diff options
author | Daniel GarcĂa <[email protected]> | 2023-03-24 17:11:58 +0100 |
---|---|---|
committer | GitHub <[email protected]> | 2023-03-24 17:11:58 +0100 |
commit | 5725d297b481b118fbd3cd43929b842d56e29b31 (patch) | |
tree | a9a0a158b7a91f318c0b41b76b155553436cc6c5 | |
parent | a428f05e772d811f7e23fe0cb997e20ea93db8e2 (diff) | |
parent | 467ecfdc999932963f70c06763ba75da5f8ce4d6 (diff) | |
download | vaultwarden-5725d297b481b118fbd3cd43929b842d56e29b31.tar.gz vaultwarden-5725d297b481b118fbd3cd43929b842d56e29b31.zip |
Merge pull request #3363 from BlackDex/gha-test
Add support for Quay.io and GHCR.io as registries
-rw-r--r-- | .github/workflows/build.yml | 6 | ||||
-rw-r--r-- | .github/workflows/hadolint.yml | 2 | ||||
-rw-r--r-- | .github/workflows/release.yml | 150 | ||||
-rw-r--r-- | docker/Dockerfile.j2 | 10 | ||||
-rw-r--r-- | docker/amd64/Dockerfile | 2 | ||||
-rw-r--r-- | docker/amd64/Dockerfile.alpine | 2 | ||||
-rw-r--r-- | docker/amd64/Dockerfile.buildkit | 2 | ||||
-rw-r--r-- | docker/amd64/Dockerfile.buildkit.alpine | 2 | ||||
-rw-r--r-- | docker/arm64/Dockerfile | 2 | ||||
-rw-r--r-- | docker/arm64/Dockerfile.alpine | 2 | ||||
-rw-r--r-- | docker/arm64/Dockerfile.buildkit | 2 | ||||
-rw-r--r-- | docker/arm64/Dockerfile.buildkit.alpine | 2 | ||||
-rw-r--r-- | docker/armv6/Dockerfile | 2 | ||||
-rw-r--r-- | docker/armv6/Dockerfile.alpine | 2 | ||||
-rw-r--r-- | docker/armv6/Dockerfile.buildkit | 2 | ||||
-rw-r--r-- | docker/armv6/Dockerfile.buildkit.alpine | 2 | ||||
-rw-r--r-- | docker/armv7/Dockerfile | 2 | ||||
-rw-r--r-- | docker/armv7/Dockerfile.alpine | 2 | ||||
-rw-r--r-- | docker/armv7/Dockerfile.buildkit | 2 | ||||
-rw-r--r-- | docker/armv7/Dockerfile.buildkit.alpine | 2 | ||||
-rw-r--r-- | hooks/arches.sh | 4 | ||||
-rwxr-xr-x | hooks/build | 7 | ||||
-rwxr-xr-x | hooks/pre_build | 2 | ||||
-rwxr-xr-x | hooks/push | 15 | ||||
-rw-r--r-- | rust-toolchain | 2 |
25 files changed, 175 insertions, 55 deletions
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 66f0f374..dd51dc05 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -43,7 +43,7 @@ jobs: steps: # Checkout the repo - name: "Checkout" - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 # End Checkout the repo @@ -71,7 +71,7 @@ jobs: # Only install the clippy and rustfmt components on the default rust-toolchain - name: "Install rust-toolchain version" - uses: dtolnay/rust-toolchain@e12eda571dc9a5ee5d58eecf4738ec291c66f295 # master @ 2023-02-19 - 02:23 GMT+1 + uses: dtolnay/rust-toolchain@fc3253060d0c959bea12a59f10f8391454a0b02d # master @ 2023-03-21 - 06:36 GMT+1 if: ${{ matrix.channel == 'rust-toolchain' }} with: toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}" @@ -81,7 +81,7 @@ jobs: # Install the any other channel to be used for which we do not execute clippy and rustfmt - name: "Install MSRV version" - uses: dtolnay/rust-toolchain@e12eda571dc9a5ee5d58eecf4738ec291c66f295 # master @ 2023-02-19 - 02:23 GMT+1 + uses: dtolnay/rust-toolchain@fc3253060d0c959bea12a59f10f8391454a0b02d # master @ 2023-03-21 - 06:36 GMT+1 if: ${{ matrix.channel != 'rust-toolchain' }} with: toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}" diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml index e0620bf8..5ac35032 100644 --- a/.github/workflows/hadolint.yml +++ b/.github/workflows/hadolint.yml @@ -13,7 +13,7 @@ jobs: steps: # Checkout the repo - name: Checkout - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 # End Checkout the repo diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d01c3cd3..01e966d7 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -52,10 +52,19 @@ jobs: # build performance and the ability to copy extended file attributes # (e.g., for executable capabilities) across build phases. DOCKER_BUILDKIT: 1 - # DOCKER_REPO/secrets.DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>' - DOCKER_REPO: ${{ secrets.DOCKERHUB_REPO }} SOURCE_COMMIT: ${{ github.sha }} SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}" + # The *_REPO variables need to be configured as repository variables + # Append `/settings/variables/actions` to your repo url + # DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>' + # Check for Docker hub credentials in secrets + HAVE_DOCKERHUB_LOGIN: ${{ vars.DOCKERHUB_REPO != '' && secrets.