mirror of
https://github.com/atmoz/sftp.git
synced 2024-11-24 12:59:24 -05:00
Rewrite build process and include alpine in master
This commit is contained in:
parent
aa8e5a8b6d
commit
7493f162dc
4 changed files with 117 additions and 114 deletions
78
.github/workflows/build.yml
vendored
Normal file
78
.github/workflows/build.yml
vendored
Normal file
|
@ -0,0 +1,78 @@
|
||||||
|
name: build
|
||||||
|
|
||||||
|
on:
|
||||||
|
schedule:
|
||||||
|
- cron: "0 12 * * *"
|
||||||
|
push:
|
||||||
|
pull_request:
|
||||||
|
|
||||||
|
env:
|
||||||
|
IMAGE_NAME: atmoz/sftp
|
||||||
|
|
||||||
|
jobs:
|
||||||
|
build:
|
||||||
|
runs-on: ubuntu-latest
|
||||||
|
|
||||||
|
steps:
|
||||||
|
- uses: actions/checkout@v2
|
||||||
|
with:
|
||||||
|
fetch-depth: 0 # for proper signature verification
|
||||||
|
submodules: true # for shunit2
|
||||||
|
|
||||||
|
- name: Build debian image
|
||||||
|
run: |
|
||||||
|
docker build . \
|
||||||
|
--pull=true \
|
||||||
|
--file=Dockerfile \
|
||||||
|
--tag="$IMAGE_NAME:debian" \
|
||||||
|
--tag="$IMAGE_NAME:latest" \
|
||||||
|
--label="org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
|
||||||
|
--label="org.opencontainers.image.revision=$GITHUB_SHA" \
|
||||||
|
--label="org.opencontainers.image.created=$(date --rfc-3339=seconds)"
|
||||||
|
|
||||||
|
- name: Test debian image
|
||||||
|
run: tests/run $IMAGE_NAME:debian
|
||||||
|
|
||||||
|
- name: Build alpine image
|
||||||
|
run: |
|
||||||
|
docker build . \
|
||||||
|
--pull=true \
|
||||||
|
--file=Dockerfile-alpine \
|
||||||
|
--tag="$IMAGE_NAME:alpine" \
|
||||||
|
--label="org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
|
||||||
|
--label="org.opencontainers.image.revision=$GITHUB_SHA" \
|
||||||
|
--label="org.opencontainers.image.created=$(date --rfc-3339=seconds)"
|
||||||
|
|
||||||
|
- name: Test alpine image
|
||||||
|
run: tests/run $IMAGE_NAME:alpine
|
||||||
|
|
||||||
|
- name: Run ShellCheck
|
||||||
|
uses: ludeeus/action-shellcheck@master
|
||||||
|
with:
|
||||||
|
ignore: tests/shunit2
|
||||||
|
|
||||||
|
- name: Verify signature
|
||||||
|
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/master'
|
||||||
|
uses: ./.github/actions/git-verify-ref
|
||||||
|
|
||||||
|
- name: Push images to Docker Hub registry
|
||||||
|
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/master'
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login \
|
||||||
|
-u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
|
||||||
|
|
||||||
|
docker push $IMAGE_NAME # no tags specified to include all tags
|
||||||
|
|
||||||
|
- name: Push images to GitHub registry
|
||||||
|
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/master'
|
||||||
|
run: |
|
||||||
|
echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com \
|
||||||
|
-u ${{ github.actor }} --password-stdin
|
||||||
|
|
||||||
|
TAG_DEBIAN=docker.pkg.github.com/$GITHUB_REPOSITORY/debian
|
||||||
|
TAG_ALPINE=docker.pkg.github.com/$GITHUB_REPOSITORY/alpine
|
||||||
|
docker tag $IMAGE_NAME:debian $TAG_DEBIAN
|
||||||
|
docker tag $IMAGE_NAME:alpine $TAG_ALPINE
|
||||||
|
docker push $TAG_DEBIAN
|
||||||
|
docker push $TAG_ALPINE
|
||||||
|
|
83
.github/workflows/docker-image.yml
vendored
83
.github/workflows/docker-image.yml
vendored
|
@ -1,83 +0,0 @@
|
||||||
name: Docker
|
|
||||||
|
|
||||||
on:
|
|
||||||
schedule:
|
|
||||||
- cron: "0 12 * * *"
|
|
||||||
push:
|
|
||||||
pull_request:
|
|
||||||
|
|
||||||
jobs:
|
|
||||||
test:
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v2
|
|
||||||
with:
|
|
||||||
fetch-depth: 0
|
|
||||||
submodules: true
|
|
||||||
|
|
||||||
- name: Verify signature
|
|
||||||
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
|
|
||||||
uses: ./.github/actions/git-verify-ref
|
|
||||||
|
|
||||||
- name: Run ShellCheck
|
|
||||||
uses: ludeeus/action-shellcheck@master
|
|
||||||
with:
|
|
||||||
ignore: tests/shunit2
|
|
||||||
|
|
||||||
- name: Run tests
|
|
||||||
run: tests/run
|
|
||||||
|
|
||||||
push:
|
|
||||||
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
|
|
||||||
needs: test
|
|
||||||
|
|
||||||
runs-on: ubuntu-latest
|
|
||||||
|
|
||||||
steps:
|
|
||||||
- uses: actions/checkout@v2
