0
0
Fork 0
mirror of https://github.com/atmoz/sftp.git synced 2024-11-24 12:59:24 -05:00

Rewrite build process and include alpine in master

This commit is contained in:
Adrian Dvergsdal 2020-07-17 16:24:33 +02:00
parent aa8e5a8b6d
commit 7493f162dc
No known key found for this signature in database
GPG key ID: C1E9E2D9552A42D2
4 changed files with 117 additions and 114 deletions

78
.github/workflows/build.yml vendored Normal file
View file

@ -0,0 +1,78 @@
name: build
on:
schedule:
- cron: "0 12 * * *"
push:
pull_request:
env:
IMAGE_NAME: atmoz/sftp
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0 # for proper signature verification
submodules: true # for shunit2
- name: Build debian image
run: |
docker build . \
--pull=true \
--file=Dockerfile \
--tag="$IMAGE_NAME:debian" \
--tag="$IMAGE_NAME:latest" \
--label="org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
--label="org.opencontainers.image.revision=$GITHUB_SHA" \
--label="org.opencontainers.image.created=$(date --rfc-3339=seconds)"
- name: Test debian image
run: tests/run $IMAGE_NAME:debian
- name: Build alpine image
run: |
docker build . \
--pull=true \
--file=Dockerfile-alpine \
--tag="$IMAGE_NAME:alpine" \
--label="org.opencontainers.image.source=$GITHUB_SERVER_URL/$GITHUB_REPOSITORY" \
--label="org.opencontainers.image.revision=$GITHUB_SHA" \
--label="org.opencontainers.image.created=$(date --rfc-3339=seconds)"
- name: Test alpine image
run: tests/run $IMAGE_NAME:alpine
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
with:
ignore: tests/shunit2
- name: Verify signature
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/master'
uses: ./.github/actions/git-verify-ref
- name: Push images to Docker Hub registry
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/master'
run: |
echo "${{ secrets.DOCKER_HUB_PASSWORD }}" | docker login \
-u ${{ secrets.DOCKER_HUB_USERNAME }} --password-stdin
docker push $IMAGE_NAME # no tags specified to include all tags
- name: Push images to GitHub registry
if: github.event_name != 'pull_request' && github.ref == 'refs/heads/master'
run: |
echo "${{ secrets.GITHUB_TOKEN }}" | docker login docker.pkg.github.com \
-u ${{ github.actor }} --password-stdin
TAG_DEBIAN=docker.pkg.github.com/$GITHUB_REPOSITORY/debian
TAG_ALPINE=docker.pkg.github.com/$GITHUB_REPOSITORY/alpine
docker tag $IMAGE_NAME:debian $TAG_DEBIAN
docker tag $IMAGE_NAME:alpine $TAG_ALPINE
docker push $TAG_DEBIAN
docker push $TAG_ALPINE

View file

@ -1,83 +0,0 @@
name: Docker
on:
schedule:
- cron: "0 12 * * *"
push:
pull_request:
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
fetch-depth: 0
submodules: true
- name: Verify signature
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
uses: ./.github/actions/git-verify-ref
- name: Run ShellCheck
uses: ludeeus/action-shellcheck@master
with:
ignore: tests/shunit2
- name: Run tests
run: tests/run
push:
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
needs: test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Define tags
id: define_tags
run: |
if [ "$GITHUB_REF" == "refs/heads/master" ]; then
echo "::set-output name=tags::debian"
else
echo "::set-output name=tags::"
fi
- name: Build and push Docker images
uses: docker/build-push-action@v1.1.0
with:
# Username used to log in to a Docker registry. If not set then no login will occur
username: ${{ secrets.DOCKER_HUB_USERNAME }}
# Password or personal access token used to log in to a Docker registry. If not set then no login will occur
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
# Server address of Docker registry. If not set then will default to Docker Hub
#registry: # optional
# Docker repository to tag the image with
repository: atmoz/sftp
# Comma-delimited list of tags. These will be added to the registry/repository to form the image's tags
tags: ${{ steps.define_tags.outputs.tags }} # optional
# Automatically tags the built image with the git reference as per the readme
tag_with_ref: true # optional
# Automatically tags the built image with the git short SHA as per the readme
tag_with_sha: false # optional
# Path to the build context
#path: # optional, default is .
# Path to the Dockerfile (Default is '{path}/Dockerfile')
#dockerfile: # optional
# Sets the target stage to build
#target: # optional
# Always attempt to pull a newer version of the image
always_pull: true # optional
# Comma-delimited list of build-time variables
#build_args: # optional
# Comma-delimited list of images to consider as cache sources
#cache_froms: # optional
# Comma-delimited list of labels to add to the built image
#labels: # optional
# Adds labels with git repository information to the built image
add_git_labels: true # optional
# Whether to push the image
#push: # optional, default is true