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != '' }} + # GHCR_REPO needs to be 'ghcr.io/<user>/<repo>' + # Check for Github credentials in secrets + HAVE_GHCR_LOGIN: ${{ vars.GHCR_REPO != '' && github.repository_owner != '' && secrets.GITHUB_TOKEN != '' }} + # QUAY_REPO needs to be 'quay.io/<user>/<repo>' + # Check for Quay.io credentials in secrets + HAVE_QUAY_LOGIN: ${{ vars.QUAY_REPO != '' && secrets.QUAY_USERNAME != '' && secrets.QUAY_TOKEN != '' }} if: ${{ needs.skip_check.outputs.should_skip != 'true' && github.repository == 'dani-garcia/vaultwarden' }} strategy: matrix: @@ -64,17 +73,10 @@ jobs: steps: # Checkout the repo - name: Checkout - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 + uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0 with: fetch-depth: 0 - # Login to Docker Hub - - name: Login to Docker Hub - uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - # Determine Docker Tag - name: Init Variables id: vars @@ -88,34 +90,146 @@ jobs: fi # End Determine Docker Tag - - name: Build Debian based images + # Login to Docker Hub + - name: Login to Docker Hub + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + # Login to GitHub Container Registry + - name: Login to GitHub Container Registry + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 + with: + registry: ghcr.io + username: ${{ github.repository_owner }} + password: ${{ secrets.GITHUB_TOKEN }} + if: ${{ env.HAVE_GHCR_LOGIN == 'true' }} + + # Login to Quay.io + - name: Login to Quay.io + uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0 + with: + registry: quay.io + username: ${{ secrets.QUAY_USERNAME }} + password: ${{ secrets.QUAY_TOKEN }} + if: ${{ env.HAVE_QUAY_LOGIN == 'true' }} + + # Debian + + # Docker Hub + - name: Build Debian based images (docker.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" + run: | + ./hooks/build + if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + - name: Push Debian based images (docker.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" + run: | + ./hooks/push + if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + # GitHub Container Registry + - name: Build Debian based images (ghcr.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.GHCR_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" + run: | + ./hooks/build + if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }} + + - name: Push Debian based images (ghcr.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.GHCR_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" + run: | + ./hooks/push + if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }} + + # Quay.io + - name: Build Debian based images (quay.io) shell: bash env: + DOCKER_REPO: "${{ vars.QUAY_REPO }}" DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" run: | ./hooks/build - if: ${{ matrix.base_image == 'debian' }} + if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }} - - name: Push Debian based images + - name: Push Debian based images (quay.io) shell: bash env: + DOCKER_REPO: "${{ vars.QUAY_REPO }}" DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}" run: | ./hooks/push - if: ${{ matrix.base_image == 'debian' }} + if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }} + + # Alpine + + # Docker Hub + - name: Build Alpine based images (docker.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" + run: | + ./hooks/build + if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + - name: Push Alpine based images (docker.