Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enhancement: Add v3.1.0 variants #35

Merged
merged 1 commit into from
Sep 15, 2023
Merged

Enhancement: Add v3.1.0 variants #35

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
126 changes: 123 additions & 3 deletions .github/workflows/ci-master-pr.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -634,6 +634,126 @@ jobs:
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache

build-v3-1-0:
runs-on: ubuntu-latest
env:
VARIANT: v3.1.0
steps:
- name: Checkout
uses: actions/checkout@v3

- name: Display system info (linux)
run: |
set -e
hostname
whoami
cat /etc/*release
lscpu
free
df -h
pwd
docker info
docker version

# See: https://github.com/docker/build-push-action/blob/v2.6.1/docs/advanced/cache.md#github-cache
- name: Set up QEMU
uses: docker/setup-qemu-action@v2

- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2

- name: Cache Docker layers
uses: actions/cache@v3
with:
path: /tmp/.buildx-cache
key: ${{ runner.os }}-buildx-${{ env.VARIANT }}-${{ github.sha }}
restore-keys: |
${{ runner.os }}-buildx-${{ env.VARIANT }}-
${{ runner.os }}-buildx-

# This step generates the docker tags
- name: Prepare
id: prep
run: |
set -e

# Get ref, i.e. <branch_name> from refs/heads/<branch_name>, or <tag-name> from refs/tags/<tag_name>. E.g. 'master' or 'v0.0.0'
REF=$( echo "${GITHUB_REF}" | rev | cut -d '/' -f 1 | rev )

# Get short commit hash E.g. 'abc0123'
SHA=$( echo "${GITHUB_SHA}" | cut -c1-7 )

# Generate docker image tags
# E.g. 'v0.0.0-<variant>' and 'v0.0.0-abc0123-<variant>'
# E.g. 'master-<variant>' and 'master-abc0123-<variant>'
REF_VARIANT="${REF}-${VARIANT}"
REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}"

# Pass variables to next step
echo "VARIANT_BUILD_DIR=$VARIANT_BUILD_DIR" >> $GITHUB_ENV
echo "VARIANT=$VARIANT" >> $GITHUB_ENV
echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_ENV
echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_ENV

- name: Login to Docker Hub registry
# Run on master and tags
if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')
uses: docker/login-action@v2
with:
username: ${{ secrets.DOCKERHUB_REGISTRY_USER }}
password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }}

- name: Build (PRs)
# Run only on pull requests
if: github.event_name == 'pull_request'
uses: docker/build-push-action@v3
with:
context: variants/v3.1.0
platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
push: false
tags: |
${{ github.repository }}:${{ env.REF_VARIANT }}
${{ github.repository }}:${{ env.REF_SHA_VARIANT }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max

- name: Build and push (master)
# Run only on master
if: github.ref == 'refs/heads/master'
uses: docker/build-push-action@v3
with:
context: variants/v3.1.0
platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
push: true
tags: |
${{ github.repository }}:${{ env.REF_VARIANT }}
${{ github.repository }}:${{ env.REF_SHA_VARIANT }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max

- name: Build and push (release)
if: startsWith(github.ref, 'refs/tags/')
uses: docker/build-push-action@v3
with:
context: variants/v3.1.0
platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
push: true
tags: |
${{ github.repository }}:${{ env.VARIANT }}
${{ github.repository }}:${{ env.REF_VARIANT }}
${{ github.repository }}:${{ env.REF_SHA_VARIANT }}
cache-from: type=local,src=/tmp/.buildx-cache
cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max

