diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index 4175f94..f65e637 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -1,4 +1,4 @@ -name: Review & Build +name: PR on: push: branches-ignore: master @@ -7,10 +7,10 @@ on: - master jobs: review: - name: Review code + name: Code Review runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@master + - uses: actions/checkout@v2 - name: Use Node.js uses: actions/setup-node@v1 @@ -40,7 +40,7 @@ jobs: - name: Check suspicious constructs (1) uses: "cedrickring/golang-action@1.5.2" with: - args: go get honnef.co/go/tools/cmd/staticcheck; staticcheck -checks all,-ST1003,-U1000,-ST1005 ./... # have to disable ST1003,U1000,ST1005 due to the generated code + args: go get -u honnef.co/go/tools/cmd/staticcheck; staticcheck -checks all,-ST1003,-U1000,-ST1005 ./... # have to disable ST1003,U1000,ST1005 due to the generated code - name: Check suspicious constructs (2) uses: "cedrickring/golang-action@1.5.2" @@ -51,27 +51,30 @@ jobs: uses: "cedrickring/golang-action@1.5.2" with: # TODO: remove `-exclude=G110` once https://github.com/go-bindata/go-bindata/pull/50 is merged and released - args: go get github.com/securego/gosec/cmd/gosec; gosec -exclude=G110 ./... # https://github.com/securego/gosec + args: go get -u github.com/securego/gosec/cmd/gosec; gosec -exclude=G110 ./... # https://github.com/securego/gosec build: - name: Build code + name: Build wg-ui runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@master + - name: Checkout + uses: actions/checkout@v2 - - name: Clean out old builds from disk - run: | - df -h / && df -h /mnt - sudo apt-get clean -qq - sudo apt-get autoclean -qq - docker rmi $(docker image ls -aq) - df -h / && df -h /mnt + - name: Setup NodeJS + uses: actions/setup-node@v1 + with: + node-verison: '12.x' - - name: Install buildah - run: | - sudo apt-get install -qq -y software-properties-common - sudo apt-get update -qq - sudo apt-get -qq -y install buildah + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: '1.14' - - name: Build the Docker image - run: buildah bud --format=docker --layers -f Dockerfile . + - name: Build binary + run: make build + + - name: Check binary + run: file bin/wireguard-ui + + - name: Cleanup + run: rm -rf bin/ diff --git a/.github/workflows/push_master.yaml b/.github/workflows/push_master.yaml index d338420..0637672 100644 --- a/.github/workflows/push_master.yaml +++ b/.github/workflows/push_master.yaml @@ -1,127 +1,111 @@ -name: Build & Release +name: Main + on: push: branches: - master + jobs: - build: - name: Build + docker-build: + name: Docker runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@v1 - - name: Install buildah - run: | - sudo apt-get install -qq -y software-properties-common - sudo apt-get update -qq - sudo apt-get -qq -y install buildah - - name: Free disk space - run: | - df -h / && df -h /mnt - sudo apt-get clean -qq - sudo apt-get autoclean -qq - docker rmi $(docker image ls -aq) - df -h / && df -h /mnt - - name: Build & push the Docker image - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - buildah bud --format=docker --layers -t embarkstudios/wireguard-ui:latest -t embarkstudios/wireguard-ui:$GITHUB_SHA -f Dockerfile . - buildah push --creds $DOCKER_USERNAME:$DOCKER_PASSWORD --format=v2s2 embarkstudios/wireguard-ui + - + name: Checkout + uses: actions/checkout@v2 + - + name: Prepare + id: prepare + run: | + DOCKER_IMAGE=embarkstudios/wireguard-ui + DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 + VERSION=latest - release: - name: Release - needs: build - if: startsWith(github.ref, 'refs/tags/') + TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" + echo ::set-output name=docker_image::${DOCKER_IMAGE} + echo ::set-output name=version::${VERSION} + echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ + --build-arg VERSION=${VERSION} \ + ${TAGS} --file Dockerfile . + - + name: Set up Docker Buildx + uses: crazy-max/ghaction-docker-buildx@master + - + name: Docker Buildx (build) + run: | + docker buildx build --output "type=image,push=false" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Login + if: success() + env: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + run: | + echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin + - + name: Docker Buildx (push) + if: success() + run: | + docker buildx build --output "type=image,push=true" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Check Manifest + if: always() + run: | + docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} + - + name: Clear + if: always() + run: | + rm -f ${HOME}/.docker/config.json + + docker-debug: + name: Debug runs-on: ubuntu-20.04 steps: - - uses: actions/checkout@master + - + name: Checkout + uses: actions/checkout@v2 + - + name: Prepare + id: prepare + run: | + DOCKER_IMAGE=embarkstudios/wireguard-ui + DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 + VERSION=debug - - name: Setup NodeJS - uses: actions/setup-node@v1 - with: - node-verison: '12.x' - - - name: npm install & build - run: | - make ui - - - name: Setup Go - uses: actions/setup-go@v2 - with: - go-version: '1.14' - - - name: Insert assets into go - run: | - make assets - - - name: Build wg-ui for Linux (AMD64) - run: | - name=wg-ui - tag=$(git describe --tags --abbrev=0) - target=linux-amd64 - release_name="$name-$tag-$target" - release_tar="$release_name.tar.gz" - env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o "$release_name" - tar czvf "$release_tar" "$release_name" - echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" - rm "$release_name" - - - name: Build wg-ui for Linux (ARMv5) - run: | - name=wg-ui - tag=$(git describe --tags --abbrev=0) - target=linux-armv5 - release_name="$name-$tag-$target" - release_tar="$release_name.tar.gz" - env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=5 go build -o "$release_name" - tar czvf "$release_tar" "$release_name" - echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" - rm "$release_name" - - - name: Build wg-ui for Linux (ARMv6) - run: | - name=wg-ui - tag=$(git describe --tags --abbrev=0) - target=linux-armv6 - release_name="$name-$tag-$target" - release_tar="$release_name.tar.gz" - env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=6 go build -o "$release_name" - tar czvf "$release_tar" "$release_name" - echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" - rm "$release_name" - - - name: Build wg-ui for Linux (ARMv7) - run: | - name=wg-ui - tag=$(git describe --tags --abbrev=0) - target=linux-armv7 - release_name="$name-$tag-$target" - release_tar="$release_name.tar.gz" - env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=7 go build -o "$release_name" - tar czvf "$release_tar" "$release_name" - echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" - rm "$release_name" - - - name: Install buildah - run: | - sudo apt-get install -qq -y software-properties-common - sudo apt-get update -qq - sudo apt-get -qq -y install buildah - - - name: Build & push wg-ui to docker hub - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - tag=$(git describe --tags --abbrev=0) - buildah bud --format=docker --layers -t embarkstudios/wireguard-ui:$tag -t embarkstudios/wireguard-ui:$GITHUB_SHA -f Dockerfile . - buildah push --creds $DOCKER_USERNAME:$DOCKER_PASSWORD --format=v2s2 embarkstudios/wireguard-ui - - - name: Publish release - uses: softprops/action-gh-release@v1 - with: - draft: true - files: "wg-ui*" - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" + echo ::set-output name=docker_image::${DOCKER_IMAGE} + echo ::set-output name=version::${VERSION} + echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ + --build-arg VERSION=${VERSION} \ + ${TAGS} --file Dockerfile.debug . + - + name: Set up Buildx + uses: crazy-max/ghaction-docker-buildx@master + - + name: Bocker Buildx (build) + run: | + docker buildx build --output "type=image,push=false" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Login + if: success() + env: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + run: | + echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin + - + name: Docker Buildx (push) + if: success() + run: | + docker buildx build --output "type=image,push=true" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Check Manifest + if: always() + run: | + docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} + - + name: Clear + if: always() + run: | + rm -f ${HOME}/.docker/config.json diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml new file mode 100644 index 0000000..ee35d52 --- /dev/null +++ b/.github/workflows/release.yaml @@ -0,0 +1,154 @@ +name: Release + +on: + push: + branches: + - master + tags: + - v* + +jobs: + release-docker: + name: Docker + if: startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-20.04 + steps: + - + name: Checkout + uses: actions/checkout@v2 + - + name: Prepare + id: prepare + run: | + DOCKER_IMAGE=embarkstudios/wireguard-ui + DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 + VERSION=${GITHUB_REF#refs/tags/v} + + TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" + echo ::set-output name=docker_image::${DOCKER_IMAGE} + echo ::set-output name=version::${VERSION} + echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ + --build-arg VERSION=${VERSION} \ + ${TAGS} --file Dockerfile . + - + name: Set up Docker Buildx + uses: crazy-max/ghaction-docker-buildx@master + - + name: Docker Buildx (build) + run: | + docker buildx build --output "type=image,push=false" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Login + if: success() + env: + DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} + DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} + run: | + echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin + - + name: Docker Buildx (push) + if: success() + run: | + docker buildx build --output "type=image,push=true" ${{ steps.prepare.outputs.buildx_args }} + - + name: Docker Check Manifest + if: always() + run: | + docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} + - + name: Clear + if: always() + run: | + rm -f ${HOME}/.docker/config.json + + release-binary: + name: Binary + if: startsWith(github.ref, 'refs/tags/') + runs-on: ubuntu-20.04 + steps: + - uses: actions/checkout@v2 + + - name: Setup NodeJS + uses: actions/setup-node@v1 + with: + node-verison: '12.x' + + - name: npm install & build + run: | + make ui + + - name: Setup Go + uses: actions/setup-go@v2 + with: + go-version: '1.14' + + - name: Insert assets into go + run: | + make assets + + - name: Build wg-ui for Linux (AMD64) + run: | + name=wg-ui + target=linux-amd64 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: Build wg-ui for Linux (ARMv5) + run: | + name=wg-ui + target=linux-armv5 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=5 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: Build wg-ui for Linux (ARMv6) + run: | + name=wg-ui + target=linux-armv6 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=6 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: Build wg-ui for Linux (ARMv7) + run: | + name=wg-ui + target=linux-armv7 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=arm GOARM=7 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: Build wg-ui for Linux (ARM64) + run: | + name=wg-ui + target=linux-arm64 + release_name="$name-${GITHUB_REF#refs/tags/v}-$target" + release_tar="$release_name.tar.gz" + env CGO_ENABLED=0 GOOS=linux GOARCH=arm64 go build -o "$release_name" + tar czvf "$release_tar" "$release_name" + echo -n "$(shasum -ba 256 "${release_tar}" | cut -d " " -f 1)" > "${release_tar}.sha256" + rm "$release_name" + + - name: List content + run: | + ls -lah wg-ui* + + - name: GitHub Release + uses: softprops/action-gh-release@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + with: + draft: true + files: "wg-ui-*"