|
|
||||||
|
|
||||||
- name: Define tags
|
|
||||||
id: define_tags
|
|
||||||
run: |
|
|
||||||
if [ "$GITHUB_REF" == "refs/heads/master" ]; then
|
|
||||||
echo "::set-output name=tags::debian"
|
|
||||||
else
|
|
||||||
echo "::set-output name=tags::"
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: Build and push Docker images
|
|
||||||
uses: docker/build-push-action@v1.1.0
|
|
||||||
with:
|
|
||||||
# Username used to log in to a Docker registry. If not set then no login will occur
|
|
||||||
username: ${{ secrets.DOCKER_HUB_USERNAME }}
|
|
||||||
# Password or personal access token used to log in to a Docker registry. If not set then no login will occur
|
|
||||||
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
|
|
||||||
# Server address of Docker registry. If not set then will default to Docker Hub
|
|
||||||
#registry: # optional
|
|
||||||
# Docker repository to tag the image with
|
|
||||||
repository: atmoz/sftp
|
|
||||||
# Comma-delimited list of tags. These will be added to the registry/repository to form the image's tags
|
|
||||||
tags: ${{ steps.define_tags.outputs.tags }} # optional
|
|
||||||
# Automatically tags the built image with the git reference as per the readme
|
|
||||||
tag_with_ref: true # optional
|
|
||||||
# Automatically tags the built image with the git short SHA as per the readme
|
|
||||||
tag_with_sha: false # optional
|
|
||||||
# Path to the build context
|
|
||||||
#path: # optional, default is .
|
|
||||||
# Path to the Dockerfile (Default is '{path}/Dockerfile')
|
|
||||||
#dockerfile: # optional
|
|
||||||
# Sets the target stage to build
|
|
||||||
#target: # optional
|
|
||||||
# Always attempt to pull a newer version of the image
|
|
||||||
always_pull: true # optional
|
|
||||||
# Comma-delimited list of build-time variables
|
|
||||||
#build_args: # optional
|
|
||||||
# Comma-delimited list of images to consider as cache sources
|
|
||||||
#cache_froms: # optional
|
|
||||||
# Comma-delimited list of labels to add to the built image
|
|
||||||
#labels: # optional
|
|
||||||
# Adds labels with git repository information to the built image
|
|
||||||
add_git_labels: true # optional
|
|
||||||
# Whether to push the image
|
|
||||||
#push: # optional, default is true
|
|
21
Dockerfile-alpine
Normal file
21
Dockerfile-alpine
Normal file
|
@ -0,0 +1,21 @@
|
||||||
|
FROM alpine:latest
|
||||||
|
MAINTAINER Adrian Dvergsdal [atmoz.net]
|
||||||
|
|
||||||
|
# Steps done in one RUN layer:
|
||||||
|
# - Install packages
|
||||||
|
# - Fix default group (1000 does not exist)
|
||||||
|
# - OpenSSH needs /var/run/sshd to run
|
||||||
|
# - Remove generic host keys, entrypoint generates unique keys
|
||||||
|
RUN echo "@community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
|
||||||
|
apk add --no-cache bash shadow@community openssh openssh-sftp-server && \
|
||||||
|
sed -i 's/GROUP=1000/GROUP=100/' /etc/default/useradd && \
|
||||||
|
mkdir -p /var/run/sshd && \
|
||||||
|
rm -f /etc/ssh/ssh_host_*key*
|
||||||
|
|
||||||
|
COPY files/sshd_config /etc/ssh/sshd_config
|
||||||
|
COPY files/create-sftp-user /usr/local/bin/
|
||||||
|
COPY files/entrypoint /
|
||||||
|
|
||||||
|
EXPOSE 22
|
||||||
|
|
||||||
|
ENTRYPOINT ["/entrypoint"]
|
49
tests/run
49
tests/run
|
@ -1,20 +1,29 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
# See: https://github.com/kward/shunit2
|
# See: https://github.com/kward/shunit2
|
||||||
|
|
||||||
|
argImage=$1
|
||||||
|
argOutput=${2:-"quiet"}
|
||||||
|
argCleanup=${3:-"cleanup"}
|
||||||
|
testDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
|
||||||
|
imageName="$argImage"
|
||||||
|
sshKeyPri="/tmp/atmoz_sftp_test_rsa"
|
||||||
|
sshKeyPub="/tmp/atmoz_sftp_test_rsa.pub"
|
||||||
|
|
||||||
if [ $UID != 0 ] && ! groups | grep -qw docker; then
|
if [ $UID != 0 ] && ! groups | grep -qw docker; then
|
||||||
echo "Run with sudo/root or add user $USER to group 'docker'"
|
echo "Run with sudo/root or add user $USER to group 'docker'"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
argBuild=${1:-"build"}
|
if [ ! -f "$testDir/shunit2/shunit2" ]; then
|
||||||
argOutput=${2:-"quiet"}
|
echo "Could not find shunit2 in $testDir/shunit2."
