diff --git a/.fpm b/.fpm deleted file mode 100644 index 06ae1335..00000000 --- a/.fpm +++ /dev/null @@ -1,6 +0,0 @@ --s dir ---name defguard-gateway ---architecture x86_64 ---description "defguard VPN gateway service" ---url "https://defguard.net/" ---maintainer "teonite" diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml new file mode 100644 index 00000000..e0b4b27f --- /dev/null +++ b/.github/workflows/build-docker.yml @@ -0,0 +1,80 @@ +name: Build Docker image + +on: + workflow_call: + inputs: + tags: + description: "List of tags as key-value pair attributes" + required: false + type: string + +env: + GHCR_REPO: ghcr.io/defguard/gateway + +jobs: + build-docker: + runs-on: + - self-hosted + - Linux + - ${{ matrix.runner }} + strategy: + matrix: + cpu: [arm64, amd64] + include: + - cpu: arm64 + runner: ARM64 + - cpu: amd64 + runner: X64 + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + submodules: recursive + - name: Login to GitHub container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + with: + buildkitd-config-inline: | + [registry."docker.io"] + mirrors = ["dockerhub-proxy.teonite.net"] + - name: Build container + uses: docker/build-push-action@v5 + with: + context: . + platforms: linux/${{ matrix.cpu }} + provenance: false + push: true + tags: ${{ env.GHCR_REPO }}:${{ github.sha }}-${{ matrix.cpu }} + cache-from: type=gha + cache-to: type=gha,mode=max + + docker-manifest: + runs-on: [self-hosted, Linux] + needs: [build-docker] + steps: + - name: Docker meta + id: meta + uses: docker/metadata-action@v5 + with: + images: | + ${{ env.GHCR_REPO }} + tags: ${{ inputs.tags }} + - name: Login to GitHub container registry + uses: docker/login-action@v3 + with: + registry: ghcr.io + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + - name: Create manifest + run: | + docker manifest create ${{ env.GHCR_REPO }}:${{ github.sha }} \ + ${{ env.GHCR_REPO }}:${{ github.sha }}-amd64 \ + ${{ env.GHCR_REPO }}:${{ github.sha }}-arm64 + - name: Push manifest + run: | + docker manifest push ${{ env.GHCR_REPO }}:${{ github.sha }} diff --git a/.github/workflows/current.yml b/.github/workflows/current.yml index 55d8317a..9265990e 100644 --- a/.github/workflows/current.yml +++ b/.github/workflows/current.yml @@ -9,38 +9,10 @@ on: - "LICENSE" jobs: - build-docker: - runs-on: [self-hosted, Linux, X64] - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - submodules: recursive - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: | - ghcr.io/defguard/gateway - tags: | - type=ref,event=branch - type=raw,value=current - type=sha - - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v3 - - name: Login to GitHub container registry - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build container - uses: docker/build-push-action@v5 - with: - context: . - platforms: linux/amd64 - push: true - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + build-current: + uses: ./.github/workflows/build-docker.yml + with: + tags: | + type=raw,value=current + type=ref,event=branch + type=sha diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 3bdd2220..2a05fc34 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -9,49 +9,14 @@ concurrency: cancel-in-progress: true jobs: - publish-docker: - runs-on: [self-hosted, Linux] - steps: - - name: Checkout - uses: actions/checkout@v3 - with: - submodules: recursive - - name: Docker meta - id: meta - uses: docker/metadata-action@v5 - with: - images: | - ghcr.io/DefGuard/gateway - tags: | - type=raw,value=latest - type=semver,pattern={{version}} - type=semver,pattern={{major}}.{{minor}} - type=sha - - name: Set up QEMU - uses: docker/setup-qemu-action@v3 - - name: Set up Docker BuildX - uses: docker/setup-buildx-action@v3 - with: - config-inline: | - [registry."docker.io"] - mirrors = ["dockerhub-proxy.teonite.net"] - - name: Login to GitHub Container Registry - if: github.event_name != 'pull_request' - uses: docker/login-action@v3 - with: - registry: ghcr.io - username: ${{ github.actor }} - password: ${{ secrets.GITHUB_TOKEN }} - - name: Build container - uses: docker/build-push-action@v5 - with: - context: . - platforms: linux/amd64,linux/arm64 - push: ${{ github.event_name != 'pull_request' }} - tags: ${{ steps.meta.outputs.tags }} - labels: ${{ steps.meta.outputs.labels }} - cache-from: type=gha - cache-to: type=gha,mode=max + build-latest: + uses: ./.github/workflows/build-docker.yml + with: + tags: | + type=raw,value=latest + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=sha create-release: name: create-release @@ -69,7 +34,7 @@ jobs: build-release: name: Release ${{ matrix.build }} - needs: ["create-release"] + needs: [create-release] runs-on: - self-hosted - ${{ matrix.os }}