From 961a0590869db479bbc61fed4e8c889c04ae62ca Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 11 May 2022 03:36:06 +0000 Subject: [PATCH 1/8] Bump docker/login-action from 1 to 2 Bumps [docker/login-action](https://github.com/docker/login-action) from 1 to 2. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v1...v2) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 363c0c4..7089c24 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -82,7 +82,7 @@ jobs: uses: actions/checkout@v3 - name: Login to GitHub Container Registry - uses: docker/login-action@v1 + uses: docker/login-action@v2 with: registry: ghcr.io username: ${{ github.actor }} From df63429baf4785f22c44b9b0c2c26146f46435b2 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Wed, 11 May 2022 13:46:06 +0300 Subject: [PATCH 2/8] Improve CI workflow --- .github/workflows/ci.yml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7089c24..c341119 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -25,7 +25,6 @@ jobs: uses: actions/setup-go@v3 with: go-version: ${{ matrix.go }} - id: go - name: Checkout uses: actions/checkout@v3 @@ -54,7 +53,6 @@ jobs: uses: actions/setup-go@v3 with: go-version: '1.17.x' - id: go - name: Checkout uses: actions/checkout@v3 From c46276ce79c877b33b2ba9d1bd4d43b5bef5a13f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 17 May 2022 02:39:56 +0000 Subject: [PATCH 3/8] Bump github.com/essentialkaos/ek/v12 from 12.45.0 to 12.46.0 Bumps [github.com/essentialkaos/ek/v12](https://github.com/essentialkaos/ek) from 12.45.0 to 12.46.0. - [Release notes](https://github.com/essentialkaos/ek/releases) - [Changelog](https://github.com/essentialkaos/ek/blob/master/CHANGELOG.md) - [Commits](https://github.com/essentialkaos/ek/compare/v12.45.0...v12.46.0) --- updated-dependencies: - dependency-name: github.com/essentialkaos/ek/v12 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- go.mod | 2 +- go.sum | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/go.mod b/go.mod index 87c459c..76055dd 100644 --- a/go.mod +++ b/go.mod @@ -3,7 +3,7 @@ module github.com/essentialkaos/sslcli go 1.17 require ( - github.com/essentialkaos/ek/v12 v12.45.0 + github.com/essentialkaos/ek/v12 v12.46.0 github.com/essentialkaos/sslscan/v13 v13.1.1 ) diff --git a/go.sum b/go.sum index 6589d31..5b5e042 100644 --- a/go.sum +++ b/go.sum @@ -4,8 +4,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3 github.com/essentialkaos/check v1.2.1/go.mod h1:PhxzfJWlf5L/skuyhzBLIvjMB5Xu9TIyDIsqpY5MvB8= github.com/essentialkaos/check v1.3.0 h1:ria+8o22RCLdt2D/1SHQsEH5Mmy5S+iWHaGHrrbPUc0= github.com/essentialkaos/check v1.3.0/go.mod h1:PhxzfJWlf5L/skuyhzBLIvjMB5Xu9TIyDIsqpY5MvB8= -github.com/essentialkaos/ek/v12 v12.45.0 h1:5KVZl5MAsPwxfjda+wb+cCxneQ747lU9zA5mjCA5Fyg= -github.com/essentialkaos/ek/v12 v12.45.0/go.mod h1:uQUkpvaZHWR9aI8GfknZqOG5FC+G2PYJLFyMw9fdjbo= +github.com/essentialkaos/ek/v12 v12.46.0 h1:TNw9YmKPf67E9L886EzhH9xUO49bROqvqHR4bzOqf/E= +github.com/essentialkaos/ek/v12 v12.46.0/go.mod h1:uQUkpvaZHWR9aI8GfknZqOG5FC+G2PYJLFyMw9fdjbo= github.com/essentialkaos/go-linenoise/v3 v3.3.5/go.mod h1:g4X3LhT83XT4h7xwrCLclAdMkJvS9qWBQTGNdS6y4vo= github.com/essentialkaos/sslscan/v13 v13.1.1 h1:ic02wruXM5IqkWJ8IvDxrdLYSrTe0EGwDQCryBxxTNU= github.com/essentialkaos/sslscan/v13 v13.1.1/go.mod h1:kKofHxVvSMXfPKXPgtTYXNxi+t9XbV7ZxldSC6oj5dE= From 29534b9b1839b4d4fdef1dcb3b5a9a4c1beb7662 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Sat, 28 May 2022 12:02:21 +0300 Subject: [PATCH 4/8] Add improved workflow for pushing Docker images --- .github/workflows/docker-push.yml | 122 ++++++++++++++++++++++++++++++ .github/workflows/ghcr.yml | 59 --------------- README.md | 14 ++-- 3 files changed, 129 insertions(+), 66 deletions(-) create mode 100644 .github/workflows/docker-push.yml delete mode 100644 .github/workflows/ghcr.yml diff --git a/.github/workflows/docker-push.yml b/.github/workflows/docker-push.yml new file mode 100644 index 0000000..6e30210 --- /dev/null +++ b/.github/workflows/docker-push.yml @@ -0,0 +1,122 @@ +name: "Docker Push" + +on: + release: + types: [published] + schedule: + - cron: '30 12 * * *' + +permissions: + packages: write + contents: read + +env: + IMAGE_NAME: ${{ github.repository }} + +jobs: + Docker: + name: Docker Build & Publish + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v3 + with: + fetch-depth: 0 + + - name: Login to DockerHub + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + - name: Prepare metadata for build + id: metadata + run: | + rev=$(git rev-list --tags --max-count=1) + version=$(git describe --tags "$rev" | tr -d 'v') + + if [[ -z "$version" ]] ; then + echo "::error::Can't find version info" + exit 1 + fi + + docker_file="Dockerfile" + base_image=$(grep 'FROM ' $docker_file | tail -1 | cut -f2 -d' ') + + if [[ -z "$base_image" ]] ; then + echo "::error::Can't extract base image info" + exit 1 + fi + + echo "::set-output name=version::$version" + echo "::set-output name=dockerfile::$docker_file" + echo "::set-output name=baseimage::$base_image" + + echo -e "\033[34mVersion:\033[0m $version" + echo -e "\033[34mDockerfile:\033[0m $docker_file" + echo -e "\033[34mBase image:\033[0m $base_image" + + - name: Check if build/rebuild is required + id: build_check + run: | + if [[ "${{github.event_name}}" == "release" ]] ; then + echo "::set-output name=build::true" + exit 0 + fi + + echo -e "::group::\033[34mDownloading built image…\033[0m" + + if ! docker pull ghcr.io/${{env.IMAGE_NAME}}:latest ; then + echo "::error::Can't download image ghcr.io/${{env.IMAGE_NAME}}:latest" + exit 1 + fi + + echo "::endgroup::" + echo -e "::group::\033[34mDownloading base image…\033[0m" + + if ! docker pull ${{steps.metadata.outputs.baseimage}} ; then + echo "::error::Can't download image ${{steps.metadata.outputs.baseimage}}" + exit 1 + fi + + echo "::endgroup::" + + base_layer=$(docker inspect "${{steps.metadata.outputs.baseimage}}" | jq -r '.[0].RootFS.Layers[-1]') + + if [[ -z "$base_layer" ]] ; then + echo "::error::Can't extract layers info from base image" + exit 1 + fi + + if ! docker inspect "ghcr.io/${{env.IMAGE_NAME}}:latest" | jq -r '.[0].RootFS.Layers' | grep -q "$base_layer" ; then + echo "::warning::Rebuild image (reason: base image rebuilt)" + echo "::set-output name=build::true" + exit 0 + fi + + - name: Build and push Docker image + if: ${{ steps.build_check.outputs.build == 'true' }} + uses: docker/build-push-action@v3 + with: + push: true + context: . + file: ${{steps.metadata.outputs.dockerfile}} + tags: | + ghcr.io/${{env.IMAGE_NAME}}:${{steps.metadata.outputs.version}} + ghcr.io/${{env.IMAGE_NAME}}:latest + ${{env.IMAGE_NAME}}:${{steps.metadata.outputs.version}} + ${{env.IMAGE_NAME}}:latest + + - name: Show info about built Docker image + uses: essentialkaos/docker-info-action@v1 + with: + image: ${{env.IMAGE_NAME}}:latest + show-labels: true diff --git a/.github/workflows/ghcr.yml b/.github/workflows/ghcr.yml deleted file mode 100644 index 937f0a8..0000000 --- a/.github/workflows/ghcr.yml +++ /dev/null @@ -1,59 +0,0 @@ -name: "GHCR Publish" - -on: - release: - types: [published] - -permissions: - packages: write - contents: read - -env: - REGISTRY: ghcr.io - IMAGE_NAME: ${{ github.repository }} - -jobs: - GHCR: - name: GHCR Build & Publish - runs-on: ubuntu-latest - - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Login to DockerHub - uses: docker/login-action@v2 - env: - DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - if: ${{ env.DOCKERHUB_USERNAME != '' }} - with: - username: ${{ secrets.DOCKERHUB_USERNAME }} - password: ${{ secrets.DOCKERHUB_TOKEN }} - - - name: Login to GitHub Container Registry - uses: docker/login-action@v2 - with: - registry: ${{ env.REGISTRY }} - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - - name: Extract metadata (tags, labels) for Docker - id: meta - uses: docker/metadata-action@v4 - with: - images: ${{env.REGISTRY}}/${{env.IMAGE_NAME}} - flavor: latest=true - - - name: Build and push Docker image - uses: docker/build-push-action@v3 - with: - context: . - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - - - name: Show info about built Docker image - uses: essentialkaos/docker-info-action@v1 - with: - image: ${{env.REGISTRY}}/${{env.IMAGE_NAME}}:latest - show-labels: true diff --git a/README.md b/README.md index 4c800d7..b12c137 100644 --- a/README.md +++ b/README.md @@ -1,10 +1,10 @@

- - - GitHub Actions Status - + GitHub Actions CI Status + GoReportCard + codebeat badge + GitHub Actions CodeQL Status

@@ -112,9 +112,9 @@ Examples ### Build Status | Branch | Status | -|--------|--------| -| `master` | [![CI](https://github.com/essentialkaos/sslcli/workflows/CI/badge.svg?branch=master)](https://github.com/essentialkaos/sslcli/actions) | -| `develop` | [![CI](https://github.com/essentialkaos/sslcli/workflows/CI/badge.svg?branch=develop)](https://github.com/essentialkaos/sslcli/actions) | +|------------|--------| +| `master` | [![CI](https://kaos.sh/w/bibop/ci.svg?branch=master)](https://kaos.sh/w/bibop/ci?query=branch:master) | +| `develop` | [![CI](https://kaos.sh/w/bibop/ci.svg?branch=develop)](https://kaos.sh/w/bibop/ci?query=branch:develop) | ### Contributing From 6919ddb85148a8bf261aa40578cc4acb45e6d0c3 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Sat, 28 May 2022 12:07:16 +0300 Subject: [PATCH 5/8] Improve CI workflow --- .github/workflows/ci.yml | 24 ++++++++++++++++++++++-- 1 file changed, 22 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c341119..1e69f5c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -110,27 +110,47 @@ jobs: name: Docker Build Check runs-on: ubuntu-latest - needs: Hadolint + needs: [Hadolint, Perfecto, Aligo] steps: + - name: Check event type + run: | + if [[ "${{github.event_name}}" != "pull_request" ]] ; then + echo "::notice::Event type is not 'pull_request', all job actions will be skipped" + fi + + # This step is a hack for needs+if issue with actions + # More info about issue: https://github.com/actions/runner/issues/491 + - name: Checkout uses: actions/checkout@v3 + if: ${{ github.event_name == 'pull_request' }} - name: Login to DockerHub uses: docker/login-action@v2 env: DOCKERHUB_USERNAME: ${{ secrets.DOCKERHUB_USERNAME }} - if: ${{ env.DOCKERHUB_USERNAME != '' }} + if: ${{ github.event_name == 'pull_request' && env.DOCKERHUB_USERNAME != '' }} with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} + - name: Login to GitHub Container Registry + uses: docker/login-action@v2 + if: ${{ github.event_name == 'pull_request' }} + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Build Docker image + if: ${{ github.event_name == 'pull_request' }} run: | docker build -f Dockerfile -t sslcli . - name: Show info about built Docker image uses: essentialkaos/docker-info-action@v1 + if: ${{ github.event_name == 'pull_request' }} with: image: sslcli show-labels: true From 63c956f727cd62983727559bcd3709640bf81502 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Sat, 28 May 2022 12:19:11 +0300 Subject: [PATCH 6/8] Improve CI workflow --- .github/workflows/ci.yml | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 1e69f5c..2b9c9ec 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -112,6 +112,10 @@ jobs: needs: [Hadolint, Perfecto, Aligo] + env: + DOCKER_FILE: Dockerfile + IMAGE_NAME: sslcli + steps: - name: Check event type run: | @@ -146,11 +150,11 @@ jobs: - name: Build Docker image if: ${{ github.event_name == 'pull_request' }} run: | - docker build -f Dockerfile -t sslcli . + docker build -f ${{ env.DOCKER_FILE }} -t ${{ env.IMAGE_NAME }} . - name: Show info about built Docker image uses: essentialkaos/docker-info-action@v1 if: ${{ github.event_name == 'pull_request' }} with: - image: sslcli + image: ${{ env.IMAGE_NAME }} show-labels: true From 361fd2f85a5b9f29a14426928c8e868109fb027d Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Sat, 28 May 2022 12:20:39 +0300 Subject: [PATCH 7/8] Improve CI workflow --- .github/workflows/ci.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2b9c9ec..5eb4e4c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -8,14 +8,14 @@ on: schedule: - cron: '0 13 */15 * *' +env: + SRC_DIR: src/github.com/${{ github.repository }} + jobs: Go: name: Go runs-on: ubuntu-latest - env: - SRC_DIR: src/github.com/${{ github.repository }} - strategy: matrix: go: [ '1.17.x', '1.18.x' ] @@ -45,9 +45,6 @@ jobs: needs: Go - env: - SRC_DIR: src/github.com/${{ github.repository }} - steps: - name: Set up Go uses: actions/setup-go@v3 From 837e3be4e9c0df5b2356171f2f3d744e2e715fb4 Mon Sep 17 00:00:00 2001 From: Anton Novojilov Date: Sat, 28 May 2022 12:34:01 +0300 Subject: [PATCH 8/8] Add improved workflow for pushing Docker images --- .github/workflows/docker-push.yml | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/.github/workflows/docker-push.yml b/.github/workflows/docker-push.yml index 6e30210..fa04ca6 100644 --- a/.github/workflows/docker-push.yml +++ b/.github/workflows/docker-push.yml @@ -37,6 +37,21 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - name: Checkout the latest tag + run: | + rev=$(git rev-list --tags --max-count=1) + tag=$(git describe --tags "$rev") + + if [[ -z "$tag" ]] ; then + echo "::error::Can't find the latest tag" + exit 1 + fi + + echo -e "\033[34mRev:\033[0m $rev" + echo -e "\033[34mTag:\033[0m $tag" + + git checkout "$tag" + - name: Prepare metadata for build id: metadata run: |