From 874540b534aabaef599073f70162909ead7ee399 Mon Sep 17 00:00:00 2001 From: Leonard Jonathan Oh Date: Fri, 30 Jun 2023 08:51:16 +0000 Subject: [PATCH] Feature: Add `3.1.5` variant --- .github/workflows/ci-master-pr.yml | 128 +++++++++++++++++- README.md | 3 +- generate/definitions/VARIANTS.ps1 | 9 ++ variants/v3.1.5-alpine-edge/Dockerfile | 21 +++ .../v3.1.5-alpine-edge/docker-compose.yml | 40 ++++++ .../v3.1.5-alpine-edge/docker-entrypoint.sh | 11 ++ 6 files changed, 207 insertions(+), 5 deletions(-) create mode 100644 variants/v3.1.5-alpine-edge/Dockerfile create mode 100644 variants/v3.1.5-alpine-edge/docker-compose.yml create mode 100644 variants/v3.1.5-alpine-edge/docker-entrypoint.sh diff --git a/.github/workflows/ci-master-pr.yml b/.github/workflows/ci-master-pr.yml index 42cf4fc..8cd5444 100644 --- a/.github/workflows/ci-master-pr.yml +++ b/.github/workflows/ci-master-pr.yml @@ -32,6 +32,127 @@ jobs: run: | git diff --exit-code + build-v3-1-5-alpine-edge: + runs-on: ubuntu-latest + env: + VARIANT: v3.1.5-alpine-edge + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Display system info (linux) + run: | + set -e + hostname + whoami + cat /etc/*release + lscpu + free + df -h + pwd + docker info + docker version + + # See: https://github.com/docker/build-push-action/blob/v2.6.1/docs/advanced/cache.md#github-cache + - name: Set up QEMU + uses: docker/setup-qemu-action@v2 + + - name: Set up Docker Buildx + id: buildx + uses: docker/setup-buildx-action@v2 + + - name: Cache Docker layers + uses: actions/cache@v3 + with: + path: /tmp/.buildx-cache + key: ${{ runner.os }}-buildx-${{ env.VARIANT }}-${{ github.sha }} + restore-keys: | + ${{ runner.os }}-buildx-${{ env.VARIANT }}- + ${{ runner.os }}-buildx- + + # This step generates the docker tags + - name: Prepare + id: prep + run: | + set -e + + # Get ref, i.e. from refs/heads/, or from refs/tags/. E.g. 'master' or 'v0.0.0' + REF=$( echo "${GITHUB_REF}" | rev | cut -d '/' -f 1 | rev ) + + # Get short commit hash E.g. 'abc0123' + SHA=$( echo "${GITHUB_SHA}" | cut -c1-7 ) + + # Generate docker image tags + # E.g. 'v0.0.0-' and 'v0.0.0-abc0123-' + # E.g. 'master-' and 'master-abc0123-' + REF_VARIANT="${REF}-${VARIANT}" + REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}" + + # Pass variables to next step + echo "VARIANT_BUILD_DIR=$VARIANT_BUILD_DIR" >> $GITHUB_ENV + echo "VARIANT=$VARIANT" >> $GITHUB_ENV + echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_ENV + echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_ENV + + - name: Login to Docker Hub registry + # Run on master and tags + if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/') + uses: docker/login-action@v2 + with: + username: ${{ secrets.DOCKERHUB_REGISTRY_USER }} + password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }} + + - name: Build (PRs) + # Run only on pull requests + if: github.event_name == 'pull_request' + uses: docker/build-push-action@v3 + with: + context: variants/v3.1.5-alpine-edge + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x + push: false + tags: | + ${{ github.repository }}:${{ env.REF_VARIANT }} + ${{ github.repository }}:${{ env.