From 8e40e9593bcfab30651ea34a6dd23925f444020f Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Sun, 1 Dec 2024 17:36:55 +0000 Subject: [PATCH 01/15] =?UTF-8?q?=F0=9F=9A=A7=20WIP:=20ci?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-image.yml | 51 ++++++++++++++++++++++++------ 1 file changed, 41 insertions(+), 10 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 05c5970..483b959 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -1,18 +1,49 @@ -name: Docker Image CI +name: Docker CI/CD Pipeline on: push: - branches: [ "master" ] - pull_request: - branches: [ "master" ] + branches: + - main + - develop + tags: + - 'version-*' + schedule: + - cron: '0 0 1 * *' + workflow_dispatch: jobs: - build: - runs-on: ubuntu-latest - + outputs: + image: ${{ steps.docker_build.outputs.image }} steps: - - uses: actions/checkout@v4 - - name: Build the Docker image - run: docker build ./src/ --file ./src/Dockerfile --tag cloudflare-tunnel:$(date +%s) + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + with: + platforms: all + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v2 + + - name: Cache Docker layers + uses: actions/cache@v2 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx- + + - name: Build Docker image + id: docker_build + uses: docker/build-push-action@v3 + with: + context: . + load: true + outputs: type=docker + tags: | + ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest + ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/version-') && 'ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }}' }} + platforms: linux/amd64,linux/arm64 From a9e912c1b116d47f290ed01f015ef7e40e4915f4 Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Sun, 1 Dec 2024 17:50:27 +0000 Subject: [PATCH 02/15] =?UTF-8?q?=F0=9F=9A=A7=20WIP:=20fix=20ci?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-image.yml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index 483b959..fe2a591 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -41,8 +41,7 @@ jobs: uses: docker/build-push-action@v3 with: context: . - load: true - outputs: type=docker + outputs: type=image tags: | ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/version-') && 'ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }}' }} From fc6670dafa1ae9d4cdca1a688f027b2261b4382d Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Sun, 1 Dec 2024 17:53:56 +0000 Subject: [PATCH 03/15] =?UTF-8?q?=F0=9F=9A=A7=20WIP:=20fix=20ci?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-image.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-image.yml index fe2a591..43a881a 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-image.yml @@ -40,7 +40,8 @@ jobs: id: docker_build uses: docker/build-push-action@v3 with: - context: . + context: ./src + file: ./src/Dockerfile outputs: type=image tags: | ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest From 04f6e5069bca857f9e3398d910a84e244d1a714a Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 3 Dec 2024 12:34:21 +0000 Subject: [PATCH 04/15] =?UTF-8?q?=F0=9F=9A=A7=20Optimize=20docker=20build?= =?UTF-8?q?=20ci?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../{docker-image.yml => docker-build.yml} | 31 ++++++++++--------- .github/workflows/docker-ci.yml | 29 +++++++++++++++++ 2 files changed, 46 insertions(+), 14 deletions(-) rename .github/workflows/{docker-image.yml => docker-build.yml} (60%) create mode 100644 .github/workflows/docker-ci.yml diff --git a/.github/workflows/docker-image.yml b/.github/workflows/docker-build.yml similarity index 60% rename from .github/workflows/docker-image.yml rename to .github/workflows/docker-build.yml index 43a881a..f539b0e 100644 --- a/.github/workflows/docker-image.yml +++ b/.github/workflows/docker-build.yml @@ -1,19 +1,21 @@ -name: Docker CI/CD Pipeline +name: Docker Build Workflow on: - push: - branches: - - main - - develop - tags: - - 'version-*' - schedule: - - cron: '0 0 1 * *' - workflow_dispatch: + workflow_call: + inputs: + dockerfile_path: + required: true + type: string + context_path: + required: true + type: string jobs: build: runs-on: ubuntu-latest + strategy: + matrix: + platform: [linux/amd64, linux/arm64] outputs: image: ${{ steps.docker_build.outputs.image }} steps: @@ -34,16 +36,17 @@ jobs: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | + ${{ runner.os }}-buildx-${{ github.event.before }} ${{ runner.os }}-buildx- - name: Build Docker image id: docker_build uses: docker/build-push-action@v3 with: - context: ./src - file: ./src/Dockerfile + context: ${{ inputs.context_path }} + file: ${{ inputs.dockerfile_path }} + platforms: ${{ matrix.platform }} outputs: type=image tags: | ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest - ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/version-') && 'ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }}' }} - platforms: linux/amd64,linux/arm64 + ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.sha }} diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml new file mode 100644 index 0000000..a06b7dc --- /dev/null +++ b/.github/workflows/docker-ci.yml @@ -0,0 +1,29 @@ +name: Docker CI/CD Pipeline + +on: + push: + branches: + - main + - develop + tags: + - 'version-*' + schedule: + - cron: '0 0 1 * *' + workflow_dispatch: + +jobs: + pre-validation: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Lint Dockerfile + run: dockerfile-lint ./src/Dockerfile + + build: + needs: pre-validation + uses: ./.github/workflows/docker-build.yml + with: + dockerfile_path: ./src/Dockerfile + context_path: ./src From 605140fef7b8471440399af0f7399b4416727c67 Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 3 Dec 2024 12:42:17 +0000 Subject: [PATCH 05/15] =?UTF-8?q?=F0=9F=9A=A7=20WIP=20ci...?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-ci.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml index a06b7dc..e3d5627 100644 --- a/.github/workflows/docker-ci.yml +++ b/.github/workflows/docker-ci.yml @@ -12,17 +12,8 @@ on: workflow_dispatch: jobs: - pre-validation: - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v2 - - - name: Lint Dockerfile - run: dockerfile-lint ./src/Dockerfile build: - needs: pre-validation uses: ./.github/workflows/docker-build.yml with: dockerfile_path: ./src/Dockerfile From b24b61ef9578540be894a9bb08aac2cd432f5de7 Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 3 Dec 2024 12:49:42 +0000 Subject: [PATCH 06/15] =?UTF-8?q?=E2=AC=86=EF=B8=8F=20=20Upgrade=20github?= =?UTF-8?q?=20actions?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-build.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index f539b0e..b17306d 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -20,18 +20,18 @@ jobs: image: ${{ steps.docker_build.outputs.image }} steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v4 - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 with: platforms: all - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Cache Docker layers - uses: actions/cache@v2 + uses: actions/cache@v4 with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} @@ -41,7 +41,7 @@ jobs: - name: Build Docker image id: docker_build - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v6 with: context: ${{ inputs.context_path }} file: ${{ inputs.dockerfile_path }} From 97f97c61c42df017dc1ecb7f29051bc6f1208a1c Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 3 Dec 2024 12:57:11 +0000 Subject: [PATCH 07/15] =?UTF-8?q?=F0=9F=91=B7=20Add=20docker=20publish=20t?= =?UTF-8?q?o=20ci?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-ci.yml | 7 +++++ .github/workflows/docker-publish.yml | 43 ++++++++++++++++++++++++++++ 2 files changed, 50 insertions(+) create mode 100644 .github/workflows/docker-publish.yml diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml index e3d5627..ca8d179 100644 --- a/.github/workflows/docker-ci.yml +++ b/.github/workflows/docker-ci.yml @@ -18,3 +18,10 @@ jobs: with: dockerfile_path: ./src/Dockerfile context_path: ./src + + publish: + needs: build + if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/version-') || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }} + uses: ./.github/workflows/docker-publish.yml + with: + image: ${{ needs.build.outputs.image }} diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml new file mode 100644 index 0000000..3f9d80f --- /dev/null +++ b/.github/workflows/docker-publish.yml @@ -0,0 +1,43 @@ +name: Docker Publish Workflow + +on: + workflow_call: + inputs: + image: + required: true + type: string + +jobs: + publish: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + - name: Login to GitHub Container Registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Push Docker image + run: | + echo "${{ inputs.image }}" | docker load + docker push ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest + if [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == refs/tags/version-* ]]; then + docker tag ${{ inputs.image }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} + docker push ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} + fi + + #- name: Sign Docker image + # uses: sigstore/cosign-installer@v3.7.0 + # with: + # cosign-release: 'v2.4.1' + + #- name: Cosign sign + # run: | + # cosign sign --key ${{ secrets.COSIGN_KEY }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest + # if [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == refs/tags/version-* ]]; then + # cosign sign --key ${{ secrets.COSIGN_KEY }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} + # fi \ No newline at end of file From 011fca4470a8653ba6d98b0634b119050351987c Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 3 Dec 2024 13:13:51 +0000 Subject: [PATCH 08/15] =?UTF-8?q?=F0=9F=92=9A=20Fix=20CI=20cacheing?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-build.yml | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index b17306d..cfb9e3f 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -47,6 +47,16 @@ jobs: file: ${{ inputs.dockerfile_path }} platforms: ${{ matrix.platform }} outputs: type=image + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max tags: | ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.sha }} + + # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache From 0d19e7895e9739df8f1b56155a8957d21f8b39e8 Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Wed, 4 Dec 2024 12:13:11 +0000 Subject: [PATCH 09/15] =?UTF-8?q?=F0=9F=92=9A=20Fix=20docker=20image=20pub?= =?UTF-8?q?lish?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-build.yml | 10 +++++++--- .github/workflows/docker-ci.yml | 1 + .github/workflows/docker-publish.yml | 7 +++++-- 3 files changed, 13 insertions(+), 5 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index cfb9e3f..bea7953 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -17,7 +17,7 @@ jobs: matrix: platform: [linux/amd64, linux/arm64] outputs: - image: ${{ steps.docker_build.outputs.image }} + image: ${{ steps.save_image.outputs.image }} steps: - name: Checkout repository uses: actions/checkout@v4 @@ -46,7 +46,7 @@ jobs: context: ${{ inputs.context_path }} file: ${{ inputs.dockerfile_path }} platforms: ${{ matrix.platform }} - outputs: type=image + outputs: type=docker cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max tags: | @@ -59,4 +59,8 @@ jobs: - name: Move cache run: | rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache + + - name: Save Docker image reference + id: save_image + run: echo "image=ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest" >> $GITHUB_OUTPUT diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml index ca8d179..9d5ba59 100644 --- a/.github/workflows/docker-ci.yml +++ b/.github/workflows/docker-ci.yml @@ -25,3 +25,4 @@ jobs: uses: ./.github/workflows/docker-publish.yml with: image: ${{ needs.build.outputs.image }} + \ No newline at end of file diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 3f9d80f..276ee33 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -14,6 +14,10 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 + - name: Load Docker image + run: | + docker pull ${{ inputs.image }} + - name: Login to GitHub Container Registry uses: docker/login-action@v3 with: @@ -23,8 +27,7 @@ jobs: - name: Push Docker image run: | - echo "${{ inputs.image }}" | docker load - docker push ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest + docker push ${{ inputs.image }} if [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == refs/tags/version-* ]]; then docker tag ${{ inputs.image }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} docker push ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} From e4f9d04c75a86b0537c93a3d3a011fe7e05edb3c Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Wed, 4 Dec 2024 12:30:13 +0000 Subject: [PATCH 10/15] =?UTF-8?q?=F0=9F=92=9A=20Fix=20multi=20platform=20b?= =?UTF-8?q?uilds?