# Temp fix
# https://github.com/docker/build-push-action/issues/252
# https://github.com/moby/buildkit/issues/1896
- name: Move cache
run: |
rm -rf /tmp/.buildx-cache
mv /tmp/.buildx-cache-new /tmp/.buildx-cache

build-v3-0-8:
runs-on: ubuntu-latest
env:
Expand Down Expand Up @@ -1475,7 +1595,7 @@ jobs:
mv /tmp/.buildx-cache-new /tmp/.buildx-cache

update-draft-release:
needs: [build-v3-1-5, build-v3-1-4, build-v3-1-3, build-v3-1-2, build-v3-1-1, build-v3-0-8, build-v3-0-7, build-v3-0-6, build-v3-0-5, build-v3-0-4, build-v3-0-3, build-v3-0-1]
needs: [build-v3-1-5, build-v3-1-4, build-v3-1-3, build-v3-1-2, build-v3-1-1, build-v3-1-0, build-v3-0-8, build-v3-0-7, build-v3-0-6, build-v3-0-5, build-v3-0-4, build-v3-0-3, build-v3-0-1]
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
steps:
Expand All @@ -1488,7 +1608,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

publish-draft-release:
needs: [build-v3-1-5, build-v3-1-4, build-v3-1-3, build-v3-1-2, build-v3-1-1, build-v3-0-8, build-v3-0-7, build-v3-0-6, build-v3-0-5, build-v3-0-4, build-v3-0-3, build-v3-0-1]
needs: [build-v3-1-5, build-v3-1-4, build-v3-1-3, build-v3-1-2, build-v3-1-1, build-v3-1-0, build-v3-0-8, build-v3-0-7, build-v3-0-6, build-v3-0-5, build-v3-0-4, build-v3-0-3, build-v3-0-1]
if: startsWith(github.ref, 'refs/tags/')
runs-on: ubuntu-latest
steps:
Expand All @@ -1503,7 +1623,7 @@ jobs:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

update-dockerhub-description:
needs: [build-v3-1-5, build-v3-1-4, build-v3-1-3, build-v3-1-2, build-v3-1-1, build-v3-0-8, build-v3-0-7, build-v3-0-6, build-v3-0-5, build-v3-0-4, build-v3-0-3, build-v3-0-1]
needs: [build-v3-1-5, build-v3-1-4, build-v3-1-3, build-v3-1-2, build-v3-1-1, build-v3-1-0, build-v3-0-8, build-v3-0-7, build-v3-0-6, build-v3-0-5, build-v3-0-4, build-v3-0-3, build-v3-0-1]
if: github.ref == 'refs/heads/master'
runs-on: ubuntu-latest
steps:
Expand Down
1 change: 1 addition & 0 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@ The base image is `alpine`.
| `:v3.1.3` | [View](variants/v3.1.3) |
| `:v3.1.2` | [View](variants/v3.1.2) |
| `:v3.1.1` | [View](variants/v3.1.1) |
| `:v3.1.0` | [View](variants/v3.1.0) |
| `:v3.0.8` | [View](variants/v3.0.8) |
| `:v3.0.7` | [View](variants/v3.0.7) |
| `:v3.0.6` | [View](variants/v3.0.6) |
Expand Down
1 change: 1 addition & 0 deletions generate/definitions/versions.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@
"3.1.3",
"3.1.2",
"3.1.1",
"3.1.0",
"3.0.8",
"3.0.7",
"3.0.6",
Expand Down
41 changes: 41 additions & 0 deletions variants/v3.1.0/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
FROM alpine:3.17
ARG TARGETPLATFORM
ARG BUILDPLATFORM
RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM"

RUN apk add --no-cache ca-certificates

# Install easyrsa dependencies
RUN apk add --no-cache iptables openssl

# Install easyrsa
# See: https://github.com/OpenVPN/easy-rsa/tree/master/release-keys
RUN set -eux; \
apk add --no-cache gnupg gpg-agent dirmngr; \
URL=https://github.com/OpenVPN/easy-rsa/releases/download/v3.1.0/EasyRSA-3.1.0.tgz; \
FILE=$( basename $URL ); \
wget -q "$URL"; \
wget -q "$URL.sig"; \
gpg --keyserver keys.openpgp.org --recv-keys 6F4056821152F03B6B24F2FCF8489F839D7367F3; \
gpg --verify "$FILE.sig" "$FILE"; \
mkdir -p /usr/share/easy-rsa; \
tar -zxvf "$FILE" --strip-components=1 -C /usr/share/easy-rsa; \
/usr/share/easy-rsa/easyrsa help; \
rm -fv "$FILE"; \
rm -fv "$FILE.sig"; \
rm -rf /root/.gnupg; \
apk del gnupg gpg-agent dirmngr;

