Feature: Add 3.1.5 variant

theohbrothers · Jun 30, 2023 · 874540b · 874540b
1 parent 1eeda76
commit 874540b
Show file tree

Hide file tree

Showing 6 changed files with 207 additions and 5 deletions.
diff --git a/.github/workflows/ci-master-pr.yml b/.github/workflows/ci-master-pr.yml
@@ -32,6 +32,127 @@ jobs:
       run: |
         git diff --exit-code
 
+  build-v3-1-5-alpine-edge:
+    runs-on: ubuntu-latest
+    env:
+      VARIANT: v3.1.5-alpine-edge
+    steps:
+    - name: Checkout
+      uses: actions/checkout@v3
+
+    - name: Display system info (linux)
+      run: |
+        set -e
+        hostname
+        whoami
+        cat /etc/*release
+        lscpu
+        free
+        df -h
+        pwd
+        docker info
+        docker version
+
+    # See: https://github.com/docker/build-push-action/blob/v2.6.1/docs/advanced/cache.md#github-cache
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v2
+
+    - name: Set up Docker Buildx
+      id: buildx
+      uses: docker/setup-buildx-action@v2
+
+    - name: Cache Docker layers
+      uses: actions/cache@v3
+      with:
+        path: /tmp/.buildx-cache
+        key: ${{ runner.os }}-buildx-${{ env.VARIANT }}-${{ github.sha }}
+        restore-keys: |
+          ${{ runner.os }}-buildx-${{ env.VARIANT }}-
+          ${{ runner.os }}-buildx-
+
+    # This step generates the docker tags
+    - name: Prepare
+      id: prep
+      run: |
+        set -e
+
+        # Get ref, i.e. <branch_name> from refs/heads/<branch_name>, or <tag-name> from refs/tags/<tag_name>. E.g. 'master' or 'v0.0.0'
+        REF=$( echo "${GITHUB_REF}" | rev | cut -d '/' -f 1 | rev )
+
+        # Get short commit hash E.g. 'abc0123'
+        SHA=$( echo "${GITHUB_SHA}" | cut -c1-7 )
+
+        # Generate docker image tags
+        # E.g. 'v0.0.0-<variant>' and 'v0.0.0-abc0123-<variant>'
+        # E.g. 'master-<variant>' and 'master-abc0123-<variant>'
+        REF_VARIANT="${REF}-${VARIANT}"
+        REF_SHA_VARIANT="${REF}-${SHA}-${VARIANT}"
+
+        # Pass variables to next step
+        echo "VARIANT_BUILD_DIR=$VARIANT_BUILD_DIR" >> $GITHUB_ENV
+        echo "VARIANT=$VARIANT" >> $GITHUB_ENV
+        echo "REF_VARIANT=$REF_VARIANT" >> $GITHUB_ENV
+        echo "REF_SHA_VARIANT=$REF_SHA_VARIANT" >> $GITHUB_ENV
+
+    - name: Login to Docker Hub registry
+      # Run on master and tags
+      if: github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')
+      uses: docker/login-action@v2
+      with:
+        username: ${{ secrets.DOCKERHUB_REGISTRY_USER }}
+        password: ${{ secrets.DOCKERHUB_REGISTRY_PASSWORD }}
+
+    - name: Build (PRs)
+      # Run only on pull requests
+      if: github.event_name == 'pull_request'
+      uses: docker/build-push-action@v3
+      with:
+        context: variants/v3.1.5-alpine-edge
+        platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
+        push: false
+        tags: |
+          ${{ github.repository }}:${{ env.REF_VARIANT }}
+          ${{ github.repository }}:${{ env.REF_SHA_VARIANT }}
+        cache-from: type=local,src=/tmp/.buildx-cache
+        cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+    - name: Build and push (master)
+      # Run only on master
+      if: github.ref == 'refs/heads/master'
+      uses: docker/build-push-action@v3
+      with:
+        context: variants/v3.1.5-alpine-edge
+        platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
+        push: true
+        tags: |
+          ${{ github.repository }}:${{ env.REF_VARIANT }}
+          ${{ github.repository }}:${{ env.REF_SHA_VARIANT }}
+        cache-from: type=local,src=/tmp/.buildx-cache
+        cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+    - name: Build and push (release)
+      if: startsWith(github.ref, 'refs/tags/')
+      uses: docker/build-push-action@v3
+      with:
+        context: variants/v3.1.5-alpine-edge
+        platforms: linux/386,linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64,linux/s390x
+        push: true
+        tags: |
+          ${{ github.repository }}:${{ env.VARIANT }}
+          ${{ github.repository }}:${{ env.REF_VARIANT }}
+          ${{ github.repository }}:${{ env.REF_SHA_VARIANT }}
+          ${{ github.repository }}:latest
+        cache-from: type=local,src=/tmp/.buildx-cache
+        cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
+
+    # Temp fix
+    # https://github.com/docker/build-push-action/issues/252
+    # https://github.com/moby/buildkit/issues/1896
+    - name: Move cache
+      run: |
+        rm -rf /tmp/.buildx-cache
+        mv /tmp/.buildx-cache-new /tmp/.buildx-cache
+
   build-v3-1-2-alpine-3-18:
     runs-on: ubuntu-latest
     env:
@@ -141,7 +262,6 @@ jobs:
           ${{ github.repository }}:${{ env.VARIANT }}
           ${{ github.repository }}:${{ env.REF_VARIANT }}
           ${{ github.repository }}:${{ env.REF_SHA_VARIANT }}
-          ${{ github.repository }}:latest
         cache-from: type=local,src=/tmp/.buildx-cache
         cache-to: type=local,dest=/tmp/.buildx-cache-new,mode=max
 
