Compare commits
No commits in common. "main" and "v1.30.1+4" have entirely different histories.
@ -6,19 +6,15 @@ when:
|
|||||||
- ${CI_REPO_DEFAULT_BRANCH}
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: security-build
|
security-build:
|
||||||
image: quay.io/thegeeklab/wp-docker-buildx:6
|
image: quay.io/thegeeklab/wp-docker-buildx:2
|
||||||
settings:
|
settings:
|
||||||
containerfile: Containerfile
|
containerfile: Containerfile
|
||||||
output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
|
output: type=oci,dest=oci/${CI_REPO_NAME},tar=false
|
||||||
repo: thegeeklab/${CI_REPO_NAME}
|
repo: thegeeklab/${CI_REPO_NAME}
|
||||||
cache_to: type=local,dest=oci/cache/${CI_REPO_NAME},mode=max
|
|
||||||
registry_config:
|
|
||||||
from_secret: DOCKER_REGISTRY_CONFIG_PULL
|
|
||||||
|
|
||||||
- name: security-scan
|
security-scan:
|
||||||
image: docker.io/aquasec/trivy
|
image: ghcr.io/aquasecurity/trivy
|
||||||
depends_on: security-build
|
|
||||||
commands:
|
commands:
|
||||||
- trivy -v
|
- trivy -v
|
||||||
- trivy image --input oci/${CI_REPO_NAME}
|
- trivy image --input oci/${CI_REPO_NAME}
|
||||||
@ -28,11 +24,10 @@ steps:
|
|||||||
TRIVY_NO_PROGRESS: "true"
|
TRIVY_NO_PROGRESS: "true"
|
||||||
TRIVY_SEVERITY: HIGH,CRITICAL
|
TRIVY_SEVERITY: HIGH,CRITICAL
|
||||||
TRIVY_TIMEOUT: 1m
|
TRIVY_TIMEOUT: 1m
|
||||||
TRIVY_DB_REPOSITORY: docker.io/aquasec/trivy-db:2
|
|
||||||
|
|
||||||
- name: publish-dockerhub
|
publish-dockerhub:
|
||||||
image: quay.io/thegeeklab/wp-docker-buildx:6
|
group: container
|
||||||
depends_on: security-scan
|
image: quay.io/thegeeklab/wp-docker-buildx:2
|
||||||
settings:
|
settings:
|
||||||
auto_tag: true
|
auto_tag: true
|
||||||
containerfile: Containerfile
|
containerfile: Containerfile
|
||||||
@ -42,17 +37,15 @@ steps:
|
|||||||
repo: thegeeklab/${CI_REPO_NAME}
|
repo: thegeeklab/${CI_REPO_NAME}
|
||||||
username:
|
username:
|
||||||
from_secret: docker_username
|
from_secret: docker_username
|
||||||
cache_from:
|
|
||||||
- 'type=local\\,src=oci/cache/${CI_REPO_NAME}'
|
|
||||||
when:
|
when:
|
||||||
- event: [tag]
|
- event: [tag]
|
||||||
- event: [push, manual]
|
- event: [push, manual]
|
||||||
branch:
|
branch:
|
||||||
- ${CI_REPO_DEFAULT_BRANCH}
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
- name: publish-quay
|
publish-quay:
|
||||||
image: quay.io/thegeeklab/wp-docker-buildx:6
|
group: container
|
||||||
depends_on: security-scan
|
image: quay.io/thegeeklab/wp-docker-buildx:2
|
||||||
settings:
|
settings:
|
||||||
auto_tag: true
|
auto_tag: true
|
||||||
containerfile: Containerfile
|
containerfile: Containerfile
|
||||||
@ -63,8 +56,6 @@ steps:
|
|||||||
repo: quay.io/thegeeklab/${CI_REPO_NAME}
|
repo: quay.io/thegeeklab/${CI_REPO_NAME}
|
||||||
username:
|
username:
|
||||||
from_secret: quay_username
|
from_secret: quay_username
|
||||||
cache_from:
|
|
||||||
- 'type=local\\,src=oci/cache/${CI_REPO_NAME}'
|
|
||||||
when:
|
when:
|
||||||
- event: [tag]
|
- event: [tag]
|
||||||
- event: [push, manual]
|
- event: [push, manual]
|
||||||
|
@ -6,14 +6,14 @@ when:
|
|||||||
- ${CI_REPO_DEFAULT_BRANCH}
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: changelog
|
changelog:
|
||||||
image: quay.io/thegeeklab/git-sv
|
image: quay.io/thegeeklab/git-sv
|
||||||
commands:
|