ENV EASYRSA=/usr/share/easy-rsa
WORKDIR /usr/share/easy-rsa

# alpine openssl.cnf location. Use command find / -name 'openssl*.cnf'
# < v3.0.4: https://github.com/OpenVPN/easy-rsa/blob/v3.0.0/easyrsa3/easyrsa#L1032-L1033
# >= v3.0.4:
RUN echo "Looking for openssl.cnf" \
&& find /etc /usr -name 'openssl*.cnf'

COPY docker-entrypoint.sh /docker-entrypoint.sh
RUN chmod +x /docker-entrypoint.sh

ENTRYPOINT ["/docker-entrypoint.sh"]
40 changes: 40 additions & 0 deletions variants/v3.1.0/docker-compose.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,40 @@
version: '2.1'
services:
easyrsa:
container_name: easyrsa
image: theohbrothers/docker-easyrsa:v3.1.0

# Uncomment and configure these environment to your needs. The following are the default values, according to: https://github.com/OpenVPN/easy-rsa/blob/v3.0.8/doc/EasyRSA-Advanced.md#configuration-reference
# Using environment variables is preferred to using a vars file
# Double dollar signs '$$' is to escape a dollar sign in the docker-compose yaml parser, see: https://stackoverflow.com/a/40621373
# environment:
# - EASYRSA_SSL_CONF=/etc/ssl/openssl.cnf
# - EASYRSA=$${0%/*}
# - EASYRSA_OPENSSL=openssl
# - EASYRSA_SSL_CONF=$$EASYRSA/openssl-easyrsa.cnf
# - EASYRSA_PKI=$$PWD/pki
# - EASYRSA_DN=cn_only
# - EASYRSA_REQ_COUNTRY=US
# - EASYRSA_REQ_PROVINCE=California
# - EASYRSA_REQ_CITY=San Francisco
# - EASYRSA_REQ_ORG=Copyleft Certificate Co
# - EASYRSA_REQ_EMAIL=me@example.net
# - EASYRSA_REQ_OU=My Organizational Unit
# - EASYRSA_KEY_SIZE=2048
# - EASYRSA_ALGO=rsa
# - EASYRSA_CURVE=secp384r1
# - EASYRSA_CA_EXPIRE=3650
# - EASYRSA_CERT_EXPIRE=180
# - EASYRSA_CERT_RENEW=30
# - EASYRSA_NS_SUPPORT=no
# - EASYRSA_NS_COMMENT=Easy-RSA Generated Certificate
# - EASYRSA_TEMP_FILE=$$EASYRSA_PKI/extensions.temp
# - EASYRSA_EXT_DIR=$$EASYRSA/x509-types
# - EASYRSA_REQ_CN=ChangeMe
# - EASYRSA_DIGEST=sha256
# - EASYRSA_BATCH=

# Uncomment this to mount your own openssl.cnf, vars file(s)
# volumes:
# - ./path/to/openssl.conf:/etc/ssl/openssl.cnf
# - ./path/to/vars:/etc/ssl/openssl.cnf
20 changes: 20 additions & 0 deletions variants/v3.1.0/docker-entrypoint.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
#!/bin/sh
set -eu

if [ $# -gt 0 ]; then
# Get all subcommands. 'help' is also a subcommand
SUBCOMMANDS=$( ./easyrsa | awk "/^'help'/,/^DIRECTORY/" | grep -vE "^'help'|^DIRECTORY|^\s*$" | awk '{print $1}'; echo help )
if echo "$SUBCOMMANDS" | grep "^$1$"; then
# Generate the command line. easy-rsa man: https://github.com/OpenVPN/easy-rsa/blob/v3.0.0/README.quickstart.md
echo "Generating command line"
set "$EASYRSA/easyrsa" "$@"

# Exec
echo "easyrsa command line: $@"
exec "$@"
fi
else
exec "$EASYRSA/easyrsa" "$@"
fi

exec "$@"