diff --git a/.github/workflows/bridge.yml b/.github/workflows/bridge.yml new file mode 100644 index 0000000..887d092 --- /dev/null +++ b/.github/workflows/bridge.yml @@ -0,0 +1,128 @@ +name: Bridge Mode build +on: + workflow_call: + inputs: + event: + required: true + type: string + tag: + required: true + type: string + secrets: + QUAY_PASSWORD: + required: true + REGISTRY_PASSWORD: + required: true + +env: + IMAGE_NAME: zerotier + +jobs: + build: + name: Build images + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + platform: [ + {os: "linux", arch: "amd64", variant: "", name: "amd64"}, + {os: "linux", arch: "386", variant: "", name: "i386"}, + {os: "linux", arch: "arm64", variant: "v8", name: "arm64v8"}, + {os: "linux", arch: "arm", variant: "v7", name: "arm32v7"}, + {os: "linux", arch: "arm", variant: "v6", name: "arm32v6"} + ] + steps: + - name: Checkout zerotier-docker + uses: actions/checkout@v2 + + - name: Install qemu dependency + run: | + sudo apt-get update + sudo apt-get install -y qemu-user-static + + - name: Build unstable image + if: ${{ inputs.event == 'push' }} + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ env.IMAGE_NAME }} + tags: ${{ matrix.platform.name }} + platform: ${{ format('{0}/{1}/{2}', matrix.platform.os, matrix.platform.arch, matrix.platform.variant) }} + build-args: | + FROM_IMAGE=${{ format('ghcr.io/zyclonite/{0}', env.IMAGE_NAME) }} + FROM_VERSION=main + dockerfiles: | + ./Dockerfile.bridge + + - name: Build stable image + if: ${{ inputs.event == 'release' }} + uses: redhat-actions/buildah-build@v2 + with: + image: ${{ env.IMAGE_NAME }} + tags: ${{ matrix.platform.name }} + platform: ${{ format('{0}/{1}/{2}', matrix.platform.os, matrix.platform.arch, matrix.platform.variant) }} + build-args: | + FROM_IMAGE=${{ format('ghcr.io/zyclonite/{0}', env.IMAGE_NAME) }} + FROM_VERSION=${{ inputs.tag }} + dockerfiles: | + ./Dockerfile.bridge + + - name: Check images created + run: buildah images | grep '${{ env.IMAGE_NAME }}' + + - name: Check image metadata + run: | + set -x + buildah inspect ${{ env.IMAGE_NAME }}:${{ matrix.platform.name }} | jq ".OCIv1.architecture" + buildah inspect ${{ env.IMAGE_NAME }}:${{ matrix.platform.name }} | jq ".Docker.architecture" + + - name: Export image + run: podman save -o /tmp/image.tar ${{ env.IMAGE_NAME }}:${{ matrix.platform.name }} + + - name: Upload artifact + uses: actions/upload-artifact@v2 + with: + name: image-${{ matrix.platform.name }} + path: /tmp/image.tar + + push: + name: Publish images + runs-on: ubuntu-latest + needs: build + environment: production + steps: + - name: Download artifacts + uses: actions/download-artifact@v2 + + - name: Import images + run: | + podman load -i ./image-amd64/image.tar + podman load -i ./image-i386/image.tar + podman load -i ./image-arm64v8/image.tar + podman load -i ./image-arm32v7/image.tar + podman load -i ./image-arm32v6/image.tar + + - name: Create multi-arch manifest + run: | + buildah manifest create ${{ env.IMAGE_NAME }}:latest + buildah manifest add --arch amd64 ${{ env.IMAGE_NAME }}:latest ${{ env.IMAGE_NAME }}:amd64 + buildah manifest add --arch 386 ${{ env.IMAGE_NAME }}:latest ${{ env.IMAGE_NAME }}:i386 + buildah manifest add --arch arm64 --variant v8 ${{ env.IMAGE_NAME }}:latest ${{ env.IMAGE_NAME }}:arm64v8 + buildah manifest add --arch arm --variant v7 ${{ env.IMAGE_NAME }}:latest ${{ env.IMAGE_NAME }}:arm32v7 + buildah manifest add --arch arm --variant v6 ${{ env.IMAGE_NAME }}:latest ${{ env.IMAGE_NAME }}:arm32v6 + + - name: Push unstable images + if: ${{ inputs.event == 'push' }} + run: | + buildah manifest push --all --format v2s2 --creds zyclonite:${{ secrets.REGISTRY_PASSWORD }} ${{ env.IMAGE_NAME }}:latest docker://docker.io/zyclonite/${{ env.IMAGE_NAME }}:bridge-main + buildah manifest push --all --creds zyclonite:${{ secrets.QUAY_PASSWORD }} ${{ env.IMAGE_NAME }}:latest docker://quay.io/zyclonite/${{ env.IMAGE_NAME }}:bridge-main + buildah manifest push --all --creds zyclonite:${{ secrets.GITHUB_TOKEN }} ${{ env.IMAGE_NAME }}:latest docker://ghcr.io/zyclonite/${{ env.IMAGE_NAME }}:bridge-main + + - name: Push stable images + if: ${{ inputs.event == 'release' }} + run: | + buildah manifest push --all --format v2s2 --creds zyclonite:${{ secrets.REGISTRY_PASSWORD }} ${{ env.IMAGE_NAME }}:latest docker://docker.io/zyclonite/${{ env.IMAGE_NAME }}:bridge + buildah manifest push --all --format v2s2 --creds zyclonite:${{ secrets.REGISTRY_PASSWORD }} ${{ env.IMAGE_NAME }}:latest docker://docker.io/zyclonite/${{ env.IMAGE_NAME }}:bridge-${{ github.event.release.tag_name }} + buildah manifest push --all --creds zyclonite:${{ secrets.QUAY_PASSWORD }} ${{ env.IMAGE_NAME }}:latest docker://quay.io/zyclonite/${{ env.IMAGE_NAME }}:bridge + buildah manifest push --all --creds zyclonite:${{ secrets.QUAY_PASSWORD }} ${{ env.IMAGE_NAME }}:latest docker://quay.io/zyclonite/${{ env.IMAGE_NAME }}:bridge-${{ github.event.release.tag_name }} + buildah manifest push --all --creds zyclonite:${{ secrets.GITHUB_TOKEN }} ${{ env.IMAGE_NAME }}:latest docker://ghcr.io/zyclonite/${{ env.IMAGE_NAME }}:bridge + buildah manifest push --all --creds zyclonite:${{ secrets.GITHUB_TOKEN }} ${{ env.IMAGE_NAME }}:latest docker://ghcr.io/zyclonite/${{ env.IMAGE_NAME }}:bridge-${{ github.event.release.tag_name }} diff --git a/.github/workflows/multiarch.yml b/.github/workflows/multiarch.yml index 25cba2a..fd79ae7 100644 --- a/.github/workflows/multiarch.yml +++ b/.github/workflows/multiarch.yml @@ -20,7 +20,13 @@ jobs: strategy: fail-fast: false matrix: - arch: [ amd64, i386, arm64v8, arm32v7, arm32v6 ] + platform: [ + {os: "linux", arch: "amd64", variant: "", name: "amd64"}, + {os: "linux", arch: "386", variant: "", name: "i386"}, + {os: "linux", arch: "arm64", variant: "v8", name: "arm64v8"}, + {os: "linux", arch: "arm", variant: "v7", name: "arm32v7"}, + {os: "linux", arch: "arm", variant: "v6", name: "arm32v6"} + ] steps: - name: Checkout zerotier-docker uses: actions/checkout@v2 @@ -31,14 +37,13 @@ jobs: sudo apt-get install -y qemu-user-static - name: Build Image - id: build_image uses: redhat-actions/buildah-build@v2 with: image: ${{ env.IMAGE_NAME }} - tags: ${{ matrix.arch }} - arch: ${{ matrix.arch }} + tags: ${{ matrix.platform.name }} + platform: ${{ format('{0}/{1}/{2}', matrix.platform.os, matrix.platform.arch, matrix.platform.variant) }} build-args: | - ALPINE_IMAGE=${{ format('docker.io/{0}/alpine', matrix.arch) }} + ALPINE_IMAGE=${{ format('docker.io/{0}/alpine', matrix.platform.name) }} dockerfiles: | ./Dockerfile @@ -48,16 +53,16 @@ jobs: - name: Check image metadata run: | set -x - buildah inspect ${{ steps.build_image.outputs.image }}:${{ matrix.arch }} | jq ".OCIv1.architecture" - buildah inspect ${{ steps.build_image.outputs.image }}:${{ matrix.arch }} | jq ".Docker.architecture" + buildah inspect ${{ env.IMAGE_NAME }}:${{ matrix.platform.name }} | jq ".OCIv1.architecture" + buildah inspect ${{ env.IMAGE_NAME }}:${{ matrix.platform.name }} | jq ".Docker.architecture" - name: Export image - run: podman save -o /tmp/image.tar ${{ steps.build_image.outputs.image }}:${{ matrix.arch }} + run: podman save -o /tmp/image.tar ${{ env.IMAGE_NAME }}:${{ matrix.platform.name }} - name: Upload artifact uses: actions/upload-artifact@v2 with: - name: image-${{ matrix.arch }} + name: image-${{ matrix.platform.name }} path: /tmp/image.tar push: @@ -102,3 +107,13 @@ jobs: buildah manifest push --all --creds zyclonite:${{ secrets.QUAY_PASSWORD }} ${{ env.IMAGE_NAME }}:latest docker://quay.io/zyclonite/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name }} buildah manifest push --all --creds zyclonite:${{ secrets.GITHUB_TOKEN }} ${{ env.IMAGE_NAME }}:latest docker://ghcr.io/zyclonite/${{ env.IMAGE_NAME }}:latest buildah manifest push --all --creds zyclonite:${{ secrets.GITHUB_TOKEN }} ${{ env.IMAGE_NAME }}:latest docker://ghcr.io/zyclonite/${{ env.IMAGE_NAME }}:${{ github.event.release.tag_name }} + + bridge: + uses: ./.github/workflows/bridge.yml + needs: push + with: + tag: ${{ github.event.release.tag_name }} + event: ${{ github.event_name }} + secrets: + REGISTRY_PASSWORD: ${{ secrets.REGISTRY_PASSWORD }} + QUAY_PASSWORD: ${{ secrets.QUAY_PASSWORD }} diff --git a/Dockerfile b/Dockerfile index 643f648..5b454cb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -25,7 +25,7 @@ LABEL org.opencontainers.image.title="zerotier" \ COPY --from=builder /src/zerotier-one /usr/sbin/ -RUN apk add --no-cache --purge --clean-protected --update libc6-compat libstdc++ \ +RUN apk add --no-cache --purge --clean-protected libc6-compat libstdc++ \ && mkdir -p /var/lib/zerotier-one \ && ln -s /usr/sbin/zerotier-one /usr/sbin/zerotier-idtool \ && ln -s /usr/sbin/zerotier-one /usr/sbin/zerotier-cli \ diff --git a/Dockerfile.bridge b/Dockerfile.bridge index 6f3eb02..04a0016 100644 --- a/Dockerfile.bridge +++ b/Dockerfile.bridge @@ -1,6 +1,9 @@ -FROM zyclonite/zerotier:latest +ARG FROM_IMAGE=zyclonite/zerotier +ARG FROM_VERSION=latest -RUN apk add --no-cache --purge --clean-protected --update supervisor iptables \ +FROM ${FROM_IMAGE}:${FROM_VERSION} + +RUN apk add --no-cache --purge --clean-protected supervisor iptables \ && mkdir -p /var/log/supervisor \ && rm -rf /var/cache/apk/*