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" + run: | + ./hooks/push + if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }} + + # GitHub Container Registry + - name: Build Alpine based images (ghcr.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.GHCR_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" + run: | + ./hooks/build + if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }} + + - name: Push Alpine based images (ghcr.io) + shell: bash + env: + DOCKER_REPO: "${{ vars.GHCR_REPO }}" + DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" + run: | + ./hooks/push + if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }} - - name: Build Alpine based images + # Quay.io + - name: Build Alpine based images (quay.io) shell: bash env: + DOCKER_REPO: "${{ vars.QUAY_REPO }}" DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" run: | ./hooks/build - if: ${{ matrix.base_image == 'alpine' }} + if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }} - - name: Push Alpine based images + - name: Push Alpine based images (quay.io) shell: bash env: + DOCKER_REPO: "${{ vars.QUAY_REPO }}" DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine" run: | ./hooks/push - if: ${{ matrix.base_image == 'alpine' }} + if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }} diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2 index d4182ddb..3d356c6c 100644 --- a/docker/Dockerfile.j2 +++ b/docker/Dockerfile.j2 @@ -3,22 +3,22 @@ # This file was generated using a Jinja2 template. # Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles. -{% set build_stage_base_image = "rust:1.67.1-bullseye" %} +{% set build_stage_base_image = "rust:1.68.1-bullseye" %} {% if "alpine" in target_file %} {% if "amd64" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-1.67.1" %} +{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-1.68.1" %} {% set runtime_stage_base_image = "alpine:3.17" %} {% set package_arch_target = "x86_64-unknown-linux-musl" %} {% elif "armv7" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-1.67.1" %} +{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-1.68.1" %} {% set runtime_stage_base_image = "balenalib/armv7hf-alpine:3.17" %} {% set package_arch_target = "armv7-unknown-linux-musleabihf" %} {% elif "armv6" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-1.67.1" %} +{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-1.68.1" %} {% set runtime_stage_base_image = "balenalib/rpi-alpine:3.17" %} {% set package_arch_target = "arm-unknown-linux-musleabi" %} {% elif "arm64" in target_file %} -{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-1.67.1" %} +{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-1.68.1" %} {% set runtime_stage_base_image = "balenalib/aarch64-alpine:3.17" %} {% set package_arch_target = "aarch64-unknown-linux-musl" %} {% endif %} diff --git a/docker/amd64/Dockerfile b/docker/amd64/Dockerfile index abddea86..f6a60f6d 100644 --- a/docker/amd64/Dockerfile +++ b/docker/amd64/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM rust:1.67.1-bullseye as build +FROM rust:1.68.1-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/amd64/Dockerfile.alpine b/docker/amd64/Dockerfile.alpine index e5f66679..ca901b7c 100644 --- a/docker/amd64/Dockerfile.alpine +++ b/docker/amd64/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:x86_64-musl-stable-1.67.1 as build +FROM blackdex/rust-musl:x86_64-musl-stable-1.68.1 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/amd64/Dockerfile.buildkit b/docker/amd64/Dockerfile.buildkit index 5d846cc4..25ece070 100644 --- a/docker/amd64/Dockerfile.buildkit +++ b/docker/amd64/Dockerfile.buildkit @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM rust:1.67.1-bullseye as build +FROM rust:1.68.1-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/amd64/Dockerfile.buildkit.alpine b/docker/amd64/Dockerfile.buildkit.alpine index 9542e7bb..9ac187a2 100644 --- a/docker/amd64/Dockerfile.buildkit.alpine +++ b/docker/amd64/Dockerfile.buildkit.