aboutsummaryrefslogtreecommitdiff
path: root/.github
diff options
context:
space:
mode:
authorBlackDex <[email protected]>2023-03-23 12:30:07 +0100
committerBlackDex <[email protected]>2023-03-23 16:38:27 +0100
commit467ecfdc999932963f70c06763ba75da5f8ce4d6 (patch)
tree4cab1f378b67b020755409059adcddbcad6e65b5 /.github
parent5800aceb2d065a23899d277f91865f1d5b9ef297 (diff)
downloadvaultwarden-467ecfdc999932963f70c06763ba75da5f8ce4d6.tar.gz
vaultwarden-467ecfdc999932963f70c06763ba75da5f8ce4d6.zip
Add support for Quay.io and GHCR.io as registries
- Added support for Quay.io - Added support for GHCR.io To enable support for these container image registries the following needs to be added. As `Actions secrets and variables` - `Secrets` - `DOCKERHUB_TOKEN` and `DOCKERHUB_USERNAME` - `QUAY_TOKEN` and `QUAY_USERNAME` As `Actions secrets and variables` - `Variables` - `Repository Variables` - `DOCKERHUB_REPO` - `GHCR_REPO` - `QUAY_REPO` The `DOCKERHUB_REPO` currently configured in `Secrets` can be removed if wanted, probably best after this PR has been merged. If one of the vars/secrets are not configured it will skip that specific registry!
Diffstat (limited to '.github')
-rw-r--r--.github/workflows/build.yml6
-rw-r--r--.github/workflows/hadolint.yml2
-rw-r--r--.github/workflows/release.yml150
3 files changed, 136 insertions, 22 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 66f0f374..dd51dc05 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -43,7 +43,7 @@ jobs:
steps:
# Checkout the repo
- name: "Checkout"
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+ uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
# End Checkout the repo
@@ -71,7 +71,7 @@ jobs:
# Only install the clippy and rustfmt components on the default rust-toolchain
- name: "Install rust-toolchain version"
- uses: dtolnay/rust-toolchain@e12eda571dc9a5ee5d58eecf4738ec291c66f295 # master @ 2023-02-19 - 02:23 GMT+1
+ uses: dtolnay/rust-toolchain@fc3253060d0c959bea12a59f10f8391454a0b02d # master @ 2023-03-21 - 06:36 GMT+1
if: ${{ matrix.channel == 'rust-toolchain' }}
with:
toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}"
@@ -81,7 +81,7 @@ jobs:
# Install the any other channel to be used for which we do not execute clippy and rustfmt
- name: "Install MSRV version"
- uses: dtolnay/rust-toolchain@e12eda571dc9a5ee5d58eecf4738ec291c66f295 # master @ 2023-02-19 - 02:23 GMT+1
+ uses: dtolnay/rust-toolchain@fc3253060d0c959bea12a59f10f8391454a0b02d # master @ 2023-03-21 - 06:36 GMT+1
if: ${{ matrix.channel != 'rust-toolchain' }}
with:
toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}"
diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml
index e0620bf8..5ac35032 100644
--- a/.github/workflows/hadolint.yml
+++ b/.github/workflows/hadolint.yml
@@ -13,7 +13,7 @@ jobs:
steps:
# Checkout the repo
- name: Checkout
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+ uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
# End Checkout the repo
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index d01c3cd3..01e966d7 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -52,10 +52,19 @@ jobs:
