From 93721855bab8664553a56f23a8e7429336a9b2e9 Mon Sep 17 00:00:00 2001
From: Tim Pansino <timpansino@gmail.com>
Date: Tue, 11 Jun 2024 13:51:54 -0700
Subject: [PATCH] Rework PHP to use reusable workflow

---
 .github/workflows/php.yml | 228 ++++++--------------------------------
 src/php/Dockerfile        |   4 +-
 2 files changed, 37 insertions(+), 195 deletions(-)

diff --git a/.github/workflows/php.yml b/.github/workflows/php.yml
index bbc5cdb..e82f0db 100644
--- a/.github/workflows/php.yml
+++ b/.github/workflows/php.yml
@@ -1,210 +1,52 @@
-# Copyright 2024 New Relic, Inc.
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
+# Copyright New Relic, Inc.
+# SPDX-License-Identifier: Apache-2.0
 ---
-name: PHP Agent CI
+
+name: "PHP Init Container CI"
+
+concurrency:
+  group: ${{ github.ref_name || github.ref || github.run_id }}-${{ github.workflow }}
+  cancel-in-progress: true
 
 on:
-  workflow_dispatch:
-    inputs:
-      libc:
-        description: 'C Library'
-        required: true
-        default: 'all'
-        type: choice
-        options:
-          - gnu
-          - musl
-          - all
-      agent_version:
-        description: "PHP Agent Version (empty for latest)"
-        required: false
-        type: string
-        default: ''
   pull_request:
+    paths:
+      - 'src/php/**'
+      - 'tests/php/**'
+      - '.github/workflows/php.yml'
+  push:
+    paths:
+      - 'src/php/**'
+      - 'tests/php/**'
+      - '.github/workflows/php.yml'
     branches:
       - main
+    # Do not run when a tag is created.
+    tags-ignore:
+      - "**"
   release:
     types:
       - published
 
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
-  cancel-in-progress: true
-
-env:
-  K8S_OPERATOR_IMAGE_TAG: edge
-  PHP_AGENT_VERSION: ${{ github.event_name == 'workflow_dispatch' && inputs.agent_version || '' }}
-
-permissions:
-  contents: read
-
 jobs:
-  check-modified-files:
-    name: Check whether any PHP-related files were modified, skip the test job if not
-    uses: ./.github/workflows/check-modified-files.yml
+  test:
+    if: github.event_name != 'release' || (github.event_name == 'release' && endsWith(github.ref, '_php')) # Skip everything if this isn't PHP
+    uses: ./.github/workflows/test.yml
     secrets: inherit
-    permissions:
-      contents: read
     with:
-      agent-language: php
-
-  create-matrix:
-    name: Generate testing matrix
-    needs: check-modified-files
-    if: needs.check-modified-files.outputs.files-changed == 'true' || github.event_name == 'workflow_dispatch' || (github.event == 'release' && endsWith(github.ref_name, '_php'))
-    outputs:
-      RUN_MATRIX_LIBC=${{ steps.set-matrix.outputs.RUN_MATRIX_LIBC }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1
-      - name: Generate run matrix
-        id: set-matrix
-        run: |
-          if [[ 'workflow_dispatch' == '${{ github.event_name }}' && 'all' != '${{ inputs.libc }}']]; then
-            run_matrix_libc="['${{ inputs.libc }}']"
-          else
-            run_matrix_libc="['gnu','musl']"
-          fi
-          echo "RUN_MATRIX_LIBC=$(echo $run_matrix_libc)" >> $GITHUB_OUTPUT
-
-  test:
-    name: Run PHP init container tests
-    runs-on: ubuntu-latest
-    needs: [check-modified-files, create-matrix]
-    if: needs.check-modified-files.outputs.files-changed == 'true' || github.event_name == 'workflow_dispatch' || (github.event == 'release' && endsWith(github.ref_name, '_php'))
-    strategy:
-      matrix:
-        libc: ${{ fromJSON(needs.create-matrix.outputs.RUN_MATRIX_LIBC) }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1
-        with:
-          persist-credentials: false
-          fetch-depth: 0
-
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # 3.3.0
-
-      - name: Start minikube
-        uses: medyagh/setup-minikube@317d92317e473a10540357f1f4b2878b80ee7b95 # 0.0.16
-
-      - name: Deploy cert-manager to minikube
-        run: |
-          helm repo add jetstack https://charts.jetstack.io --force-update
-          helm install cert-manager jetstack/cert-manager \
-              --namespace cert-manager \
-              --create-namespace \
-              --version v1.14.5  \
-              --set installCRDs=true
-          echo "waiting for cert-manager pods to be ready..."
-          sleep 5
-          kubectl wait --for=condition=Ready -n cert-manager --all pods --timeout=60s
-
-      - name: Deploy New Relic k8s-agents-operator to minikube
-        run: |
-          helm repo add k8s-agents-operator https://newrelic.github.io/k8s-agents-operator
-          helm upgrade --install k8s-agents-operator k8s-agents-operator/k8s-agents-operator \
-            --namespace=default \
-            --set=licenseKey=${{ secrets.NEW_RELIC_LICENSE_KEY }} \
-            --set=controllerManager.manager.image.tag=${{ env.K8S_OPERATOR_IMAGE_TAG }} \
-          sleep 5
-          kubectl wait --for=condition=Ready -n default --all pods --timeout=60s
-
-      - name: Build init container for e2e test
-        run: |
-          minikube image build -t e2e/newrelic-php-init:e2e src/php/ \
-            --build-opt=build-arg=VERSION=${{ env.PHP_AGENT_VERSION }} \
-            --build-opt=build-arg=LIBC=${{ matrix.libc }}
-
-      - name: Build test app container
-        run : |
-          minikube image build -t e2e/test-app-php:e2e tests/php/
-
-      - name: Run e2e test
-        uses: newrelic/newrelic-integration-e2e-action@a97ced80a4841c8c6261d1f9dca6706b1d89acb1  # 1.11.0
-        with:
-          retry_seconds: 60
-          retry_attempts: 5
-          agent_enabled: false
-          spec_path: tests/php/test-specs.yml
-          account_id: ${{ secrets.NEW_RELIC_ACCOUNT_ID }}
-          api_key: ${{ secrets.NEW_RELIC_API_KEY }}
-          license_key: ${{ secrets.NEW_RELIC_LICENSE_KEY }}
+      INITCONTAINER_LANGUAGE: php
 
