diff options
author | BlackDex <[email protected]> | 2023-03-23 12:30:07 +0100 |
---|---|---|
committer | BlackDex <[email protected]> | 2023-03-23 16:38:27 +0100 |
commit | 467ecfdc999932963f70c06763ba75da5f8ce4d6 (patch) | |
tree | 4cab1f378b67b020755409059adcddbcad6e65b5 /.github | |
parent | 5800aceb2d065a23899d277f91865f1d5b9ef297 (diff) | |
download | vaultwarden-467ecfdc999932963f70c06763ba75da5f8ce4d6.tar.gz vaultwarden-467ecfdc999932963f70c06763ba75da5f8ce4d6.zip |
Add support for Quay.io and GHCR.io as registries
- Added support for Quay.io
- Added support for GHCR.io
To enable support for these container image registries the following needs to be added.
As `Actions secrets and variables` - `Secrets`
- `DOCKERHUB_TOKEN` and `DOCKERHUB_USERNAME`
- `QUAY_TOKEN` and `QUAY_USERNAME`
As `Actions secrets and variables` - `Variables` - `Repository Variables`
- `DOCKERHUB_REPO`
- `GHCR_REPO`
- `QUAY_REPO`
The `DOCKERHUB_REPO` currently configured in `Secrets` can be removed if wanted, probably best after this PR has been merged.
If one of the vars/secrets are not configured it will skip that specific registry!
Diffstat (limited to '.github')
-rw-r--r-- | .github/workflows/build.yml | 6 | ||||
-rw-r--r-- | .github/workflows/hadolint.yml | 2 | ||||
-rw-r--r-- | .github/workflows/release.yml | 150 |
3 files changed, 136 insertions, 22 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 66f0f374..dd51dc05 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,7 +43,7 @@ jobs: steps: # Checkout the repo - name: "Checkout" - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 # End Checkout the repo @@ -71,7 +71,7 @@ jobs: # Only install the clippy and rustfmt components on the default rust-toolchain - name: "Install rust-toolchain version" - uses: dtolnay/rust-toolchain@e12eda571dc9a5ee5d58eecf4738ec291c66f295 # master @ 2023-02-19 - 02:23 GMT+1 + uses: dtolnay/rust-toolchain@fc3253060d0c959bea12a59f10f8391454a0b02d # master @ 2023-03-21 - 06:36 GMT+1 if: ${{ matrix.channel == 'rust-toolchain' }} with: toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}" @@ -81,7 +81,7 @@ jobs: # Install the any other channel to be used for which we do not execute clippy and rustfmt - name: "Install MSRV version" - uses: dtolnay/rust-toolchain@e12eda571dc9a5ee5d58eecf4738ec291c66f295 # master @ 2023-02-19 - 02:23 GMT+1 + uses: dtolnay/rust-toolchain@fc3253060d0c959bea12a59f10f8391454a0b02d # master @ 2023-03-21 - 06:36 GMT+1 if: ${{ matrix.channel != 'rust-toolchain' }} with: toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}" diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml index e0620bf8..5ac35032 100644 --- a/.github/workflows/hadolint.yml +++ b/.github/workflows/hadolint.yml @@ -13,7 +13,7 @@ jobs: steps: # Checkout the repo - name: Checkout - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 # End Checkout the repo diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d01c3cd3..01e966d7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -52,10 +52,19 @@ jobs: # build performance and the ability to copy extended file attributes # (e.g., for executable capabilities) across build phases. DOCKER_BUILDKIT: 1 - # DOCKER_REPO/secrets.DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>' - DOCKER_REPO: ${{ secrets.DOCKERHUB_REPO }} SOURCE_COMMIT: ${{ github.sha }} SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}" + # The *_REPO variables need to be configured as repository variables + # Append `/settings/variables/actions` to your repo url + # DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>' + # Check for Docker hub credentials in secrets + HAVE_DOCKERHUB_LOGIN: ${{ vars.DOCKERHUB_REPO != '' && secrets.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != '' }} + # GHCR_REPO needs to be 'ghcr.io/<user>/<repo>' + # Check for Github credentials in secrets + HAVE_GHCR_LOGIN: ${{ vars.GHCR_REPO != '' && github.repository_owner != '' && secrets.GITHUB_TOKEN != '' }} + # QUAY_REPO needs to be 'quay.io/<user>/<repo>' + # Check for Quay.io credentials in secrets + HAVE_QUAY_LOGIN: ${{ vars.QUAY_REPO != '' && secrets.QUAY_USERNAME != '' && secrets.QUAY_TOKEN != '' }} if: ${{ needs.skip_check.outputs.should_skip != 'true' && github.repository == 'dani-garcia/vaultwarden' }} strategy: matrix: @@ -64,17 +73,10 @@ jobs: steps: # Checkout the repo - name: Checkout - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 with: fetch-depth: 0 - # Login to Docker Hub - - name: Login to Docker Hub - uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - # Determine Docker Tag - name: Init Variables id: vars @@ -88,34 +90,146 @@ jobs: fi # End Determine Docker Tag - - name: Build Debian based images + # Login to Docker Hub + - name: Login to Docker Hub + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + # Login to GitHub Container Registry + - name: Login to GitHub Container Registry + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + if: ${{ env.HAVE_GHCR_LOGIN == 'true' }} + + # Login to Quay.io + - name: Login to Quay.io + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_TOKEN }} + if: ${{ env.HAVE_QUAY_LOGIN == 'true' }} + + # Debian + + # Docker Hub + - name: Build Debian based images (docker.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" + run: | + ./hooks/build + if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + - name: Push Debian based images (docker.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" + run: | + ./hooks/push + if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + # GitHub Container Registry + - name: Build Debian based images (ghcr.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.GHCR_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" + run: | + ./hooks/build + if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }} + + - name: Push Debian based images (ghcr.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.GHCR_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" + run: | + ./hooks/push + if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }} + + # Quay.io + - name: Build Debian based images (quay.io) shell: bash env: + DOCKER_REPO: "${{ vars.QUAY_REPO }}" DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" run: | ./hooks/build - if: ${{ matrix.base_image == 'debian' }} + if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }} - - name: Push Debian based images + - name: Push Debian based images (quay.io) shell: bash env: + DOCKER_REPO: "${{ vars.QUAY_REPO }}" DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" run: | ./hooks/push - if: ${{ matrix.base_image == 'debian' }} + if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }} + + # Alpine + + # Docker Hub + - name: Build Alpine based images (docker.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" + run: | + ./hooks/build + if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + - name: Push Alpine based images (docker.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" + run: | + ./hooks/push + if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + # GitHub Container Registry + - name: Build Alpine based images (ghcr.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.GHCR_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" + run: | + ./hooks/build + if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }} + + - name: Push Alpine based images (ghcr.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.GHCR_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" + run: | + ./hooks/push + if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }} - - name: Build Alpine based images + # Quay.io + - name: Build Alpine based images (quay.io) shell: bash env: + DOCKER_REPO: "${{ vars.QUAY_REPO }}" DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" run: | ./hooks/build - if: ${{ matrix.base_image == 'alpine' }} + if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }} - - name: Push Alpine based images + - name: Push Alpine based images (quay.io) shell: bash env: + DOCKER_REPO: "${{ vars.QUAY_REPO }}" DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" run: | ./hooks/push - if: ${{ matrix.base_image == 'alpine' }} + if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }} |