@@ -1594,7 +1714,7 @@ jobs:
         mv /tmp/.buildx-cache-new /tmp/.buildx-cache
 
   update-draft-release:
-    needs: [build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3]
+    needs: [build-v3-1-5-alpine-edge, build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3]
     if: github.ref == 'refs/heads/master'
     runs-on: ubuntu-latest
     steps:
@@ -1607,7 +1727,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
   publish-draft-release:
-    needs: [build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3]
+    needs: [build-v3-1-5-alpine-edge, build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3]
     if: startsWith(github.ref, 'refs/tags/')
     runs-on: ubuntu-latest
     steps:
@@ -1622,7 +1742,7 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
   update-dockerhub-description:
-    needs: [build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3]
+    needs: [build-v3-1-5-alpine-edge, build-v3-1-2-alpine-3-18, build-v3-1-1-alpine-3-17, build-v3-0-8-alpine-3-13, build-v3-0-7-alpine-3-12, build-v3-0-6-alpine-3-11, build-v3-0-6-alpine-3-10, build-v3-0-5-alpine-3-9, build-v3-0-4-alpine-3-8, build-v3-0-3-alpine-3-7, build-v3-0-1-alpine-3-6, build-v3-0-1-alpine-3-5, build-v3-0-1-alpine-3-4, build-v3-0-1-alpine-3-3]
     if: github.ref == 'refs/heads/master'
     runs-on: ubuntu-latest
     steps:

diff --git a/README.md b/README.md
@@ -10,7 +10,8 @@ Dockerized [`easy-rsa`](https://github.com/OpenVPN/easy-rsa).
 
 | Tag | Dockerfile Build Context |
 |:-------:|:---------:|
-| `:v3.1.2-alpine-3.18`, `:latest` | [View](variants/v3.1.2-alpine-3.18) |
+| `:v3.1.5-alpine-edge`, `:latest` | [View](variants/v3.1.5-alpine-edge) |
+| `:v3.1.2-alpine-3.18` | [View](variants/v3.1.2-alpine-3.18) |
 | `:v3.1.1-alpine-3.17` | [View](variants/v3.1.1-alpine-3.17) |
 | `:v3.0.8-alpine-3.13` | [View](variants/v3.0.8-alpine-3.13) |
 | `:v3.0.7-alpine-3.12` | [View](variants/v3.0.7-alpine-3.12) |

diff --git a/generate/definitions/VARIANTS.ps1 b/generate/definitions/VARIANTS.ps1
@@ -1,5 +1,14 @@
 # Docker image variants' definitions
 $local:VARIANTS_MATRIX = @(
+    @{
+        package = 'easy-rsa'
+        package_version = '3.1.5-r0'
+        distro = 'alpine'
+        distro_version = 'edge'
+        subvariants = @(
+            @{ components = @() }
+        )
+    }
     @{
         package = 'easy-rsa'
         package_version = '3.1.2-r0'