commands:
|
||||||
- git sv current-version
|
- git sv current-version
|
||||||
- git sv release-notes -t ${CI_COMMIT_TAG:-next} -o CHANGELOG.md
|
- git sv release-notes -t ${CI_COMMIT_TAG:-next} -o CHANGELOG.md
|
||||||
- cat CHANGELOG.md
|
- cat CHANGELOG.md
|
||||||
|
|
||||||
- name: publish-gitea
|
publish-gitea:
|
||||||
image: quay.io/thegeeklab/wp-gitea-release
|
image: quay.io/thegeeklab/wp-gitea-release
|
||||||
settings:
|
settings:
|
||||||
api_key:
|
api_key:
|
||||||
|
@ -6,31 +6,34 @@ when:
|
|||||||
- ${CI_REPO_DEFAULT_BRANCH}
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: markdownlint
|
markdownlint:
|
||||||
image: quay.io/thegeeklab/markdownlint-cli
|
image: quay.io/thegeeklab/markdownlint-cli
|
||||||
|
group: test
|
||||||
commands:
|
commands:
|
||||||
- markdownlint 'README.md'
|
- markdownlint 'README.md'
|
||||||
|
|
||||||
- name: spellcheck
|
spellcheck:
|
||||||
image: quay.io/thegeeklab/alpine-tools
|
image: quay.io/thegeeklab/alpine-tools
|
||||||
|
group: test
|
||||||
commands:
|
commands:
|
||||||
- spellchecker --files '_docs/**/*.md' 'README.md' -d .dictionary -p spell indefinite-article syntax-urls
|
- spellchecker --files '_docs/**/*.md' 'README.md' -d .dictionary -p spell indefinite-article syntax-urls
|
||||||
environment:
|
environment:
|
||||||
FORCE_COLOR: "true"
|
FORCE_COLOR: "true"
|
||||||
|
|
||||||
- name: link-validation
|
link-validation:
|
||||||
image: docker.io/lycheeverse/lychee
|
image: docker.io/lycheeverse/lychee
|
||||||
|
group: test
|
||||||
commands:
|
commands:
|
||||||
- lychee --no-progress --format detailed README.md
|
- lychee --no-progress --format detailed README.md
|
||||||
|
|
||||||
- name: pushrm-dockerhub
|
pushrm-dockerhub:
|
||||||
image: docker.io/chko/docker-pushrm:1
|
image: docker.io/chko/docker-pushrm:1
|
||||||
depends_on: [markdownlint, spellcheck, link-validation]
|
secrets:
|
||||||
|
- source: docker_password
|
||||||
|
target: DOCKER_PASS
|
||||||
|
- source: docker_username
|
||||||
|
target: DOCKER_USER
|
||||||
environment:
|
environment:
|
||||||
DOCKER_PASS:
|
|
||||||
from_secret: docker_password
|
|
||||||
DOCKER_USER:
|
|
||||||
from_secret: docker_username
|
|
||||||
PUSHRM_FILE: README.md
|
PUSHRM_FILE: README.md
|
||||||
PUSHRM_SHORT: Custom image for Vaultwarden password manager
|
PUSHRM_SHORT: Custom image for Vaultwarden password manager
|
||||||
PUSHRM_TARGET: thegeeklab/${CI_REPO_NAME}
|
PUSHRM_TARGET: thegeeklab/${CI_REPO_NAME}
|
||||||
@ -40,12 +43,12 @@ steps:
|
|||||||
- ${CI_REPO_DEFAULT_BRANCH}
|
- ${CI_REPO_DEFAULT_BRANCH}
|
||||||
status: [success]
|
status: [success]
|
||||||
|
|
||||||
- name: pushrm-quay
|
pushrm-quay:
|
||||||
image: docker.io/chko/docker-pushrm:1
|
image: docker.io/chko/docker-pushrm:1
|
||||||
depends_on: [markdownlint, spellcheck, link-validation]
|
secrets:
|
||||||
|
- source: quay_token
|
||||||
|
target: APIKEY__QUAY_IO
|
||||||
environment:
|
environment:
|
||||||
APIKEY__QUAY_IO:
|
|
||||||
from_secret: quay_token
|
|
||||||
PUSHRM_FILE: README.md
|
PUSHRM_FILE: README.md
|
||||||
PUSHRM_TARGET: quay.io/thegeeklab/${CI_REPO_NAME}
|
PUSHRM_TARGET: quay.io/thegeeklab/${CI_REPO_NAME}
|
||||||
when:
|
when:
|
||||||
|
@ -8,17 +8,17 @@ when:
|
|||||||
runs_on: [success, failure]
|
runs_on: [success, failure]
|
||||||
|
|