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:x86_64-musl-stable-1.67.1 as build +FROM blackdex/rust-musl:x86_64-musl-stable-1.68.1 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/arm64/Dockerfile b/docker/arm64/Dockerfile index 7214ed9b..ea95cee0 100644 --- a/docker/arm64/Dockerfile +++ b/docker/arm64/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM rust:1.67.1-bullseye as build +FROM rust:1.68.1-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/arm64/Dockerfile.alpine b/docker/arm64/Dockerfile.alpine index a5e3215d..2dc1594d 100644 --- a/docker/arm64/Dockerfile.alpine +++ b/docker/arm64/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:aarch64-musl-stable-1.67.1 as build +FROM blackdex/rust-musl:aarch64-musl-stable-1.68.1 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/arm64/Dockerfile.buildkit b/docker/arm64/Dockerfile.buildkit index a429051a..19921807 100644 --- a/docker/arm64/Dockerfile.buildkit +++ b/docker/arm64/Dockerfile.buildkit @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM rust:1.67.1-bullseye as build +FROM rust:1.68.1-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/arm64/Dockerfile.buildkit.alpine b/docker/arm64/Dockerfile.buildkit.alpine index 0ec202e5..73dff9e8 100644 --- a/docker/arm64/Dockerfile.buildkit.alpine +++ b/docker/arm64/Dockerfile.buildkit.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:aarch64-musl-stable-1.67.1 as build +FROM blackdex/rust-musl:aarch64-musl-stable-1.68.1 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/armv6/Dockerfile b/docker/armv6/Dockerfile index 64165193..31aa82f9 100644 --- a/docker/armv6/Dockerfile +++ b/docker/armv6/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM rust:1.67.1-bullseye as build +FROM rust:1.68.1-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/armv6/Dockerfile.alpine b/docker/armv6/Dockerfile.alpine index 6eb386f2..3bd45884 100644 --- a/docker/armv6/Dockerfile.alpine +++ b/docker/armv6/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:arm-musleabi-stable-1.67.1 as build +FROM blackdex/rust-musl:arm-musleabi-stable-1.68.1 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/armv6/Dockerfile.buildkit b/docker/armv6/Dockerfile.buildkit index acf3fb23..214a88a2 100644 --- a/docker/armv6/Dockerfile.buildkit +++ b/docker/armv6/Dockerfile.buildkit @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM rust:1.67.1-bullseye as build +FROM rust:1.68.1-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/armv6/Dockerfile.buildkit.alpine b/docker/armv6/Dockerfile.buildkit.alpine index c6a8a90f..820d4a42 100644 --- a/docker/armv6/Dockerfile.buildkit.alpine +++ b/docker/armv6/Dockerfile.buildkit.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:arm-musleabi-stable-1.67.1 as build +FROM blackdex/rust-musl:arm-musleabi-stable-1.68.1 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/armv7/Dockerfile b/docker/armv7/Dockerfile index cc76a3b9..3f653313 100644 --- a/docker/armv7/Dockerfile +++ b/docker/armv7/Dockerfile @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM rust:1.67.1-bullseye as build +FROM rust:1.68.1-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/armv7/Dockerfile.alpine b/docker/armv7/Dockerfile.alpine index d0f4adb8..6dfb8300 100644 --- a/docker/armv7/Dockerfile.alpine +++ b/docker/armv7/Dockerfile.