Compare commits

..

No commits in common. "main" and "v1.30.1+3" have entirely different histories.

5 changed files with 43 additions and 49 deletions

View File

@ -6,19 +6,15 @@ when:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
- name: security-build
image: quay.io/thegeeklab/wp-docker-buildx:6
security-build:
image: quay.io/thegeeklab/wp-docker-buildx:2
settings:
containerfile: Containerfile
output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
repo: thegeeklab/${CI_REPO_NAME}
cache_to: type=local,dest=oci/cache/${CI_REPO_NAME},mode=max
registry_config:
from_secret: DOCKER_REGISTRY_CONFIG_PULL
- name: security-scan
image: docker.io/aquasec/trivy
depends_on: security-build
security-scan:
image: ghcr.io/aquasecurity/trivy
commands:
- trivy -v
- trivy image --input oci/${CI_REPO_NAME}
@ -28,11 +24,11 @@ steps:
TRIVY_NO_PROGRESS: "true"
TRIVY_SEVERITY: HIGH,CRITICAL
TRIVY_TIMEOUT: 1m
TRIVY_DB_REPOSITORY: docker.io/aquasec/trivy-db:2
TRIVY_SKIP_FILES: /usr/local/bin/gomplate
- name: publish-dockerhub
image: quay.io/thegeeklab/wp-docker-buildx:6
depends_on: security-scan
publish-dockerhub:
group: container
image: quay.io/thegeeklab/wp-docker-buildx:2
settings:
auto_tag: true
containerfile: Containerfile
@ -42,17 +38,15 @@ steps:
repo: thegeeklab/${CI_REPO_NAME}
username:
from_secret: docker_username
cache_from:
- 'type=local\\,src=oci/cache/${CI_REPO_NAME}'
when:
- event: [tag]
- event: [push, manual]
branch:
- ${CI_REPO_DEFAULT_BRANCH}
- name: publish-quay
image: quay.io/thegeeklab/wp-docker-buildx:6
depends_on: security-scan
publish-quay:
group: container
image: quay.io/thegeeklab/wp-docker-buildx:2
settings:
auto_tag: true
containerfile: Containerfile
@ -63,8 +57,6 @@ steps:
repo: quay.io/thegeeklab/${CI_REPO_NAME}
username:
from_secret: quay_username
cache_from:
- 'type=local\\,src=oci/cache/${CI_REPO_NAME}'
when:
- event: [tag]
- event: [push, manual]

View File

@ -6,20 +6,22 @@ when:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
- name: changelog
changelog:
image: quay.io/thegeeklab/git-sv
commands:
- git fetch --depth=2147483647
- git sv current-version
- git sv release-notes -t ${CI_COMMIT_TAG:-next} -o CHANGELOG.md
- cat CHANGELOG.md
- name: publish-gitea
image: quay.io/thegeeklab/wp-gitea-release
publish-gitea:
image: plugins/gitea-release
settings:
api_key:
from_secret: gitea_token
base_url: https://gitea.rknet.org
note: CHANGELOG.md
overwrite: true
title: ${CI_COMMIT_TAG}
when:
- event: [tag]

View File

@ -6,31 +6,33 @@ when:
- ${CI_REPO_DEFAULT_BRANCH}
steps:
- name: markdownlint
markdownlint:
image: quay.io/thegeeklab/markdownlint-cli
commands:
- markdownlint 'README.md'
- name: spellcheck
spellcheck:
image: quay.io/thegeeklab/alpine-tools
commands:
- spellchecker --files '_docs/**/*.md' 'README.md' -d .dictionary -p spell indefinite-article syntax-urls
environment:
FORCE_COLOR: "true"
NPM_CONFIG_LOGLEVEL: "error"
- name: link-validation
link-validation:
image: docker.io/lycheeverse/lychee
group: test
commands:
- lychee --no-progress --format detailed README.md
- name: pushrm-dockerhub
pushrm-dockerhub:
image: docker.io/chko/docker-pushrm:1
depends_on: [markdownlint, spellcheck, link-validation]
secrets:
- source: docker_password
target: DOCKER_PASS
- source: docker_username
target: DOCKER_USER
environment:
DOCKER_PASS:
from_secret: docker_password
DOCKER_USER:
from_secret: docker_username
PUSHRM_FILE: README.md
PUSHRM_SHORT: Custom image for Vaultwarden password manager
PUSHRM_TARGET: thegeeklab/${CI_REPO_NAME}
@ -40,12 +42,12 @@ steps:
- ${CI_REPO_DEFAULT_BRANCH}
status: [success]
- name: pushrm-quay
pushrm-quay:
image: docker.io/chko/docker-pushrm:1
depends_on: [markdownlint, spellcheck, link-validation]
secrets:
- source: quay_token
target: APIKEY__QUAY_IO
environment:
APIKEY__QUAY_IO:
from_secret: quay_token
PUSHRM_FILE: README.md
PUSHRM_TARGET: quay.io/thegeeklab/${CI_REPO_NAME}
when:

View File

@ -8,17 +8,17 @@ when:
runs_on: [success, failure]
steps:
- name: matrix
matrix:
image: quay.io/thegeeklab/wp-matrix
settings:
homeserver:
from_secret: matrix_homeserver
room_id:
from_secret: matrix_room_id
user_id:
from_secret: matrix_user_id
access_token:
from_secret: matrix_access_token
password:
from_secret: matrix_password
roomid:
from_secret: matrix_roomid
username:
from_secret: matrix_username
when:
- status: [success, failure]

View File

@ -1,4 +1,4 @@
FROM docker.io/clux/muslrust:1.82.0-stable@sha256:9f88e922b2bfa7ff2252d61dc38be2ee5544d01bfa0acdc27b32c0a4a214c723 AS build
FROM docker.io/clux/muslrust:1.74.1-stable@sha256:c0149e6c81beed0c64e3ddca8e7c338ebc9ebc47b70c30c9b9b34795b4925e58 as build
ARG WEBVAULT_VERSION
ARG VAULTWARDEN_VERSION
@ -12,11 +12,9 @@ ARG DB=sqlite,postgresql
ARG TARGETPLATFORM
# renovate: datasource=github-releases depName=dani-garcia/bw_web_builds versioning=loose
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2024.6.2}"
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2023.10.0}"
# renovate: datasource=github-releases depName=dani-garcia/vaultwarden
ENV VAULTWARDEN_VERSION="${VAULTWARDEN_VERSION:-1.32.4}"
ENV DATA_FOLDER=/tmp
ENV VAULTWARDEN_VERSION="${VAULTWARDEN_VERSION:-1.30.1}"
WORKDIR /src
@ -40,13 +38,13 @@ esac
RUN rustup set profile minimal && \
rustup target add $(cat rust_target) && \
VW_VERSION="${VAULTWARDEN_VERSION##v}" cargo build -j 4 --features "$DB" --target $(cat rust_target) --release
VW_VERSION="${VAULTWARDEN_VERSION##v}" cargo build -j 8 --features "$DB" --target $(cat rust_target) --release
RUN ldd target/$(cat rust_target)/release/vaultwarden && \
target/$(cat rust_target)/release/vaultwarden --help && \
target/$(cat rust_target)/release/vaultwarden --version
FROM docker.io/alpine:3.20@sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb7527e017a4b4a
FROM docker.io/alpine:3.19@sha256:51b67269f354137895d43f3b3d810bfacd3945438e94dc5ac55fdac340352f48
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"