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-build.yml | 23 +++++++++---------- .github/workflows/docker-ci.yml | 6 ++--- .github/workflows/docker-publish.yml | 33 ++++++++++++++++------------ 3 files changed, 34 insertions(+), 28 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index bea7953..a400129 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -9,15 +9,15 @@ on: context_path: required: true type: string + platforms: + required: true + type: string jobs: build: runs-on: ubuntu-latest - strategy: - matrix: - platform: [linux/amd64, linux/arm64] outputs: - image: ${{ steps.save_image.outputs.image }} + image: ${{ steps.build_image.outputs.image }} steps: - name: Checkout repository uses: actions/checkout@v4 @@ -29,6 +29,11 @@ jobs: - name: Set up Docker Buildx uses: docker/setup-buildx-action@v3 + with: + install: true + + - name: Ensure cache directories + run: mkdir -p /tmp/.buildx-cache /tmp/.buildx-cache-new - name: Cache Docker layers uses: actions/cache@v4 @@ -39,13 +44,13 @@ jobs: ${{ runner.os }}-buildx-${{ github.event.before }} ${{ runner.os }}-buildx- - - name: Build Docker image - id: docker_build + - name: Build and cache Docker image + id: build_image uses: docker/build-push-action@v6 with: context: ${{ inputs.context_path }} file: ${{ inputs.dockerfile_path }} - platforms: ${{ matrix.platform }} + platforms: ${{ inputs.platforms }} outputs: type=docker cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max @@ -60,7 +65,3 @@ jobs: run: | rm -rf /tmp/.buildx-cache mv /tmp/.buildx-cache-new /tmp/.buildx-cache - - - name: Save Docker image reference - id: save_image - run: echo "image=ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest" >> $GITHUB_OUTPUT diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml index 9d5ba59..08ee7ff 100644 --- a/.github/workflows/docker-ci.yml +++ b/.github/workflows/docker-ci.yml @@ -12,17 +12,17 @@ on: workflow_dispatch: jobs: - build: uses: ./.github/workflows/docker-build.yml with: dockerfile_path: ./src/Dockerfile context_path: ./src + platforms: linux/amd64,linux/arm64 publish: needs: build if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/version-') || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }} uses: ./.github/workflows/docker-publish.yml with: - image: ${{ needs.build.outputs.image }} - \ No newline at end of file + platforms: linux/amd64,linux/arm64 + image_name: ghcr.io/${{ github.repository_owner }}/${{ github.repository }} diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 276ee33..d4203ae 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -3,7 +3,10 @@ name: Docker Publish Workflow on: workflow_call: inputs: - image: + platforms: + required: true + type: string + image_name: required: true type: string @@ -14,9 +17,10 @@ jobs: - name: Checkout repository uses: actions/checkout@v4 - - name: Load Docker image - run: | - docker pull ${{ inputs.image }} + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + with: + platforms: all - name: Login to GitHub Container Registry uses: docker/login-action@v3 @@ -25,13 +29,14 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Push Docker image - run: | - docker push ${{ inputs.image }} - if [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == refs/tags/version-* ]]; then - docker tag ${{ inputs.image }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} - docker push ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} - fi + - name: Push multi-platform image + uses: docker/build-push-action@v6 + with: + platforms: ${{ inputs.platforms }} + tags: | + ${{ inputs.image_name }}:latest + ${{ inputs.image_name }}:${{ github.ref_name }} + push: true #- name: Sign Docker image # uses: sigstore/cosign-installer@v3.7.0 @@ -40,7 +45,7 @@ jobs: #- name: Cosign sign # run: | - # cosign sign --key ${{ secrets.COSIGN_KEY }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest + # cosign sign --key ${{ secrets.COSIGN_KEY }} ${{ inputs.image_name }}:latest # if [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == refs/tags/version-* ]]; then - # cosign sign --key ${{ secrets.COSIGN_KEY }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} - # fi \ No newline at end of file + # cosign sign --key ${{ secrets.COSIGN_KEY }} ${{ inputs.image_name }}:${{ github.ref_name }} + # fi From d90759e280b5f250a3f22756efeafdbaafb5a364 Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 17 Dec 2024 10:24:37 +0100 Subject: [PATCH 11/15] =?UTF-8?q?=F0=9F=91=B7=20Switch=20to=20common=20doc?= =?UTF-8?q?ker=20workflow?