||||||
steps:
|
steps:
|
||||||
- name: matrix
|
matrix:
|
||||||
image: quay.io/thegeeklab/wp-matrix
|
image: quay.io/thegeeklab/wp-matrix
|
||||||
settings:
|
settings:
|
||||||
homeserver:
|
homeserver:
|
||||||
from_secret: matrix_homeserver
|
from_secret: matrix_homeserver
|
||||||
room_id:
|
password:
|
||||||
from_secret: matrix_room_id
|
from_secret: matrix_password
|
||||||
user_id:
|
roomid:
|
||||||
from_secret: matrix_user_id
|
from_secret: matrix_roomid
|
||||||
access_token:
|
username:
|
||||||
from_secret: matrix_access_token
|
from_secret: matrix_username
|
||||||
when:
|
when:
|
||||||
- status: [success, failure]
|
- status: [success, failure]
|
||||||
|
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
FROM docker.io/clux/muslrust:1.82.0-stable@sha256:9f88e922b2bfa7ff2252d61dc38be2ee5544d01bfa0acdc27b32c0a4a214c723 AS build
|
FROM docker.io/clux/muslrust:1.75.0-stable@sha256:447e5d68b4fc47c024ff76a482d67c3d23d66cafa19db3b7e129efbdf8c9e10f as build
|
||||||
|
|
||||||
ARG WEBVAULT_VERSION
|
ARG WEBVAULT_VERSION
|
||||||
ARG VAULTWARDEN_VERSION
|
ARG VAULTWARDEN_VERSION
|
||||||
@ -12,11 +12,9 @@ ARG DB=sqlite,postgresql
|
|||||||
ARG TARGETPLATFORM
|
ARG TARGETPLATFORM
|
||||||
|
|
||||||
# renovate: datasource=github-releases depName=dani-garcia/bw_web_builds versioning=loose
|
# renovate: datasource=github-releases depName=dani-garcia/bw_web_builds versioning=loose
|
||||||
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2024.6.2}"
|
ENV WEBVAULT_VERSION="${WEBVAULT_VERSION:-v2023.10.0}"
|
||||||
# renovate: datasource=github-releases depName=dani-garcia/vaultwarden
|
# renovate: datasource=github-releases depName=dani-garcia/vaultwarden
|
||||||
ENV VAULTWARDEN_VERSION="${VAULTWARDEN_VERSION:-1.32.5}"
|
ENV VAULTWARDEN_VERSION="${VAULTWARDEN_VERSION:-1.30.1}"
|
||||||
|
|
||||||
ENV DATA_FOLDER=/tmp
|
|
||||||
|
|
||||||
WORKDIR /src
|
WORKDIR /src
|
||||||
|
|
||||||
@ -40,13 +38,13 @@ esac
|
|||||||
|
|
||||||
RUN rustup set profile minimal && \
|
RUN rustup set profile minimal && \
|
||||||
rustup target add $(cat rust_target) && \
|
rustup target add $(cat rust_target) && \
|
||||||
VW_VERSION="${VAULTWARDEN_VERSION##v}" cargo build -j 4 --features "$DB" --target $(cat rust_target) --release
|
VW_VERSION="${VAULTWARDEN_VERSION##v}" cargo build -j 8 --features "$DB" --target $(cat rust_target) --release
|
||||||
|
|
||||||
RUN ldd target/$(cat rust_target)/release/vaultwarden && \
|
RUN ldd target/$(cat rust_target)/release/vaultwarden && \
|
||||||
target/$(cat rust_target)/release/vaultwarden --help && \
|
target/$(cat rust_target)/release/vaultwarden --help && \
|
||||||
target/$(cat rust_target)/release/vaultwarden --version
|
target/$(cat rust_target)/release/vaultwarden --version
|
||||||
|
|
||||||
FROM docker.io/alpine:3.20@sha256:1e42bbe2508154c9126d48c2b8a75420c3544343bf86fd041fb7527e017a4b4a
|
FROM docker.io/alpine:3.19@sha256:51b67269f354137895d43f3b3d810bfacd3945438e94dc5ac55fdac340352f48
|
||||||
|
|
||||||
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
|
LABEL maintainer="Robert Kaussow <mail@thegeeklab.de>"
|
||||||
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
|
LABEL org.opencontainers.image.authors="Robert Kaussow <mail@thegeeklab.de>"
|
||||||
|
Loading…
Reference in New Issue
Block a user