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:armv7-musleabihf-stable-1.67.1 as build +FROM blackdex/rust-musl:armv7-musleabihf-stable-1.68.1 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/armv7/Dockerfile.buildkit b/docker/armv7/Dockerfile.buildkit index b575c5ab..cdd049db 100644 --- a/docker/armv7/Dockerfile.buildkit +++ b/docker/armv7/Dockerfile.buildkit @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM rust:1.67.1-bullseye as build +FROM rust:1.68.1-bullseye as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/docker/armv7/Dockerfile.buildkit.alpine b/docker/armv7/Dockerfile.buildkit.alpine index 0361051a..db8947c5 100644 --- a/docker/armv7/Dockerfile.buildkit.alpine +++ b/docker/armv7/Dockerfile.buildkit.alpine @@ -27,7 +27,7 @@ FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault ########################## BUILD IMAGE ########################## -FROM blackdex/rust-musl:armv7-musleabihf-stable-1.67.1 as build +FROM blackdex/rust-musl:armv7-musleabihf-stable-1.68.1 as build # Build time options to avoid dpkg warnings and help with reproducible builds. ENV DEBIAN_FRONTEND=noninteractive \ diff --git a/hooks/arches.sh b/hooks/arches.sh index c27adf31..96114fae 100644 --- a/hooks/arches.sh +++ b/hooks/arches.sh @@ -1,3 +1,5 @@ +#!/usr/bin/env bash + # The default Debian-based images support these arches for all database backends. arches=( amd64 @@ -5,7 +7,9 @@ arches=( armv7 arm64 ) +export arches if [[ "${DOCKER_TAG}" == *alpine ]]; then distro_suffix=.alpine fi +export distro_suffix diff --git a/hooks/build b/hooks/build index f0dd249e..b89a5661 100755 --- a/hooks/build +++ b/hooks/build @@ -1,7 +1,8 @@ -#!/bin/bash +#!/usr/bin/env bash echo ">>> Building images..." +# shellcheck source=arches.sh source ./hooks/arches.sh if [[ -z "${SOURCE_COMMIT}" ]]; then @@ -26,7 +27,7 @@ LABELS=( org.opencontainers.image.licenses="AGPL-3.0-only" org.opencontainers.image.revision="${SOURCE_COMMIT}" org.opencontainers.image.source="${SOURCE_REPOSITORY_URL}" - org.opencontainers.image.url="https://hub.docker.com/r/${DOCKER_REPO#*/}" + org.opencontainers.image.url="https://github.com/dani-garcia/vaultwarden" org.opencontainers.image.version="${SOURCE_VERSION}" ) LABEL_ARGS=() @@ -45,6 +46,6 @@ for arch in "${arches[@]}"; do docker build \ "${LABEL_ARGS[@]}" \ -t "${DOCKER_REPO}:${DOCKER_TAG}-${arch}" \ - -f docker/${arch}/Dockerfile${buildkit_suffix}${distro_suffix} \ + -f "docker/${arch}/Dockerfile${buildkit_suffix}${distro_suffix}" \ . done diff --git a/hooks/pre_build b/hooks/pre_build index 6cb50ab1..9829bb5d 100755 --- a/hooks/pre_build +++ b/hooks/pre_build @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash set -ex @@ -1,5 +1,6 @@ -#!/bin/bash +#!/usr/bin/env bash +# shellcheck source=arches.sh source ./hooks/arches.sh export DOCKER_CLI_EXPERIMENTAL=enabled @@ -41,7 +42,7 @@ LOCAL_REPO="${LOCAL_REGISTRY}/${REPO}" echo ">>> Pushing images to local registry..." -for arch in ${arches[@]}; do +for arch in "${arches[@]}"; do docker_image="${DOCKER_REPO}:${DOCKER_TAG}-${arch}" local_image="${LOCAL_REPO}:${DOCKER_TAG}-${arch}" docker tag "${docker_image}" "${local_image}" @@ -71,9 +72,9 @@ tags=("${DOCKER_REPO}:${DOCKER_TAG}") # to make it easier for users to track the latest release. if [[ "${DOCKER_TAG}" =~ ^[0-9]+\.[0-9]+\.[0-9]+ ]]; then if [[ "${DOCKER_TAG}" == *alpine ]]; then - tags+=(${DOCKER_REPO}:alpine) + tags+=("${DOCKER_REPO}:alpine") else - tags+=(${DOCKER_REPO}:latest) + tags+=("${DOCKER_REPO}:latest") fi fi @@ -91,10 +92,10 @@ declare -A arch_to_platform=( [arm64]="linux/arm64" ) platforms=() -for arch in ${arches[@]}; do +for arch in "${arches[@]}"; do platforms+=("${arch_to_platform[$arch]}") done -platforms="$(join "," "${platforms[@]}")" +platform="$(join "," "${platforms[@]}")" # Run the build, pushing the resulting images and multi-arch manifest list to # Docker Hub. The Dockerfile is read from stdin to avoid sending any build @@ -104,7 +105,7 @@ docker buildx build \ --network host \ --build-arg LOCAL_REPO="${LOCAL_REPO}" \ --build-arg DOCKER_TAG="${DOCKER_TAG}" \ - --platform "${platforms}" \ + --platform "${platform}" \ "${tag_args[@]}" \ --push \ - < ./docker/Dockerfile.buildx diff --git a/rust-toolchain b/rust-toolchain index ee2f4ca9..0944cc48 100644 --- a/rust-toolchain +++ b/rust-toolchain @@ -1 +1 @@ -1.68.0 +1.68.1 |