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-build.yml | 66 --------------------------- .github/workflows/docker-ci.yml | 28 ------------ .github/workflows/docker-image-ci.yml | 31 +++++++++++++ .github/workflows/docker-publish.yml | 46 ------------------- 4 files changed, 31 insertions(+), 140 deletions(-) delete mode 100644 .github/workflows/docker-build.yml delete mode 100644 .github/workflows/docker-ci.yml create mode 100644 .github/workflows/docker-image-ci.yml delete mode 100644 .github/workflows/docker-publish.yml diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml deleted file mode 100644 index bea7953..0000000 --- a/.github/workflows/docker-build.yml +++ /dev/null @@ -1,66 +0,0 @@ -name: Docker Build Workflow - -on: - workflow_call: - inputs: - dockerfile_path: - required: true - type: string - context_path: - required: true - type: string - -jobs: - build: - runs-on: ubuntu-latest - strategy: - matrix: - platform: [linux/amd64, linux/arm64] - outputs: - image: ${{ steps.save_image.outputs.image }} - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - with: - platforms: all - - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - - name: Cache Docker layers - uses: actions/cache@v4 - with: - path: /tmp/.buildx-cache - key: ${{ runner.os }}-buildx-${{ github.sha }} - restore-keys: | - ${{ runner.os }}-buildx-${{ github.event.before }} - ${{ runner.os }}-buildx- - - - name: Build Docker image - id: docker_build - uses: docker/build-push-action@v6 - with: - context: ${{ inputs.context_path }} - file: ${{ inputs.dockerfile_path }} - platforms: ${{ matrix.platform }} - outputs: type=docker - cache-from: type=local,src=/tmp/.buildx-cache - cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max - tags: | - ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest - ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.sha }} - - # Temp fix - # https://github.com/docker/build-push-action/issues/252 - # https://github.com/moby/buildkit/issues/1896 - - name: Move cache - run: | - rm -rf /tmp/.buildx-cache - mv /tmp/.buildx-cache-new /tmp/.buildx-cache - - - name: Save Docker image reference - id: save_image - run: echo "image=ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest" >> $GITHUB_OUTPUT diff --git a/.github/workflows/docker-ci.yml b/.github/workflows/docker-ci.yml deleted file mode 100644 index 9d5ba59..0000000 --- a/.github/workflows/docker-ci.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: Docker CI/CD Pipeline - -on: - push: - branches: - - main - - develop - tags: - - 'version-*' - schedule: - - cron: '0 0 1 * *' - workflow_dispatch: - -jobs: - - build: - uses: ./.github/workflows/docker-build.yml - with: - dockerfile_path: ./src/Dockerfile - context_path: ./src - - publish: - needs: build - if: ${{ github.event_name == 'push' && startsWith(github.ref, 'refs/tags/version-') || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }} - uses: ./.github/workflows/docker-publish.yml - with: - image: ${{ needs.build.outputs.image }} - \ No newline at end of file diff --git a/.github/workflows/docker-image-ci.yml b/.github/workflows/docker-image-ci.yml new file mode 100644 index 0000000..ba2dd07 --- /dev/null +++ b/.github/workflows/docker-image-ci.yml @@ -0,0 +1,31 @@ +name: Example Workflow + +on: + push: + branches: + - main + - develop + tags: + - 'v*' + paths: + - 'src/**' + - '.github/workflows/**' + + pull_request: + branches: + - main + paths: + - 'src/**' + - '.github/workflows/**' + + schedule: + - cron: '0 0 1 * *' + + workflow_dispatch: + +jobs: + build-and-publish: + uses: jonas-merkle/docker-workflow/.github/workflows/build-and-publish-docker-image.yml@v1.0.0 + with: + registry-image: ghcr.io/cloudflare-tunnel + work-dir: ./src diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml deleted file mode 100644 index 276ee33..0000000 --- a/.github/workflows/docker-publish.yml +++ /dev/null @@ -1,46 +0,0 @@ -name: Docker Publish Workflow - -on: - workflow_call: - inputs: - image: - required: true - type: string - -jobs: - publish: - runs-on: ubuntu-latest - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - - name: Load Docker image - run: | - docker pull ${{ inputs.image }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Push Docker image - run: | - docker push ${{ inputs.image }} - if [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == refs/tags/version-* ]]; then - docker tag ${{ inputs.image }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} - docker push ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} - fi - - #- name: Sign Docker image - # uses: sigstore/cosign-installer@v3.7.0 - # with: - # cosign-release: 'v2.4.1' - - #- name: Cosign sign - # run: | - # cosign sign --key ${{ secrets.COSIGN_KEY }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:latest - # if [[ "${{ github.event_name }}" == "push" && "${{ github.ref }}" == refs/tags/version-* ]]; then - # cosign sign --key ${{ secrets.COSIGN_KEY }} ghcr.io/${{ github.repository_owner }}/${{ github.repository }}:${{ github.ref_name }} - # fi \ No newline at end of file From 01189d10f483fd446cbc4ca72b8fed7d03eb3ba0 Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 17 Dec 2024 10:31:02 +0100 Subject: [PATCH 12/15] =?UTF-8?q?