() {
pkgdesc="PHP$_suffix Module for Apache2"
depends="$depends apache2"
provides="php-apache2"
install -D -m 755 "$builddir"/sapi/apache2handler/mod_php$_suffix.so \
"$subpkgdir"/usr/lib/apache2/mod_php$_suffix.so
install -D -m 644 "$srcdir"/php$_suffix-module.conf \
"$subpkgdir"/etc/apache2/conf.d/php$_suffix-module.conf
}
phpdbg() {
pkgdesc="Interactive PHP$_suffix debugger"
provides="php-phpdbg"
amove usr/bin/phpdbg$_suffix
if [ "$_default_php" = yes ]; then
ln -s phpdbg$_suffix "$subpkgdir"/usr/bin/phpdbg
fi
}
embed() {
pkgdesc="PHP$_suffix Embedded Library"
provides="php-embed"
_mv "$pkgdir"/usr/lib/libphp*.so "$subpkgdir"/usr/lib/
}
litespeed() {
pkgdesc="PHP$_suffix LiteSpeed SAPI"
provides="php-lightspeed"
mkdir -p "$subpkgdir"/usr/bin
mv "$pkgdir"/usr/bin/lsphp$_suffix "$subpkgdir"/usr/bin
if [ "$_default_php" = yes ]; then
ln -s lsphp$_suffix "$subpkgdir"/usr/bin/lsphp
fi
}
cgi() {
pkgdesc="PHP$_suffix Common Gateway Interface"
provides="php-cgi"
_mv "$pkgdir"/usr/bin/php-cgi$_suffix "$subpkgdir"/usr/bin/
if [ "$_default_php" = yes ]; then
ln -s php-cgi$_suffix "$subpkgdir"/usr/bin/php-cgi
fi
}
fpm() {