diff --git a/variants/v3.1.5-alpine-edge/Dockerfile b/variants/v3.1.5-alpine-edge/Dockerfile
@@ -0,0 +1,21 @@
+FROM alpine:edge
+
+RUN apk add --no-cache easy-rsa=3.1.5-r0 iptables
+
+COPY docker-entrypoint.sh /docker-entrypoint.sh
+RUN chmod +x /docker-entrypoint.sh
+
+# alpine easyrsa top-level directory. Use command find / -name 'easyrsa'
+RUN echo "Looking for easyrsa binary" \
+    && ls '/usr/share/easy-rsa/easyrsa'
+ENV EASYRSA=/usr/share/easy-rsa
+
+WORKDIR /usr/share/easy-rsa
+
+# alpine openssl.cnf location. Use command find / -name 'openssl*.cnf'
+# <  v3.0.4: https://github.com/OpenVPN/easy-rsa/blob/v3.0.0/easyrsa3/easyrsa#L1032-L1033
+# >= v3.0.4:
+RUN echo "Looking for openssl.cnf" \
+    && find /etc /usr -name 'openssl*.cnf'
+
+ENTRYPOINT ["/docker-entrypoint.sh"]
diff --git a/variants/v3.1.5-alpine-edge/docker-compose.yml b/variants/v3.1.5-alpine-edge/docker-compose.yml
@@ -0,0 +1,40 @@
+version: '2.1'
+services:
+  easyrsa:
+    container_name: easyrsa
+    image: theohbrothers/docker-easyrsa:v3.1.5-alpine-edge
+
+    # Uncomment and configure these environment to your needs. The following are the default values, according to: https://github.com/OpenVPN/easy-rsa/blob/v3.0.8/doc/EasyRSA-Advanced.md#configuration-reference
+    # Using environment variables is preferred to using a vars file
+    # Double dollar signs '$$' is to escape a dollar sign in the docker-compose yaml parser, see: https://stackoverflow.com/a/40621373
+    # environment:
+      # - EASYRSA_SSL_CONF=/etc/ssl/openssl.cnf
+      # - EASYRSA=$${0%/*}
+      # - EASYRSA_OPENSSL=openssl
+      # - EASYRSA_SSL_CONF=$$EASYRSA/openssl-easyrsa.cnf
+      # - EASYRSA_PKI=$$PWD/pki
+      # - EASYRSA_DN=cn_only
+      # - EASYRSA_REQ_COUNTRY=US
+      # - EASYRSA_REQ_PROVINCE=California
+      # - EASYRSA_REQ_CITY=San Francisco
+      # - EASYRSA_REQ_ORG=Copyleft Certificate Co
+      # - [email protected]
+      # - EASYRSA_REQ_OU=My Organizational Unit
+      # - EASYRSA_KEY_SIZE=2048
+      # - EASYRSA_ALGO=rsa
+      # - EASYRSA_CURVE=secp384r1
+      # - EASYRSA_CA_EXPIRE=3650
+      # - EASYRSA_CERT_EXPIRE=180
+      # - EASYRSA_CERT_RENEW=30
+      # - EASYRSA_NS_SUPPORT=no
+      # - EASYRSA_NS_COMMENT=Easy-RSA Generated Certificate
+      # - EASYRSA_TEMP_FILE=$$EASYRSA_PKI/extensions.temp
+      # - EASYRSA_EXT_DIR=$$EASYRSA/x509-types
+      # - EASYRSA_REQ_CN=ChangeMe
+      # - EASYRSA_DIGEST=sha256
+      # - EASYRSA_BATCH=
+
+    # Uncomment this to mount your own openssl.cnf, vars file(s)
+    # volumes:
+      # - ./path/to/openssl.conf:/etc/ssl/openssl.cnf
+      # - ./path/to/vars:/etc/ssl/openssl.cnf
diff --git a/variants/v3.1.5-alpine-edge/docker-entrypoint.sh b/variants/v3.1.5-alpine-edge/docker-entrypoint.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+set -aeo pipefail
+
+# Generate the command line. easy-rsa man: https://github.com/OpenVPN/easy-rsa/blob/v3.0.0/README.quickstart.md
+echo "Generating command line"
+set "$EASYRSA/easyrsa" "$@"
+
+# Exec
+echo "easyrsa command line: $@"
+exec "$@"