# build performance and the ability to copy extended file attributes
# (e.g., for executable capabilities) across build phases.
DOCKER_BUILDKIT: 1
- # DOCKER_REPO/secrets.DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>'
- DOCKER_REPO: ${{ secrets.DOCKERHUB_REPO }}
SOURCE_COMMIT: ${{ github.sha }}
SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}"
+ # The *_REPO variables need to be configured as repository variables
+ # Append `/settings/variables/actions` to your repo url
+ # DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>'
+ # Check for Docker hub credentials in secrets
+ HAVE_DOCKERHUB_LOGIN: ${{ vars.DOCKERHUB_REPO != '' && secrets.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != '' }}
+ # GHCR_REPO needs to be 'ghcr.io/<user>/<repo>'
+ # Check for Github credentials in secrets
+ HAVE_GHCR_LOGIN: ${{ vars.GHCR_REPO != '' && github.repository_owner != '' && secrets.GITHUB_TOKEN != '' }}
+ # QUAY_REPO needs to be 'quay.io/<user>/<repo>'
+ # Check for Quay.io credentials in secrets
+ HAVE_QUAY_LOGIN: ${{ vars.QUAY_REPO != '' && secrets.QUAY_USERNAME != '' && secrets.QUAY_TOKEN != '' }}
if: ${{ needs.skip_check.outputs.should_skip != 'true' && github.repository == 'dani-garcia/vaultwarden' }}
strategy:
matrix:
@@ -64,17 +73,10 @@ jobs:
steps:
# Checkout the repo
- name: Checkout
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+ uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
with:
fetch-depth: 0
- # Login to Docker Hub
- - name: Login to Docker Hub
- uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
- with:
- username: ${{ secrets.DOCKERHUB_USERNAME }}
- password: ${{ secrets.DOCKERHUB_TOKEN }}
-
# Determine Docker Tag
- name: Init Variables
id: vars
@@ -88,34 +90,146 @@ jobs:
fi
# End Determine Docker Tag
- - name: Build Debian based images
+ # Login to Docker Hub
+ - name: Login to Docker Hub
+ uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ # Login to GitHub Container Registry
+ - name: Login to GitHub Container Registry
+ uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
+ with:
+ registry: ghcr.io
+ username: ${{ github.repository_owner }}
+ password: ${{ secrets.GITHUB_TOKEN }}
+ if: ${{ env.HAVE_GHCR_LOGIN == 'true' }}
+
+ # Login to Quay.io
+ - name: Login to Quay.io
+ uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
+ with:
+ registry: quay.io
+ username: ${{ secrets.QUAY_USERNAME }}
+ password: ${{ secrets.QUAY_TOKEN }}
+ if: ${{ env.HAVE_QUAY_LOGIN == 'true' }}
+
+ # Debian
+
+ # Docker Hub
+ - name: Build Debian based images (docker.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
+ run: |
+ ./hooks/build
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ - name: Push Debian based images (docker.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
+ run: |
+ ./hooks/push
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ # GitHub Container Registry
+ - name: Build Debian based images (ghcr.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.GHCR_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
+ run: |
+ ./hooks/build
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }}
+
+ - name: Push Debian based images (ghcr.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.GHCR_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
+ run: |
+ ./hooks/push
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }}
+
+ # Quay.io
+ - name: Build Debian based images (quay.io)
shell: bash
env:
+ DOCKER_REPO: "${{ vars.QUAY_REPO }}"
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
run: |
./hooks/build
- if: ${{ matrix.base_image == 'debian' }}
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }}
- - name: Push Debian based images
+ - name: Push Debian based images (quay.io)
shell: bash
env:
+ DOCKER_REPO: "${{ vars.QUAY_REPO }}"
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
run: |
./hooks/push
- if: ${{ matrix.base_image == 'debian' }}
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }}
+
+ # Alpine
+
+ # Docker Hub
+ - name: Build Alpine based images (docker.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+ run: |
+ ./hooks/build
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ - name: Push Alpine based images (docker.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+ run: |
+ ./hooks/push
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ # GitHub Container Registry
+ - name: Build Alpine based images (ghcr.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.GHCR_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+ run: |
+ ./hooks/build
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }}
+
+ - name: Push Alpine based images (ghcr.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.GHCR_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+ run: |
+ ./hooks/push
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }}
- - name: Build Alpine based images
+ # Quay.io
+ - name: Build Alpine based images (quay.io)
shell: bash
env:
+ DOCKER_REPO: "${{ vars.QUAY_REPO }}"
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
run: |
./hooks/build
- if: ${{ matrix.base_image == 'alpine' }}
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }}
- - name: Push Alpine based images
+ - name: Push Alpine based images (quay.io)
shell: bash
env:
+ DOCKER_REPO: "${{ vars.QUAY_REPO }}"
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
run: |
./hooks/push
- if: ${{ matrix.base_image == 'alpine' }}
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }}