diff --git a/.github/docker/centos/7/amd64/Dockerfile b/.github/docker/centos/7/amd64/Dockerfile deleted file mode 100644 index 7144a60..0000000 --- a/.github/docker/centos/7/amd64/Dockerfile +++ /dev/null @@ -1,148 +0,0 @@ -ARG BUILDER_IMAGE=centos:7.2.1511 - -FROM ${BUILDER_IMAGE} AS builder - -# Credentials -ARG REPO_DOMAIN=fsa.freeswitch.com -ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password - -ARG GPG_KEY="/etc/pki/rpm-gpg/RPM-GPG-KEY-FREESWITCH" -ARG GPG_KEY_URL="https://files.freeswitch.org/repo/yum/centos-release/RPM-GPG-KEY-FREESWITCH" - -ARG MAINTAINER="Andrey Volk " -ARG BUILD_NUMBER=42 -ARG GIT_SHA=0000000000 - -MAINTAINER ${MAINTAINER} -ENV MAINTAINER=${MAINTAINER} - -RUN yum -y update && \ - yum install -y \ - audiofile-devel \ - autoconf \ - automake \ - bind-license \ - centos-release-scl \ - cyrus-sasl-lib \ - dbus \ - dbus-libs \ - devtoolset-9-gcc* \ - dos2unix \ - doxygen \ - dpkg-dev \ - dracut \ - epel-release \ - expat \ - gcc \ - gcc-c++ \ - git \ - glib2 \ - glib2-devel \ - gnupg2 \ - gzip \ - krb5-dxevel \ - libatomic \ - libcurl-devel \ - libtool \ - libuuid-devel \ - libxml2 \ - lksctp-tools-devel \ - lsb_release \ - make \ - multilib-rpm-config \ - openssl-devel \ - pkg-config \ - procps-ng \ - python \ - python-libs \ - rpm-build \ - rpmdevtools \ - scl-utils \ - sqlite \ - swig \ - unzip \ - uuid-devel \ - vim-minimal \ - wget \ - which \ - xz \ - xz-libs \ - yum-plugin-fastestmirror \ - yum-plugin-ovl \ - yum-utils \ - zlib-devel && \ - yum -y clean all - -ENV CMAKE_VERSION 3.22.2 - -RUN set -ex \ - && curl -kfsSLO --compressed https://cmake.org/files/v3.22/cmake-${CMAKE_VERSION}-linux-x86_64.tar.gz \ - && curl -kfsSLO --compressed https://cmake.org/files/v3.22/cmake-${CMAKE_VERSION}-SHA-256.txt \ - && grep "cmake-${CMAKE_VERSION}-linux-x86_64.tar.gz\$" cmake-${CMAKE_VERSION}-SHA-256.txt | sha256sum -c - \ - && tar xzf cmake-${CMAKE_VERSION}-linux-x86_64.tar.gz -C /usr/local --strip-components=1 --no-same-owner \ - && rm -rf cmake-${CMAKE_VERSION}* \ - && cmake --version - -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR}/ -RUN cd ${DATA_DIR}/ && \ - git reset --hard HEAD && git clean -xfd && \ - cd ${DATA_DIR} - -RUN cat < /etc/yum.repos.d/freeswitch.repo -[freeswitch] -name=FreeSWITCH Packages for Enterprise Linux \$releasever - \$basearch -baseurl=https://freeswitch.signalwire.com/repo/yum/centos-release/\$releasever/\$basearch -enabled=1 -gpgcheck=0 -gpgkey=file://${GPG_KEY} -username=\$repousername -password=\$repopassword - -[freeswitch-debuginfo] -name=FreeSWITCH Packages for Enterprise Linux \$releasever - \$basearch - Debug -baseurl=https://freeswitch.signalwire.com/repo/yum/centos-release/\$releasever/\$basearch -enabled=1 -gpgkey=file://${GPG_KEY} -gpgcheck=0 -username=\$repousername -password=\$repopassword - -[freeswitch-source] -name=FreeSWITCH Packages for Enterprise Linux \$releasever - \$basearch - Source -baseurl=https://freeswitch.signalwire.com/repo/yum/centos-release/\$releasever/\$basearch -enabled=1 -gpgkey=file://${GPG_KEY} -gpgcheck=0 -username=\$repousername -password=\$repopassword -EOF - -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - printf "${REPO_USERNAME}" > /etc/yum/vars/repousername && \ - cat /run/secrets/REPO_PASSWORD > /etc/yum/vars/repopassword - -RUN curl --netrc -o ${GPG_KEY} ${GPG_KEY_URL} - -# Bootstrap and Build -RUN yum -y update && \ - yum install -y \ - libks2 \ - && \ - yum -y clean all - -RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.rpm OUT/. - -# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) -FROM scratch -COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/bookworm/amd64/Dockerfile b/.github/docker/debian/bookworm/amd64/Dockerfile index 87b2dfa..ef49aa9 100644 --- a/.github/docker/debian/bookworm/amd64/Dockerfile +++ b/.github/docker/debian/bookworm/amd64/Dockerfile @@ -1,25 +1,35 @@ -ARG BUILDER_IMAGE=debian:bookworm -ARG MAINTAINER="Andrey Volk " +ARG BUILDER_IMAGE=debian:bookworm-20240513 FROM ${BUILDER_IMAGE} AS builder +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +ARG CODENAME=bookworm +ARG ARCH=amd64 + # Credentials ARG REPO_DOMAIN=freeswitch.signalwire.com ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password ARG BUILD_NUMBER=42 ARG GIT_SHA=0000000000 ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" -MAINTAINER ${MAINTAINER} +ARG DATA_DIR=/data + +LABEL maintainer="${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" SHELL ["/bin/bash", "-c"] -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get -q update \ + && apt-get -y -q install \ apt-transport-https \ + autoconf \ + automake \ build-essential \ ca-certificates \ cmake \ @@ -29,50 +39,59 @@ RUN apt-get -q update && \ dh-autoreconf \ dos2unix \ doxygen \ + dpkg-dev \ git \ + gnupg2 \ graphviz \ libglib2.0-dev \ libssl-dev \ lsb-release \ pkg-config \ + unzip \ wget RUN update-ca-certificates --fresh -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR} -RUN git reset --hard HEAD && git clean -xfd - -RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ - chmod +x ~/.env +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env \ + && echo "export ARCH=${ARCH}" | tee -a ~/.env \ + && chmod +x ~/.env RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main EOF -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - cp -f ~/.netrc /etc/apt/auth.conf - -RUN git config --global --add safe.directory '*' - -RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN --mount=type=secret,id=REPO_PASSWORD,required=true \ + printf "machine ${REPO_DOMAIN} " > /etc/apt/auth.conf && \ + printf "login ${REPO_USERNAME} " >> /etc/apt/auth.conf && \ + printf "password " >> /etc/apt/auth.conf && \ + cat /run/secrets/REPO_PASSWORD >> /etc/apt/auth.conf && \ + sha512sum /run/secrets/REPO_PASSWORD && \ + curl \ + --fail \ + --netrc-file /etc/apt/auth.conf \ + --output ${GPG_KEY} \ + https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg && \ + file ${GPG_KEY} && \ + apt-get --quiet update && \ + apt-get --yes --quiet install \ + libks2 \ + && rm -f /etc/apt/auth.conf # Bootstrap and Build -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - libks2 +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.deb OUT/. + -DCMAKE_BUILD_TYPE=Debug \ + -DCMAKE_INSTALL_PREFIX="/usr" \ + && make package \ + && mkdir OUT \ + && mv -v *.deb OUT/. # Artifacts image (mandatory part, the resulting image must have a single filesystem layer) FROM scratch diff --git a/.github/docker/debian/bookworm/arm32v7/Dockerfile b/.github/docker/debian/bookworm/arm32v7/Dockerfile index dd7fa63..b77b2b7 100644 --- a/.github/docker/debian/bookworm/arm32v7/Dockerfile +++ b/.github/docker/debian/bookworm/arm32v7/Dockerfile @@ -1,25 +1,35 @@ -ARG BUILDER_IMAGE=arm32v7/debian:bookworm -ARG MAINTAINER="Andrey Volk " +ARG BUILDER_IMAGE=arm32v7/debian:bookworm-20240513 -FROM ${BUILDER_IMAGE} AS builder +FROM --platform=linux/arm/v7 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +ARG CODENAME=bookworm +ARG ARCH=arm32 # Credentials ARG REPO_DOMAIN=freeswitch.signalwire.com ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password ARG BUILD_NUMBER=42 ARG GIT_SHA=0000000000 ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" -MAINTAINER ${MAINTAINER} +ARG DATA_DIR=/data + +LABEL maintainer="${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" SHELL ["/bin/bash", "-c"] -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get -q update \ + && apt-get -y -q install \ apt-transport-https \ + autoconf \ + automake \ build-essential \ ca-certificates \ cmake \ @@ -29,50 +39,59 @@ RUN apt-get -q update && \ dh-autoreconf \ dos2unix \ doxygen \ + dpkg-dev \ git \ + gnupg2 \ graphviz \ libglib2.0-dev \ libssl-dev \ lsb-release \ pkg-config \ + unzip \ wget RUN update-ca-certificates --fresh -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR} -RUN git reset --hard HEAD && git clean -xfd - -RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ - chmod +x ~/.env +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env \ + && echo "export ARCH=${ARCH}" | tee -a ~/.env \ + && chmod +x ~/.env RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-release ${CODENAME} main deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-release ${CODENAME} main EOF -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - cp -f ~/.netrc /etc/apt/auth.conf - -RUN git config --global --add safe.directory '*' - -RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/rpi/debian-release/signalwire-freeswitch-repo.gpg +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN --mount=type=secret,id=REPO_PASSWORD,required=true \ + printf "machine ${REPO_DOMAIN} " > /etc/apt/auth.conf && \ + printf "login ${REPO_USERNAME} " >> /etc/apt/auth.conf && \ + printf "password " >> /etc/apt/auth.conf && \ + cat /run/secrets/REPO_PASSWORD >> /etc/apt/auth.conf && \ + sha512sum /run/secrets/REPO_PASSWORD && \ + curl \ + --fail \ + --netrc-file /etc/apt/auth.conf \ + --output ${GPG_KEY} \ + https://${REPO_DOMAIN}/repo/deb/rpi/debian-release/signalwire-freeswitch-repo.gpg && \ + file ${GPG_KEY} && \ + apt-get --quiet update && \ + apt-get --yes --quiet install \ + libks2 \ + && rm -f /etc/apt/auth.conf # Bootstrap and Build -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - libks2 +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.deb OUT/. + -DCMAKE_BUILD_TYPE=Debug \ + -DCMAKE_INSTALL_PREFIX="/usr" \ + && make package \ + && mkdir OUT \ + && mv -v *.deb OUT/. # Artifacts image (mandatory part, the resulting image must have a single filesystem layer) FROM scratch diff --git a/.github/docker/debian/bookworm/arm64v8/Dockerfile b/.github/docker/debian/bookworm/arm64v8/Dockerfile index ca0ec6c..d1d7e1a 100644 --- a/.github/docker/debian/bookworm/arm64v8/Dockerfile +++ b/.github/docker/debian/bookworm/arm64v8/Dockerfile @@ -1,25 +1,35 @@ -ARG BUILDER_IMAGE=arm64v8/debian:bookworm -ARG MAINTAINER="Andrey Volk " +ARG BUILDER_IMAGE=arm64v8/debian:bookworm-20240513 -FROM ${BUILDER_IMAGE} AS builder +FROM --platform=linux/arm64 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +ARG CODENAME=bookworm +ARG ARCH=arm64 # Credentials ARG REPO_DOMAIN=freeswitch.signalwire.com ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password ARG BUILD_NUMBER=42 ARG GIT_SHA=0000000000 ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" -MAINTAINER ${MAINTAINER} +ARG DATA_DIR=/data + +LABEL maintainer="${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" SHELL ["/bin/bash", "-c"] -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get -q update \ + && apt-get -y -q install \ apt-transport-https \ + autoconf \ + automake \ build-essential \ ca-certificates \ cmake \ @@ -29,50 +39,59 @@ RUN apt-get -q update && \ dh-autoreconf \ dos2unix \ doxygen \ + dpkg-dev \ git \ + gnupg2 \ graphviz \ libglib2.0-dev \ libssl-dev \ lsb-release \ pkg-config \ + unzip \ wget RUN update-ca-certificates --fresh -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR} -RUN git reset --hard HEAD && git clean -xfd - -RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ - chmod +x ~/.env +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env \ + && echo "export ARCH=${ARCH}" | tee -a ~/.env \ + && chmod +x ~/.env RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main EOF -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - cp -f ~/.netrc /etc/apt/auth.conf - -RUN git config --global --add safe.directory '*' - -RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN --mount=type=secret,id=REPO_PASSWORD,required=true \ + printf "machine ${REPO_DOMAIN} " > /etc/apt/auth.conf && \ + printf "login ${REPO_USERNAME} " >> /etc/apt/auth.conf && \ + printf "password " >> /etc/apt/auth.conf && \ + cat /run/secrets/REPO_PASSWORD >> /etc/apt/auth.conf && \ + sha512sum /run/secrets/REPO_PASSWORD && \ + curl \ + --fail \ + --netrc-file /etc/apt/auth.conf \ + --output ${GPG_KEY} \ + https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg && \ + file ${GPG_KEY} && \ + apt-get --quiet update && \ + apt-get --yes --quiet install \ + libks2 \ + && rm -f /etc/apt/auth.conf # Bootstrap and Build -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - libks2 +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.deb OUT/. + -DCMAKE_BUILD_TYPE=Debug \ + -DCMAKE_INSTALL_PREFIX="/usr" \ + && make package \ + && mkdir OUT \ + && mv -v *.deb OUT/. # Artifacts image (mandatory part, the resulting image must have a single filesystem layer) FROM scratch diff --git a/.github/docker/debian/bullseye/amd64/Dockerfile b/.github/docker/debian/bullseye/amd64/Dockerfile index 4e52536..019f9d6 100644 --- a/.github/docker/debian/bullseye/amd64/Dockerfile +++ b/.github/docker/debian/bullseye/amd64/Dockerfile @@ -1,25 +1,35 @@ -ARG BUILDER_IMAGE=debian:bullseye -ARG MAINTAINER="Andrey Volk " +ARG BUILDER_IMAGE=debian:bullseye-20240513 FROM ${BUILDER_IMAGE} AS builder +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +ARG CODENAME=bullseye +ARG ARCH=amd64 + # Credentials ARG REPO_DOMAIN=freeswitch.signalwire.com ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password ARG BUILD_NUMBER=42 ARG GIT_SHA=0000000000 ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" -MAINTAINER ${MAINTAINER} +ARG DATA_DIR=/data + +LABEL maintainer="${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" SHELL ["/bin/bash", "-c"] -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get -q update \ + && apt-get -y -q install \ apt-transport-https \ + autoconf \ + automake \ build-essential \ ca-certificates \ cmake \ @@ -29,50 +39,59 @@ RUN apt-get -q update && \ dh-autoreconf \ dos2unix \ doxygen \ + dpkg-dev \ git \ + gnupg2 \ graphviz \ libglib2.0-dev \ libssl-dev \ lsb-release \ pkg-config \ + unzip \ wget RUN update-ca-certificates --fresh -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR} -RUN git reset --hard HEAD && git clean -xfd - -RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ - chmod +x ~/.env +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env \ + && echo "export ARCH=${ARCH}" | tee -a ~/.env \ + && chmod +x ~/.env RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main EOF -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - cp -f ~/.netrc /etc/apt/auth.conf - -RUN git config --global --add safe.directory '*' - -RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN --mount=type=secret,id=REPO_PASSWORD,required=true \ + printf "machine ${REPO_DOMAIN} " > /etc/apt/auth.conf && \ + printf "login ${REPO_USERNAME} " >> /etc/apt/auth.conf && \ + printf "password " >> /etc/apt/auth.conf && \ + cat /run/secrets/REPO_PASSWORD >> /etc/apt/auth.conf && \ + sha512sum /run/secrets/REPO_PASSWORD && \ + curl \ + --fail \ + --netrc-file /etc/apt/auth.conf \ + --output ${GPG_KEY} \ + https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg && \ + file ${GPG_KEY} && \ + apt-get --quiet update && \ + apt-get --yes --quiet install \ + libks2 \ + && rm -f /etc/apt/auth.conf # Bootstrap and Build -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - libks2 +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.deb OUT/. + -DCMAKE_BUILD_TYPE=Debug \ + -DCMAKE_INSTALL_PREFIX="/usr" \ + && make package \ + && mkdir OUT \ + && mv -v *.deb OUT/. # Artifacts image (mandatory part, the resulting image must have a single filesystem layer) FROM scratch diff --git a/.github/docker/debian/bullseye/arm32v7/Dockerfile b/.github/docker/debian/bullseye/arm32v7/Dockerfile index d2eb195..ba6edd4 100644 --- a/.github/docker/debian/bullseye/arm32v7/Dockerfile +++ b/.github/docker/debian/bullseye/arm32v7/Dockerfile @@ -1,25 +1,35 @@ -ARG BUILDER_IMAGE=arm32v7/debian:bullseye -ARG MAINTAINER="Andrey Volk " +ARG BUILDER_IMAGE=arm32v7/debian:bullseye-20240513 -FROM ${BUILDER_IMAGE} AS builder +FROM --platform=linux/arm/v7 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +ARG CODENAME=bullseye +ARG ARCH=arm32 # Credentials ARG REPO_DOMAIN=freeswitch.signalwire.com ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password ARG BUILD_NUMBER=42 ARG GIT_SHA=0000000000 ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" -MAINTAINER ${MAINTAINER} +ARG DATA_DIR=/data + +LABEL maintainer="${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" SHELL ["/bin/bash", "-c"] -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get -q update \ + && apt-get -y -q install \ apt-transport-https \ + autoconf \ + automake \ build-essential \ ca-certificates \ cmake \ @@ -29,50 +39,59 @@ RUN apt-get -q update && \ dh-autoreconf \ dos2unix \ doxygen \ + dpkg-dev \ git \ + gnupg2 \ graphviz \ libglib2.0-dev \ libssl-dev \ lsb-release \ pkg-config \ + unzip \ wget RUN update-ca-certificates --fresh -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR} -RUN git reset --hard HEAD && git clean -xfd - -RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ - chmod +x ~/.env +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env \ + && echo "export ARCH=${ARCH}" | tee -a ~/.env \ + && chmod +x ~/.env RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-release ${CODENAME} main deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-release ${CODENAME} main EOF -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - cp -f ~/.netrc /etc/apt/auth.conf - -RUN git config --global --add safe.directory '*' - -RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/rpi/debian-release/signalwire-freeswitch-repo.gpg +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN --mount=type=secret,id=REPO_PASSWORD,required=true \ + printf "machine ${REPO_DOMAIN} " > /etc/apt/auth.conf && \ + printf "login ${REPO_USERNAME} " >> /etc/apt/auth.conf && \ + printf "password " >> /etc/apt/auth.conf && \ + cat /run/secrets/REPO_PASSWORD >> /etc/apt/auth.conf && \ + sha512sum /run/secrets/REPO_PASSWORD && \ + curl \ + --fail \ + --netrc-file /etc/apt/auth.conf \ + --output ${GPG_KEY} \ + https://${REPO_DOMAIN}/repo/deb/rpi/debian-release/signalwire-freeswitch-repo.gpg && \ + file ${GPG_KEY} && \ + apt-get --quiet update && \ + apt-get --yes --quiet install \ + libks2 \ + && rm -f /etc/apt/auth.conf # Bootstrap and Build -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - libks2 +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.deb OUT/. + -DCMAKE_BUILD_TYPE=Debug \ + -DCMAKE_INSTALL_PREFIX="/usr" \ + && make package \ + && mkdir OUT \ + && mv -v *.deb OUT/. # Artifacts image (mandatory part, the resulting image must have a single filesystem layer) FROM scratch diff --git a/.github/docker/debian/bullseye/arm64v8/Dockerfile b/.github/docker/debian/bullseye/arm64v8/Dockerfile index 987b7fa..29de138 100644 --- a/.github/docker/debian/bullseye/arm64v8/Dockerfile +++ b/.github/docker/debian/bullseye/arm64v8/Dockerfile @@ -1,25 +1,35 @@ -ARG BUILDER_IMAGE=arm64v8/debian:bullseye -ARG MAINTAINER="Andrey Volk " +ARG BUILDER_IMAGE=arm64v8/debian:bullseye-20240513 -FROM ${BUILDER_IMAGE} AS builder +FROM --platform=linux/arm64 ${BUILDER_IMAGE} AS builder + +ARG MAINTAINER_NAME="Andrey Volk" +ARG MAINTAINER_EMAIL="andrey@signalwire.com" + +ARG CODENAME=bullseye +ARG ARCH=arm64 # Credentials ARG REPO_DOMAIN=freeswitch.signalwire.com ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password ARG BUILD_NUMBER=42 ARG GIT_SHA=0000000000 ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" -MAINTAINER ${MAINTAINER} +ARG DATA_DIR=/data + +LABEL maintainer="${MAINTAINER_NAME} <${MAINTAINER_EMAIL}>" SHELL ["/bin/bash", "-c"] -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ +ENV DEBIAN_FRONTEND=noninteractive + +RUN apt-get -q update \ + && apt-get -y -q install \ apt-transport-https \ + autoconf \ + automake \ build-essential \ ca-certificates \ cmake \ @@ -29,50 +39,59 @@ RUN apt-get -q update && \ dh-autoreconf \ dos2unix \ doxygen \ + dpkg-dev \ git \ + gnupg2 \ graphviz \ libglib2.0-dev \ libssl-dev \ lsb-release \ pkg-config \ + unzip \ wget RUN update-ca-certificates --fresh -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR} -RUN git reset --hard HEAD && git clean -xfd - -RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ - chmod +x ~/.env +RUN echo "export CODENAME=${CODENAME}" | tee ~/.env \ + && echo "export ARCH=${ARCH}" | tee -a ~/.env \ + && chmod +x ~/.env RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main EOF -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - cp -f ~/.netrc /etc/apt/auth.conf - -RUN git config --global --add safe.directory '*' - -RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg +RUN git config --global --add safe.directory '*' \ + && git config --global user.name "${MAINTAINER_NAME}" \ + && git config --global user.email "${MAINTAINER_EMAIL}" + +RUN --mount=type=secret,id=REPO_PASSWORD,required=true \ + printf "machine ${REPO_DOMAIN} " > /etc/apt/auth.conf && \ + printf "login ${REPO_USERNAME} " >> /etc/apt/auth.conf && \ + printf "password " >> /etc/apt/auth.conf && \ + cat /run/secrets/REPO_PASSWORD >> /etc/apt/auth.conf && \ + sha512sum /run/secrets/REPO_PASSWORD && \ + curl \ + --fail \ + --netrc-file /etc/apt/auth.conf \ + --output ${GPG_KEY} \ + https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg && \ + file ${GPG_KEY} && \ + apt-get --quiet update && \ + apt-get --yes --quiet install \ + libks2 \ + && rm -f /etc/apt/auth.conf # Bootstrap and Build -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - libks2 +COPY . ${DATA_DIR} +WORKDIR ${DATA_DIR} RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.deb OUT/. + -DCMAKE_BUILD_TYPE=Debug \ + -DCMAKE_INSTALL_PREFIX="/usr" \ + && make package \ + && mkdir OUT \ + && mv -v *.deb OUT/. # Artifacts image (mandatory part, the resulting image must have a single filesystem layer) FROM scratch diff --git a/.github/docker/debian/buster/amd64/Dockerfile b/.github/docker/debian/buster/amd64/Dockerfile deleted file mode 100644 index 6bdea69..0000000 --- a/.github/docker/debian/buster/amd64/Dockerfile +++ /dev/null @@ -1,79 +0,0 @@ -ARG BUILDER_IMAGE=debian:buster -ARG MAINTAINER="Andrey Volk " - -FROM ${BUILDER_IMAGE} AS builder - -# Credentials -ARG REPO_DOMAIN=freeswitch.signalwire.com -ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password - -ARG BUILD_NUMBER=42 -ARG GIT_SHA=0000000000 - -ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" - -MAINTAINER ${MAINTAINER} - -SHELL ["/bin/bash", "-c"] - -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - apt-transport-https \ - build-essential \ - ca-certificates \ - cmake \ - curl \ - debhelper \ - devscripts \ - dh-autoreconf \ - dos2unix \ - doxygen \ - git \ - graphviz \ - libglib2.0-dev \ - libssl-dev \ - lsb-release \ - pkg-config \ - wget - -RUN update-ca-certificates --fresh - -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR} -RUN git reset --hard HEAD && git clean -xfd - -RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ - chmod +x ~/.env - -RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list -deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main -deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main -EOF - -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - cp -f ~/.netrc /etc/apt/auth.conf - -RUN git config --global --add safe.directory '*' - -RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg - -# Bootstrap and Build -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - libks2 - -RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.deb OUT/. - -# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) -FROM scratch -COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/buster/arm32v7/Dockerfile b/.github/docker/debian/buster/arm32v7/Dockerfile deleted file mode 100644 index d1c21b4..0000000 --- a/.github/docker/debian/buster/arm32v7/Dockerfile +++ /dev/null @@ -1,79 +0,0 @@ -ARG BUILDER_IMAGE=arm32v7/debian:buster -ARG MAINTAINER="Andrey Volk " - -FROM ${BUILDER_IMAGE} AS builder - -# Credentials -ARG REPO_DOMAIN=freeswitch.signalwire.com -ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password - -ARG BUILD_NUMBER=42 -ARG GIT_SHA=0000000000 - -ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" - -MAINTAINER ${MAINTAINER} - -SHELL ["/bin/bash", "-c"] - -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - apt-transport-https \ - build-essential \ - ca-certificates \ - cmake \ - curl \ - debhelper \ - devscripts \ - dh-autoreconf \ - dos2unix \ - doxygen \ - git \ - graphviz \ - libglib2.0-dev \ - libssl-dev \ - lsb-release \ - pkg-config \ - wget - -RUN update-ca-certificates --fresh - -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR} -RUN git reset --hard HEAD && git clean -xfd - -RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ - chmod +x ~/.env - -RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list -deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-release ${CODENAME} main -deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/rpi/debian-release ${CODENAME} main -EOF - -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - cp -f ~/.netrc /etc/apt/auth.conf - -RUN git config --global --add safe.directory '*' - -RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/rpi/debian-release/signalwire-freeswitch-repo.gpg - -# Bootstrap and Build -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - libks2 - -RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.deb OUT/. - -# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) -FROM scratch -COPY --from=builder /data/OUT/ / diff --git a/.github/docker/debian/buster/arm64v8/Dockerfile b/.github/docker/debian/buster/arm64v8/Dockerfile deleted file mode 100644 index ffab385..0000000 --- a/.github/docker/debian/buster/arm64v8/Dockerfile +++ /dev/null @@ -1,79 +0,0 @@ -ARG BUILDER_IMAGE=arm64v8/debian:buster -ARG MAINTAINER="Andrey Volk " - -FROM ${BUILDER_IMAGE} AS builder - -# Credentials -ARG REPO_DOMAIN=freeswitch.signalwire.com -ARG REPO_USERNAME=user -ARG REPO_PASSWORD=password - -ARG BUILD_NUMBER=42 -ARG GIT_SHA=0000000000 - -ARG GPG_KEY="/usr/share/keyrings/signalwire-freeswitch-repo.gpg" - -MAINTAINER ${MAINTAINER} - -SHELL ["/bin/bash", "-c"] - -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - apt-transport-https \ - build-essential \ - ca-certificates \ - cmake \ - curl \ - debhelper \ - devscripts \ - dh-autoreconf \ - dos2unix \ - doxygen \ - git \ - graphviz \ - libglib2.0-dev \ - libssl-dev \ - lsb-release \ - pkg-config \ - wget - -RUN update-ca-certificates --fresh - -ENV DATA_DIR=/data -WORKDIR ${DATA_DIR} - -COPY . ${DATA_DIR} -RUN git reset --hard HEAD && git clean -xfd - -RUN echo "export CODENAME=$(lsb_release -sc | tr -d '\n')" | tee ~/.env && \ - chmod +x ~/.env - -RUN . ~/.env && cat < /etc/apt/sources.list.d/freeswitch.list -deb [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main -deb-src [signed-by=${GPG_KEY}] https://${REPO_DOMAIN}/repo/deb/debian-release ${CODENAME} main -EOF - -RUN --mount=type=secret,id=REPO_PASSWORD \ - printf "machine ${REPO_DOMAIN} " > ~/.netrc && \ - printf "login ${REPO_USERNAME} " >> ~/.netrc && \ - printf "password " >> ~/.netrc && \ - cat /run/secrets/REPO_PASSWORD >> ~/.netrc && \ - cp -f ~/.netrc /etc/apt/auth.conf - -RUN git config --global --add safe.directory '*' - -RUN curl --netrc -o ${GPG_KEY} https://${REPO_DOMAIN}/repo/deb/debian-release/signalwire-freeswitch-repo.gpg - -# Bootstrap and Build -RUN apt-get -q update && \ - DEBIAN_FRONTEND=noninteractive apt-get -yq install \ - libks2 - -RUN PACKAGE_RELEASE="${BUILD_NUMBER}.${GIT_SHA}" cmake . \ - -DCMAKE_BUILD_TYPE=Debug \ - -DCMAKE_INSTALL_PREFIX="/usr" && \ - make package && mkdir OUT && mv -v *.deb OUT/. - -# Artifacts image (mandatory part, the resulting image must have a single filesystem layer) -FROM scratch -COPY --from=builder /data/OUT/ / diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml new file mode 100644 index 0000000..36dec69 --- /dev/null +++ b/.github/workflows/build.yml @@ -0,0 +1,135 @@ +name: Build and Distribute + +on: + pull_request: + push: + branches: + - release + - master + paths: + - "**" + workflow_dispatch: + +concurrency: + group: ${{ github.head_ref || github.ref }} + +jobs: + deb: + name: 'DEB' + permissions: + id-token: write + contents: read + uses: signalwire/actions-template/.github/workflows/cicd-docker-build-and-distribute.yml@main + strategy: + # max-parallel: 1 + fail-fast: false + matrix: + os: + - debian + version: + - bookworm + - bullseye + platform: + - name: amd64 + runner: ubuntu-latest + - name: arm32v7 + runner: ubuntu-latest + - name: arm64v8 + runner: ubuntu-latest + with: + RUNNER: ${{ matrix.platform.runner }} + ARTIFACTS_PATTERN: '.*\.(deb)$' + DOCKERFILE: .github/docker/${{ matrix.os }}/${{ matrix.version }}/${{ matrix.platform.name }}/Dockerfile + MAINTAINER: 'Andrey Volk ' + META_FILE_PATH_PREFIX: /var/www/signalwire-c/public/unstable/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }} + PLATFORM: ${{ matrix.platform.name }} + REPO_DOMAIN: freeswitch.signalwire.com + TARGET_ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-public-unstable-artifact + UPLOAD_BUILD_ARTIFACTS: ${{ github.event_name != 'pull_request' }} + secrets: + GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} + HOSTNAME: ${{ secrets.HOSTNAME }} + PROXY_URL: ${{ secrets.PROXY_URL }} + USERNAME: ${{ secrets.USERNAME }} + TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} + REPO_USERNAME: 'signalwire' + REPO_PASSWORD: ${{ secrets.REPOTOKEN }} + + deb-mirror: + name: 'DEB-MIRROR' + if: ${{ github.event_name != 'pull_request' }} + needs: + - deb + runs-on: ubuntu-latest + permissions: + id-token: write + contents: read + strategy: + # max-parallel: 1 + fail-fast: false + matrix: + os: + - debian + version: + - bookworm + - bullseye + platform: + - name: amd64 + runner: ubuntu-latest + - name: arm32v7 + runner: ubuntu-latest + - name: arm64v8 + runner: ubuntu-latest + release: + - release + - unstable + steps: + - name: Checkout reusable actions + uses: actions/checkout@v4 + with: + repository: signalwire/actions-template + ref: main + fetch-depth: 1 + path: actions + sparse-checkout: | + .github/actions/teleport-local-copy/action.yml + sparse-checkout-cone-mode: false + + - name: Mirror artifacts on remote server behind Teleport (public) + uses: ./actions/.github/actions/teleport-local-copy + with: + SRC: '/var/www/signalwire-c/public/unstable/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }}/${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-public-unstable-artifact.tar.gz' + DST: '/var/www/signalwire-c/public/${{ matrix.release }}/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }}/${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-public-${{ matrix.release }}-artifact.tar.gz' + env: + HOSTNAME: ${{ secrets.HOSTNAME }} + PROXY_URL: ${{ secrets.PROXY_URL }} + TOKEN: ${{ secrets.TELEPORT_TOKEN }} + USERNAME: ${{ secrets.USERNAME }} + + - name: Mirror artifacts on remote server behind Teleport (fsa) + uses: ./actions/.github/actions/teleport-local-copy + with: + SRC: '/var/www/signalwire-c/public/unstable/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }}/${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-public-unstable-artifact.tar.gz' + DST: '/var/www/signalwire-c/fsa/${{ matrix.release }}/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }}/${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-fsa-${{ matrix.release }}-artifact.tar.gz' + env: + HOSTNAME: ${{ secrets.HOSTNAME }} + PROXY_URL: ${{ secrets.PROXY_URL }} + TOKEN: ${{ secrets.TELEPORT_TOKEN }} + USERNAME: ${{ secrets.USERNAME }} + + meta: + name: 'Publish build data to meta-repo' + if: ${{ github.event_name != 'pull_request' }} + needs: + - deb + - deb-mirror + permissions: + id-token: write + contents: read + uses: signalwire/actions-template/.github/workflows/meta-repo-content.yml@main + with: + META_CONTENT: '/var/www/signalwire-c/{fsa,public}/{release,unstable}/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }}' + META_REPO: signalwire/bamboo_gha_trigger + META_REPO_BRANCH: trigger/signalwire-c/${{ github.ref_name }} + secrets: + GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} diff --git a/.github/workflows/cicd.yml b/.github/workflows/cicd.yml deleted file mode 100644 index 9942046..0000000 --- a/.github/workflows/cicd.yml +++ /dev/null @@ -1,114 +0,0 @@ -name: Build and Distribute - -on: - pull_request: - push: - branches: - - release - - master - paths: - - "**" - workflow_dispatch: - -concurrency: - group: ${{ github.head_ref || github.ref }} - -jobs: - deb: - name: 'DEB' - permissions: - id-token: write - contents: read - uses: signalwire/actions-template/.github/workflows/cicd-docker-build-and-distribute.yml@main - strategy: - # max-parallel: 1 - fail-fast: false - matrix: - os: - - debian - version: - - bookworm - - bullseye - - buster - platform: - - name: amd64 - runner: ubuntu-latest - - name: arm32v7 - runner: ubuntu-latest - - name: arm64v8 - runner: ubuntu-latest - # exclude: - # - version: bookworm - # platform: - # name: arm32v7 - with: - RUNNER: ${{ matrix.platform.runner }} - ARTIFACTS_PATTERN: '.*\.(deb)$' - DOCKERFILE: .github/docker/${{ matrix.os }}/${{ matrix.version }}/${{ matrix.platform.name }}/Dockerfile - MAINTAINER: 'Andrey Volk ' - META_FILE_PATH_PREFIX: /var/www/signalwire-c/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }} - PLATFORM: ${{ matrix.platform.name }} - REPO_DOMAIN: freeswitch.signalwire.com - TARGET_ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-artifact - UPLOAD_BUILD_ARTIFACTS: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }} - secrets: - GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} - HOSTNAME: ${{ secrets.HOSTNAME }} - PROXY_URL: ${{ secrets.PROXY_URL }} - USERNAME: ${{ secrets.USERNAME }} - TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} - REPO_USERNAME: 'signalwire' - REPO_PASSWORD: ${{ secrets.REPOTOKEN }} - - rpm: - name: 'RPM' - permissions: - id-token: write - contents: read - uses: signalwire/actions-template/.github/workflows/cicd-docker-build-and-distribute.yml@main - strategy: - # max-parallel: 1 - fail-fast: false - matrix: - os: - - centos - version: - - 7 - platform: - - name: amd64 - runner: ubuntu-latest - with: - RUNNER: ${{ matrix.platform.runner }} - ARTIFACTS_PATTERN: '.*\.(rpm)$' - DOCKERFILE: .github/docker/${{ matrix.os }}/${{ matrix.version }}/${{ matrix.platform.name }}/Dockerfile - MAINTAINER: 'Andrey Volk ' - META_FILE_PATH_PREFIX: /var/www/signalwire-c/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }} - PLATFORM: ${{ matrix.platform.name }} - REPO_DOMAIN: freeswitch.signalwire.com - TARGET_ARTIFACT_NAME: ${{ matrix.os }}-${{ matrix.version }}-${{ matrix.platform.name }}-artifact - UPLOAD_BUILD_ARTIFACTS: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }} - secrets: - GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }} - HOSTNAME: ${{ secrets.HOSTNAME }} - PROXY_URL: ${{ secrets.PROXY_URL }} - USERNAME: ${{ secrets.USERNAME }} - TELEPORT_TOKEN: ${{ secrets.TELEPORT_TOKEN }} - REPO_USERNAME: 'signalwire' - REPO_PASSWORD: ${{ secrets.REPOTOKEN }} - - meta: - name: 'Publish build data to meta-repo' - if: ${{ github.event_name != 'pull_request' || contains(github.event.pull_request.title, ':upload-artifacts') }} - needs: - - deb - - rpm - permissions: - id-token: write - contents: read - uses: signalwire/actions-template/.github/workflows/meta-repo-content.yml@main - with: - META_CONTENT: '/var/www/signalwire-c/${{ github.ref_name }}/${{ github.run_id }}-${{ github.run_number }}' - META_REPO: signalwire/bamboo_gha_trigger - META_REPO_BRANCH: trigger/signalwire-c/${{ github.ref_name }} - secrets: - GH_BOT_DEPLOY_TOKEN: ${{ secrets.PAT }}