=F0=9F=94=A7=20Add=20docker-bake.hcl=20co?= =?UTF-8?q?nfig=20file?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- src/docker-bake.hcl | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 src/docker-bake.hcl diff --git a/src/docker-bake.hcl b/src/docker-bake.hcl new file mode 100644 index 0000000..ac2d095 --- /dev/null +++ b/src/docker-bake.hcl @@ -0,0 +1,32 @@ +variable "DEFAULT_TAG" { + default = "app:local" +} + +// Special target: https://github.com/docker/metadata-action#bake-definition +target "docker-metadata-action" { + tags = ["${DEFAULT_TAG}"] +} + +// Default target if none specified +group "default" { + targets = ["image-local"] +} + +target "image" { + inherits = ["docker-metadata-action"] +} + +target "image-local" { + inherits = ["image"] + output = ["type=docker"] +} + +target "image-all" { + inherits = ["image"] + platforms = [ + "linux/amd64", + "linux/arm/v6", + "linux/arm/v7", + "linux/arm64" + ] +} From 0a50b9b2c09de1724fe80ac200b045a46a1f7069 Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 17 Dec 2024 10:42:54 +0100 Subject: [PATCH 13/15] =?UTF-8?q?=F0=9F=92=9A=20Use=20latest=20version=20o?= =?UTF-8?q?f=20shared=20workflow?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-image-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/docker-image-ci.yml b/.github/workflows/docker-image-ci.yml index ba2dd07..5c2032f 100644 --- a/.github/workflows/docker-image-ci.yml +++ b/.github/workflows/docker-image-ci.yml @@ -25,7 +25,7 @@ on: jobs: build-and-publish: - uses: jonas-merkle/docker-workflow/.github/workflows/build-and-publish-docker-image.yml@v1.0.0 + uses: jonas-merkle/docker-workflow/.github/workflows/build-and-publish-docker-image.yml@main with: registry-image: ghcr.io/cloudflare-tunnel work-dir: ./src From 7828118b6df24ed3e1db6e9d747e87cc328dd718 Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 17 Dec 2024 10:53:46 +0100 Subject: [PATCH 14/15] =?UTF-8?q?=F0=9F=92=9A=20Fix=20image=20plattform=20?= =?UTF-8?q?and=20image=20name?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .github/workflows/docker-image-ci.yml | 6 +++--- src/docker-bake.hcl | 1 - 2 files changed, 3 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker-image-ci.yml b/.github/workflows/docker-image-ci.yml index 5c2032f..cd0a72c 100644 --- a/.github/workflows/docker-image-ci.yml +++ b/.github/workflows/docker-image-ci.yml @@ -9,14 +9,14 @@ on: - 'v*' paths: - 'src/**' - - '.github/workflows/**' + - '.github/workflows/docker-image-ci.yml' pull_request: branches: - main paths: - 'src/**' - - '.github/workflows/**' + - '.github/workflows/docker-image-ci.yml' schedule: - cron: '0 0 1 * *' @@ -27,5 +27,5 @@ jobs: build-and-publish: uses: jonas-merkle/docker-workflow/.github/workflows/build-and-publish-docker-image.yml@main with: - registry-image: ghcr.io/cloudflare-tunnel + registry-image: ghcr.io/${{ github.repository }} work-dir: ./src diff --git a/src/docker-bake.hcl b/src/docker-bake.hcl index ac2d095..d4839ae 100644 --- a/src/docker-bake.hcl +++ b/src/docker-bake.hcl @@ -25,7 +25,6 @@ target "image-all" { inherits = ["image"] platforms = [ "linux/amd64", - "linux/arm/v6", "linux/arm/v7", "linux/arm64" ] From 0f441a0ae199b76fb08d1729d4cf6e6f34ad0221 Mon Sep 17 00:00:00 2001 From: "Jonas Merkle [JJM]" Date: Tue, 17 Dec 2024 11:21:09 +0100 Subject: [PATCH 15/15] =?UTF-8?q?=F0=9F=94=A7=20Update=20docker-compose=20?= =?UTF-8?q?file?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Switch to the custom docker image --- docker-compose.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index c31c368..66f7b75 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -3,7 +3,8 @@ services: # cloudflare tunnel cloudflare-tunnel: - image: cloudflare/cloudflared + image: ghcr.io/jonas-merkle/container-cloudflare-tunnel:main + #image: cloudflare/cloudflared #build: # context: ./src # dockerfile: ./Dockerfile @@ -29,5 +30,5 @@ services: retries: 3 start_period: 10s labels: - # enbale watchtower updates + # enable watchtower updates - "com.centurylinklabs.watchtower.enable=true"