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - name: Build and push (master) + # Run only on master + if: github.ref == 'refs/heads/master' + uses: docker/build-push-action@v3 + with: + context: variants/v3.1.5-alpine-edge + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x + push: true + tags: | + ${{ github.repository }}:${{ env.REF_VARIANT }} + ${{ github.repository }}:${{ env.REF_SHA_VARIANT }} + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + - name: Build and push (release) + if: startsWith(github.ref, 'refs/tags/') + uses: docker/build-push-action@v3 + with: + context: variants/v3.1.5-alpine-edge + platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x + push: true + tags: | + ${{ github.repository }}:${{ env.VARIANT }} + ${{ github.repository }}:${{ env.REF_VARIANT }} + ${{ github.repository }}:${{ env.REF_SHA_VARIANT }} + ${{ github.repository }}:latest + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max + + # Temp fix + # https://github.com/docker/build-push-action/issues/252 + # https://github.com/moby/buildkit/issues/1896 + - name: Move cache + run: | + rm -rf /tmp/.buildx-cache + mv /tmp/.buildx-cache-new /tmp/.buildx-cache + build-v3-1-2-alpine-3-18: runs-on: ubuntu-latest env: @@ -141,7 +262,6 @@ jobs: ${{ github.repository }}:${{ env.VARIANT }} ${{ github.repository }}:${{ env.REF_VARIANT }} ${{ github.repository }}:${{ env.REF_SHA_VARIANT }} - ${{ github.repository }}:latest cache-from: type=local,src=/tmp/.buildx-cache cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max @@ -1594,7 +1714,7 @@ jobs: mv /tmp/.buildx-cache-new /tmp/.buildx-cache update-draft-release: - needs: [build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3] + needs: [build-v3-1-5-alpine-edge, build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3] if: github.ref == 'refs/heads/master' runs-on: ubuntu-latest steps: @@ -1607,7 +1727,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} publish-draft-release: - needs: [build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3] + needs: [build-v3-1-5-alpine-edge, build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3] if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-latest steps: @@ -1622,7 +1742,7 @@ jobs: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} update-dockerhub-description: - needs: [build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3] + needs: [build-v3-1-5-alpine-edge, build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3] if: github.ref == 'refs/heads/master' runs-on: ubuntu-latest steps: diff --git a/README.md b/README.md index ecf0c51..003ec35 100644 --- a/README.md +++ b/README.md @@ -10,7 +10,8 @@ Dockerized [`easy-rsa`](https://github.com/OpenVPN/easy-rsa). | Tag | Dockerfile Build Context | |:-------:|:---------:| -| `:v3.1.2-alpine-3.18`, `:latest` | [View](variants/v3.1.2-alpine-3.18) | +| `:v3.1.5-alpine-edge`, `:latest` | [View](variants/v3.1.5-alpine-edge) | +| `:v3.1.2-alpine-3.18` | [View](variants/v3.1.2-alpine-3.18) | | `:v3.1.1-alpine-3.17` | [View](variants/v3.1.1-alpine-3.17) | | `:v3.0.8-alpine-3.13` | [View](variants/v3.0.8-alpine-3.13) | | `:v3.0.7-alpine-3.12` | [View](variants/v3.0.7-alpine-3.12) | diff --git a/generate/definitions/VARIANTS.ps1 b/generate/definitions/VARIANTS.ps1 index bc222f6..75bc6d7 100644 --- a/generate/definitions/VARIANTS.ps1 +++ b/generate/definitions/VARIANTS.ps1 @@ -1,5 +1,14 @@ # Docker image variants' definitions $local:VARIANTS_MATRIX = @( + @{ + package = 'easy-rsa' + package_version = '3.1.5-r0' + distro = 'alpine' + distro_version = 'edge' + subvariants = @( + @{ components = @() } + ) + } @{ package = 'easy-rsa' package_version = '3.1.2-r0' diff --git a/variants/v3.1.5-alpine-edge/Dockerfile b/variants/v3.1.5-alpine-edge/Dockerfile new file mode 100644 index 0000000..05faae6 --- /dev/null +++ b/variants/v3.1.5-alpine-edge/Dockerfile @@ -0,0 +1,21 @@ +FROM alpine:edge + +RUN apk add --no-cache easy-rsa=3.1.5-r0 iptables + +COPY docker-entrypoint.sh /docker-entrypoint.sh +RUN chmod +x /docker-entrypoint.sh + +# alpine easyrsa top-level directory. Use command find / -name 'easyrsa' +RUN echo "Looking for easyrsa binary" \ + && ls '/usr/share/easy-rsa/easyrsa' +ENV EASYRSA=/usr/share/easy-rsa + +WORKDIR /usr/share/easy-rsa + +# alpine openssl.cnf location. Use command find / -name 'openssl*.cnf' +# < v3.0.4: https://github.com/OpenVPN/easy-rsa/blob/v3.0.0/easyrsa3/easyrsa#L1032-L1033 +# >= v3.0.4: +RUN echo "Looking for openssl.cnf" \ + && find /etc /usr -name 'openssl*.cnf' + +ENTRYPOINT ["/docker-entrypoint.sh"] diff --git a/variants/v3.1.5-alpine-edge/docker-compose.yml b/variants/v3.1.5-alpine-edge/docker-compose.yml new file mode 100644 index 0000000..62526a7 --- /dev/null +++ b/variants/v3.1.5-alpine-edge/docker-compose.yml @@ -0,0 +1,40 @@ +version: '2.1' +services: + easyrsa: + container_name: easyrsa + image: theohbrothers/docker-easyrsa:v3.1.5-alpine-edge + + # Uncomment and configure these environment to your needs. The following are the default values, according to: https://github.com/OpenVPN/easy-rsa/blob/v3.0.8/doc/EasyRSA-Advanced.md#configuration-reference + # Using environment variables is preferred to using a vars file + # Double dollar signs '$$' is to escape a dollar sign in the docker-compose yaml parser, see: https://stackoverflow.com/a/40621373 + # environment: + # - EASYRSA_SSL_CONF=/etc/ssl/openssl.cnf + # - EASYRSA=$${0%/*} + # - EASYRSA_OPENSSL=openssl + # - EASYRSA_SSL_CONF=$$EASYRSA/openssl-easyrsa.cnf + # - EASYRSA_PKI=$$PWD/pki + # - EASYRSA_DN=cn_only + # - EASYRSA_REQ_COUNTRY=US + # - EASYRSA_REQ_PROVINCE=California + # - EASYRSA_REQ_CITY=San Francisco + # - EASYRSA_REQ_ORG=Copyleft Certificate Co + # - EASYRSA_REQ_EMAIL=me@example.net + # - EASYRSA_REQ_OU=My Organizational Unit + # - EASYRSA_KEY_SIZE=2048 + # - EASYRSA_ALGO=rsa + # - EASYRSA_CURVE=secp384r1 + # - EASYRSA_CA_EXPIRE=3650 + # - EASYRSA_CERT_EXPIRE=180 + # - EASYRSA_CERT_RENEW=30 + # - EASYRSA_NS_SUPPORT=no + # - EASYRSA_NS_COMMENT=Easy-RSA Generated Certificate + # - EASYRSA_TEMP_FILE=$$EASYRSA_PKI/extensions.temp + # - EASYRSA_EXT_DIR=$$EASYRSA/x509-types + # - EASYRSA_REQ_CN=ChangeMe + # - EASYRSA_DIGEST=sha256 + # - EASYRSA_BATCH= + + # Uncomment this to mount your own openssl.cnf, vars file(s) + # volumes: + # - ./path/to/openssl.conf:/etc/ssl/openssl.cnf + # - ./path/to/vars:/etc/ssl/openssl.cnf \ No newline at end of file diff --git a/variants/v3.1.5-alpine-edge/docker-entrypoint.sh b/variants/v3.1.5-alpine-edge/docker-entrypoint.sh new file mode 100644 index 0000000..3d6fa44 --- /dev/null +++ b/variants/v3.1.5-alpine-edge/docker-entrypoint.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +set -aeo pipefail + +# Generate the command line. easy-rsa man: https://github.com/OpenVPN/easy-rsa/blob/v3.0.0/README.quickstart.md +echo "Generating command line" +set "$EASYRSA/easyrsa" "$@" + +# Exec +echo "easyrsa command line: $@" +exec "$@" \ No newline at end of file