21
Dockerfile-alpine Normal file
View file

@ -0,0 +1,21 @@
FROM alpine:latest
MAINTAINER Adrian Dvergsdal [atmoz.net]
# Steps done in one RUN layer:
# - Install packages
# - Fix default group (1000 does not exist)
# - OpenSSH needs /var/run/sshd to run
# - Remove generic host keys, entrypoint generates unique keys
RUN echo "@community http://dl-cdn.alpinelinux.org/alpine/edge/community" >> /etc/apk/repositories && \
apk add --no-cache bash shadow@community openssh openssh-sftp-server && \
sed -i 's/GROUP=1000/GROUP=100/' /etc/default/useradd && \
mkdir -p /var/run/sshd && \
rm -f /etc/ssh/ssh_host_*key*
COPY files/sshd_config /etc/ssh/sshd_config
COPY files/create-sftp-user /usr/local/bin/
COPY files/entrypoint /
EXPOSE 22
ENTRYPOINT ["/entrypoint"]

View file

@ -1,20 +1,29 @@
#!/bin/bash #!/bin/bash
# See: https://github.com/kward/shunit2 # See: https://github.com/kward/shunit2
argImage=$1
argOutput=${2:-"quiet"}
argCleanup=${3:-"cleanup"}
testDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )"
imageName="$argImage"
sshKeyPri="/tmp/atmoz_sftp_test_rsa"
sshKeyPub="/tmp/atmoz_sftp_test_rsa.pub"
if [ $UID != 0 ] && ! groups | grep -qw docker; then if [ $UID != 0 ] && ! groups | grep -qw docker; then
echo "Run with sudo/root or add user $USER to group 'docker'" echo "Run with sudo/root or add user $USER to group 'docker'"
exit 1 exit 1
fi fi
argBuild=${1:-"build"} if [ ! -f "$testDir/shunit2/shunit2" ]; then
argOutput=${2:-"quiet"} echo "Could not find shunit2 in $testDir/shunit2."
argCleanup=${3:-"cleanup"} echo "Run 'git submodule update --init'"
testDir="$( cd "$( dirname "${BASH_SOURCE[0]}" )" && pwd )" exit 2
buildDir="$testDir/.." fi
imageName="atmoz/sftp_test"
buildOptions=(--tag "$imageName") if [ -z "$argImage" ]; then
sshKeyPri="/tmp/atmoz_sftp_test_rsa" echo "Missing image name"
sshKeyPub="/tmp/atmoz_sftp_test_rsa.pub" exit 3
fi
if [ "$argOutput" == "quiet" ]; then if [ "$argOutput" == "quiet" ]; then
redirect="/dev/null" redirect="/dev/null"
@ -22,12 +31,6 @@ else
redirect="/dev/stdout" redirect="/dev/stdout"
fi fi
if [ ! -f "$testDir/shunit2/shunit2" ]; then
echo "Could not find shunit2 in $testDir/shunit2."
echo "Run 'git submodule update --init'"
exit 2
fi
# clear argument list (or shunit2 will try to use them) # clear argument list (or shunit2 will try to use them)
set -- set --
@ -36,16 +39,6 @@ set --
############################################################################## ##############################################################################
function oneTimeSetUp() { function oneTimeSetUp() {
if [ "$argBuild" == "build" ]; then
buildOptions+=("--no-cache" "--pull=true")
fi
# Build image
if ! docker build "${buildOptions[@]}" "$buildDir"; then
echo "Build failed"
exit 1
fi
# Generate temporary ssh keys for testing # Generate temporary ssh keys for testing
if [ ! -f "$sshKeyPri" ]; then if [ ! -f "$sshKeyPri" ]; then
ssh-keygen -t rsa -f "$sshKeyPri" -N '' > "$redirect" 2>&1 ssh-keygen -t rsa -f "$sshKeyPri" -N '' > "$redirect" 2>&1
@ -55,12 +48,6 @@ function oneTimeSetUp() {
chmod go-rw "$sshKeyPri" chmod go-rw "$sshKeyPri"
} }
function oneTimeTearDown() {
if [ "$argCleanup" == "cleanup" ]; then
docker image rm "$imageName" > "$redirect" 2>&1
fi
}
function setUp() { function setUp() {
# shellcheck disable=SC2154 # shellcheck disable=SC2154
containerName="atmoz_sftp_${_shunit_test_}" containerName="atmoz_sftp_${_shunit_test_}"