   publish:
-    runs-on: ubuntu-latest
-    if: github.event_name == 'release' && endsWith(github.ref_name, '_php')
-    needs:
-      - test
+    if: github.event_name == 'release' && endsWith(github.ref, '_php') # Skip everything if this isn't PHP
+    needs: test
+    uses: ./.github/workflows/publish.yml
+    secrets: inherit
     strategy:
+      fail-fast: false
       matrix:
-        libc: ['gnu', 'musl']
-    steps:
-      - name: Harden Runner
-        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
-        with:
-          disable-sudo: true
-          egress-policy: audit
-
-      - name: Extract Agent Version from relesae tag
-        id: version
-        run: |
-          agent_version=${{ github.ref_name }}
-          agent_version=${agent_version##v}
-          agent_version=${agent_version%%_php}
-          echo "agent_version=$agent_version" | tee -a "$GITHUB_OUTPUT"
-
-      - name: Checkout code
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # 4.1.1
-        with:
-          persist-credentials: false
-          fetch-depth: 0
-
-      - name: Set up Docker Buildx
-        id: buildx
-        uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # 3.3.0
-
-      - name: Generate Docker metadata (tags and labels)
-        id: meta
-        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # 5.5.1
-        with:
-          images: newrelic/newrelic-php-init
-          tags: |
-            type=raw,value=${{ steps.version.outputs.agent_version }}
-            type=raw,value=latest
-
-      - name: Login to Docker Hub Container Registry
-        uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # 3.1.0
-        with:
-          username: ${{ secrets.DOCKER_USERNAME }}
-          password: ${{ secrets.DOCKER_TOKEN }}
-
-      - name: Build and publish PHP Agent init container images
-        uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # 5.3.0
-        with:
-          push: true
-          context: src/php/
-          platforms: linux/amd64,linux/arm64
-          tags: ${{ steps.meta.outputs.tags }}
-          labels: ${{ steps.meta.outputs.labels }}
-          build-args: |
-            VERSION=${{ steps.version.outputs.agent_version }}
-            LIBC=${{ matrix.libc }}
-
-
-
-
-
-
+        libc: ["glibc", "musl"]
+    with:
+      INITCONTAINER_LANGUAGE: php
+      DOCKER_IMAGE_TAG_SUFFIX: ${{ matrix.libc }}
+      DOCKER_IMAGE_TAG_IS_DEFAULT_SUFFIX: ${{ matrix.libc == 'glibc' }}
+      BUILD_ARGS: LIBC=${{ matrix.libc }}
diff --git a/src/php/Dockerfile b/src/php/Dockerfile
index 6434f12..27346b0 100644
--- a/src/php/Dockerfile
+++ b/src/php/Dockerfile
@@ -4,12 +4,12 @@
 #  - Grant the necessary access to the files in the `/instrumentation` directory.
 FROM alpine:latest as build
 RUN apk update && apk add ca-certificates
-ARG VERSION
+ARG AGENT_VERSION
 ARG LIBC
 WORKDIR /instrumentation
 COPY php-agent-download.sh .
 RUN chmod +x php-agent-download.sh
-RUN ./php-agent-download.sh $LIBC $VERSION
+RUN ./php-agent-download.sh $LIBC $AGENT_VERSION
 RUN rm php-agent-download.sh
 
 FROM busybox