|
||||||
argCleanup=${3:-"cleanup"}
|
echo "Run 'git submodule update --init'"
|
||||||
testDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
|
exit 2
|
||||||
buildDir="$testDir/.."
|
fi
|
||||||
imageName="atmoz/sftp_test"
|
|
||||||
buildOptions=(--tag "$imageName")
|
if [ -z "$argImage" ]; then
|
||||||
sshKeyPri="/tmp/atmoz_sftp_test_rsa"
|
echo "Missing image name"
|
||||||
sshKeyPub="/tmp/atmoz_sftp_test_rsa.pub"
|
exit 3
|
||||||
|
fi
|
||||||
|
|
||||||
if [ "$argOutput" == "quiet" ]; then
|
if [ "$argOutput" == "quiet" ]; then
|
||||||
redirect="/dev/null"
|
redirect="/dev/null"
|
||||||
|
@ -22,12 +31,6 @@ else
|
||||||
redirect="/dev/stdout"
|
redirect="/dev/stdout"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [ ! -f "$testDir/shunit2/shunit2" ]; then
|
|
||||||
echo "Could not find shunit2 in $testDir/shunit2."
|
|
||||||
echo "Run 'git submodule update --init'"
|
|
||||||
exit 2
|
|
||||||
fi
|
|
||||||
|
|
||||||
# clear argument list (or shunit2 will try to use them)
|
# clear argument list (or shunit2 will try to use them)
|
||||||
set --
|
set --
|
||||||
|
|
||||||
|
@ -36,16 +39,6 @@ set --
|
||||||
##############################################################################
|
##############################################################################
|
||||||
|
|
||||||
function oneTimeSetUp() {
|
function oneTimeSetUp() {
|
||||||
if [ "$argBuild" == "build" ]; then
|
|
||||||
buildOptions+=("--no-cache" "--pull=true")
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Build image
|
|
||||||
if ! docker build "${buildOptions[@]}" "$buildDir"; then
|
|
||||||
echo "Build failed"
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
# Generate temporary ssh keys for testing
|
# Generate temporary ssh keys for testing
|
||||||
if [ ! -f "$sshKeyPri" ]; then
|
if [ ! -f "$sshKeyPri" ]; then
|
||||||
ssh-keygen -t rsa -f "$sshKeyPri" -N '' > "$redirect" 2>&1
|
ssh-keygen -t rsa -f "$sshKeyPri" -N '' > "$redirect" 2>&1
|
||||||
|
@ -55,12 +48,6 @@ function oneTimeSetUp() {
|
||||||
chmod go-rw "$sshKeyPri"
|
chmod go-rw "$sshKeyPri"
|
||||||
}
|
}
|
||||||
|
|
||||||
function oneTimeTearDown() {
|
|
||||||
if [ "$argCleanup" == "cleanup" ]; then
|
|
||||||
docker image rm "$imageName" > "$redirect" 2>&1
|
|
||||||
fi
|
|
||||||
}
|
|
||||||
|
|
||||||
function setUp() {
|
function setUp() {
|
||||||
# shellcheck disable=SC2154
|
# shellcheck disable=SC2154
|
||||||
containerName="atmoz_sftp_${_shunit_test_}"
|
containerName="atmoz_sftp_${_shunit_test_}"
|
||||||
|
|
Loading…
Reference in a new issue