From f3c76ec3f29c1e8fe9b2b8013e7a5fc50829b1a4 Mon Sep 17 00:00:00 2001 From: alexanderM91 Date: Thu, 25 Jun 2026 11:37:03 +0200 Subject: [PATCH 1/4] SC-25005&&SC-25004: Fix CI/CD Slack notifications --- .github/workflows/ci.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6cbafa7b..c9516096 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,6 +2,8 @@ name: CI/CD on: push: + branches-ignore: + - master workflow_call: concurrency: @@ -162,7 +164,8 @@ jobs: "https://api.github.com/repos/${{ github.repository }}/actions/runs/${{ github.run_id }}/jobs") echo "$JOBS_JSON" > jobs-response.json cat jobs-response.json - JOB_ID=$(echo "$JOBS_JSON" | jq -r '.jobs[0].id') + JOB_ID=$(echo "$JOBS_JSON" | jq -r --arg name "${{ matrix.image }}" \ + '.jobs[] | select(.name | contains($name)) | .id') echo "Extracted Job ID: $JOB_ID" echo "::set-output name=job_id::$JOB_ID" From f8115a74bb01f4e304de3f71a6c845f4466bbee9 Mon Sep 17 00:00:00 2001 From: alexanderM91 Date: Thu, 25 Jun 2026 11:44:19 +0200 Subject: [PATCH 2/4] Revert ignore master --- .github/workflows/ci.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c9516096..ed7f4acb 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,8 +2,6 @@ name: CI/CD on: push: - branches-ignore: - - master workflow_call: concurrency: From d33c0ab54326a457a6df900e577aae8e431008e8 Mon Sep 17 00:00:00 2001 From: alexanderM91 Date: Thu, 25 Jun 2026 19:14:35 +0200 Subject: [PATCH 3/4] Fix CI/CD workflow --- .github/workflows/ci.yml | 53 +++++++++++++++++-------- .github/workflows/combined-workflow.yml | 4 ++ debian/bullseye/8.4/Dockerfile | 1 + 3 files changed, 41 insertions(+), 17 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ed7f4acb..503ec7f4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -1,8 +1,16 @@ name: CI/CD on: - push: workflow_call: + inputs: + publish: + description: "Publish images to DockerHub and send the release Slack notification (set by the Combined workflow on master merge)." + type: boolean + default: false + release_sha: + description: "Commit SHA to reference in the notification (the merge commit on master)." + type: string + default: "" concurrency: group: ${{ github.workflow }}-${{ github.ref }} @@ -72,7 +80,11 @@ jobs: run: | IMAGE_TAG="${{ matrix.tags[0] }}" HAS_PREVIOUS=false - if [ "${{ github.ref }}" = "refs/heads/master" ]; then + PUBLISH=false + RELEASE_SHA="${{ inputs.release_sha }}" + if [ -z "$RELEASE_SHA" ]; then RELEASE_SHA="${{ github.sha }}"; fi + if [ "${{ github.ref }}" = "refs/heads/master" ] || [ "${{ inputs.publish }}" = "true" ]; then + PUBLISH=true PREV_COMMIT_HASH=$(git rev-parse HEAD^1) if docker pull "$IMAGE_TAG" >/dev/null 2>&1; then HAS_PREVIOUS=true; fi else @@ -86,6 +98,8 @@ jobs: { echo "PREV_COMMIT_HASH=$PREV_COMMIT_HASH" echo "HAS_PREVIOUS=$HAS_PREVIOUS" + echo "PUBLISH=$PUBLISH" + echo "RELEASE_SHA=$RELEASE_SHA" } >> "$GITHUB_ENV" - name: Set up QEMU @@ -101,7 +115,7 @@ jobs: password: ${{ secrets.DOCKER_PASSWORD }} - name: Re-tag images with previous commit hash - if: ${{ github.ref == 'refs/heads/master' && env.HAS_PREVIOUS == 'true' }} + if: ${{ env.PUBLISH == 'true' && env.HAS_PREVIOUS == 'true' }} run: | PREV_HASH=${{ env.PREV_COMMIT_HASH }} if [ -z "$PREV_HASH" ]; then @@ -121,14 +135,14 @@ jobs: id: docker_build uses: docker/build-push-action@v2 with: - push: ${{ github.ref == 'refs/heads/master' }} - load: ${{ github.ref != 'refs/heads/master' }} + push: ${{ env.PUBLISH == 'true' }} + load: ${{ env.PUBLISH != 'true' }} file: ${{ matrix.image }} tags: ${{ join(matrix.tags) }} - platforms: ${{ github.ref == 'refs/heads/master' && join(matrix.platforms) || 'linux/amd64' }} + platforms: ${{ env.PUBLISH == 'true' && join(matrix.platforms) || 'linux/amd64' }} - name: Pull image for master branch - if: github.ref == 'refs/heads/master' + if: env.PUBLISH == 'true' run: | echo "Pulling image for master branch" docker pull ${{ matrix.tags[0] }} @@ -154,21 +168,26 @@ jobs: - name: Fetch Job ID id: fetch_job_id - if: ${{ github.ref == 'refs/heads/master' && env.FORMATTED_DIFF != '' }} + if: ${{ env.PUBLISH == 'true' && env.FORMATTED_DIFF != '' && steps.docker_build.outcome == 'success' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | JOBS_JSON=$(curl -s -H "Authorization: Bearer $GITHUB_TOKEN" \ - "https://api.github.com/repos/${{ github.repository }}/actions/runs/${{ github.run_id }}/jobs") - echo "$JOBS_JSON" > jobs-response.json - cat jobs-response.json - JOB_ID=$(echo "$JOBS_JSON" | jq -r --arg name "${{ matrix.image }}" \ - '.jobs[] | select(.name | contains($name)) | .id') - echo "Extracted Job ID: $JOB_ID" - echo "::set-output name=job_id::$JOB_ID" + "https://api.github.com/repos/${{ github.repository }}/actions/runs/${{ github.run_id }}/jobs?per_page=100") + JOB=$(echo "$JOBS_JSON" | jq -r --arg name "${{ matrix.image }}" \ + '.jobs[] | select(.name | contains($name))') + JOB_ID=$(echo "$JOB" | jq -r '.id') + MANIFEST_STEP=$(echo "$JOB" | jq -r '.steps[] | select(.name=="Current image report") | .number') + DIFF_STEP=$(echo "$JOB" | jq -r '.steps[] | select(.name=="Run the diff and format output") | .number') + echo "Extracted Job ID: $JOB_ID (manifest step $MANIFEST_STEP, diff step $DIFF_STEP)" + { + echo "job_id=$JOB_ID" + echo "manifest_step=$MANIFEST_STEP" + echo "diff_step=$DIFF_STEP" + } >> "$GITHUB_OUTPUT" - name: Send Slack Notification - if: ${{ github.ref == 'refs/heads/master' && env.FORMATTED_DIFF != '' }} + if: ${{ env.PUBLISH == 'true' && env.FORMATTED_DIFF != '' && steps.docker_build.outcome == 'success' }} uses: slackapi/slack-github-action@v1.24.0 with: payload: | @@ -179,7 +198,7 @@ jobs: "fields": [ { "title": "New version of ${{ matrix.tags[0] }} has been published", - "value": "You can check the:\n- *Manifest*: \n- *Diff*: \n\nThis version was built out of .", + "value": "You can check the:\n- *Manifest*: \n- *Diff*: \n\nThis version was built out of .", "short": false } ] diff --git a/.github/workflows/combined-workflow.yml b/.github/workflows/combined-workflow.yml index 26328988..b344e96f 100644 --- a/.github/workflows/combined-workflow.yml +++ b/.github/workflows/combined-workflow.yml @@ -9,8 +9,12 @@ on: jobs: # Step 1: CI/CD ci-cd: + if: github.event.pull_request.merged == true uses: ./.github/workflows/ci.yml secrets: inherit + with: + publish: true + release_sha: ${{ github.event.pull_request.merge_commit_sha }} # Step 2: Security Scan security-scan: diff --git a/debian/bullseye/8.4/Dockerfile b/debian/bullseye/8.4/Dockerfile index 00a857d8..9010719e 100644 --- a/debian/bullseye/8.4/Dockerfile +++ b/debian/bullseye/8.4/Dockerfile @@ -44,6 +44,7 @@ ARG PHP_BUILD_DEPS="\ libxml2-dev \ libxpm-dev \ libzip-dev \ + libssl-dev \ librabbitmq-dev \ libgrpc-dev \ libprotobuf-dev \ From 2cd9d477d7c78be4268953c714a1e086c6a1952c Mon Sep 17 00:00:00 2001 From: alexanderM91 Date: Fri, 26 Jun 2026 08:44:10 +0200 Subject: [PATCH 4/4] Fix an empty release notes --- .github/workflows/ci.yml | 16 +++++++++++++--- 1 file changed, 13 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 503ec7f4..6a69f339 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -166,9 +166,19 @@ jobs: if: ${{ env.HAS_PREVIOUS == 'true' }} run: bash .github/format-output.sh + - name: Determine change status + id: change_status + if: ${{ env.PUBLISH == 'true' && steps.docker_build.outcome == 'success' }} + run: | + if [ -n "${FORMATTED_DIFF}" ]; then + echo "CHANGE_NOTE=:white_check_mark: Image content changed since the previous release." >> "$GITHUB_ENV" + else + echo "CHANGE_NOTE=:information_source: No content changes detected since the previous release." >> "$GITHUB_ENV" + fi + - name: Fetch Job ID id: fetch_job_id - if: ${{ env.PUBLISH == 'true' && env.FORMATTED_DIFF != '' && steps.docker_build.outcome == 'success' }} + if: ${{ env.PUBLISH == 'true' && steps.docker_build.outcome == 'success' }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} run: | @@ -187,7 +197,7 @@ jobs: } >> "$GITHUB_OUTPUT" - name: Send Slack Notification - if: ${{ env.PUBLISH == 'true' && env.FORMATTED_DIFF != '' && steps.docker_build.outcome == 'success' }} + if: ${{ env.PUBLISH == 'true' && steps.docker_build.outcome == 'success' }} uses: slackapi/slack-github-action@v1.24.0 with: payload: | @@ -198,7 +208,7 @@ jobs: "fields": [ { "title": "New version of ${{ matrix.tags[0] }} has been published", - "value": "You can check the:\n- *Manifest*: \n- *Diff*: \n\nThis version was built out of .", + "value": "${{ env.CHANGE_NOTE }}\n\nYou can check the:\n- *Manifest*: \n- *Diff*: \n\nThis version was built out of .", "short": false } ]