From f1635df605cc7aa48c19e56cfdb84f7f0ece299b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Markus=20Viitam=C3=A4ki?= Date: Wed, 16 Dec 2020 17:31:24 +0200 Subject: [PATCH] updated CI flow and change master -> main (#105) --- .github/workflows/pull_request.yaml | 34 ++--- .github/workflows/push_master.yaml | 213 +++++++++------------------- .github/workflows/release.yaml | 73 ++++------ Dockerfile | 2 +- UserSpace.Dockerfile | 4 +- 5 files changed, 111 insertions(+), 215 deletions(-) diff --git a/.github/workflows/pull_request.yaml b/.github/workflows/pull_request.yaml index f65e637..3a8cc9d 100644 --- a/.github/workflows/pull_request.yaml +++ b/.github/workflows/pull_request.yaml @@ -1,10 +1,11 @@ name: PR on: push: - branches-ignore: master + branches-ignore: main pull_request: branches: - - master + - main + jobs: review: name: Code Review @@ -13,9 +14,9 @@ jobs: - uses: actions/checkout@v2 - name: Use Node.js - uses: actions/setup-node@v1 + uses: actions/setup-node@v2 with: - node-version: '12.x' + node-version: 12 - name: npm install and build run: | @@ -23,32 +24,32 @@ jobs: npm run --prefix ui build - name: Get and install bindfs - uses: "cedrickring/golang-action@1.5.2" + uses: "cedrickring/golang-action@1.6.0" with: args: go get -u github.com/go-bindata/go-bindata/... && go get -u github.com/elazarl/go-bindata-assetfs/... && go-bindata-assetfs -prefix ui/dist ui/dist - name: Check styling error - uses: "cedrickring/golang-action@1.5.2" + uses: "cedrickring/golang-action@1.6.0" with: args: go get -u golang.org/x/lint/golint; golint -set_exit_status main.go server.go config.go - name: Check missing error check - uses: "cedrickring/golang-action@1.5.2" + uses: "cedrickring/golang-action@1.6.0" with: args: go get -u github.com/kisielk/errcheck; errcheck ./... - name: Check suspicious constructs (1) - uses: "cedrickring/golang-action@1.5.2" + uses: "cedrickring/golang-action@1.6.0" with: args: go get -u honnef.co/go/tools/cmd/staticcheck; staticcheck -checks all,-ST1003,-U1000,-ST1005 ./... # have to disable ST1003,U1000,ST1005 due to the generated code - name: Check suspicious constructs (2) - uses: "cedrickring/golang-action@1.5.2" + uses: "cedrickring/golang-action@1.6.0" with: args: go vet ./... - name: Check security issues with gosec - uses: "cedrickring/golang-action@1.5.2" + uses: "cedrickring/golang-action@1.6.0" with: # TODO: remove `-exclude=G110` once https://github.com/go-bindata/go-bindata/pull/50 is merged and released args: go get -u github.com/securego/gosec/cmd/gosec; gosec -exclude=G110 ./... # https://github.com/securego/gosec @@ -61,17 +62,18 @@ jobs: uses: actions/checkout@v2 - name: Setup NodeJS - uses: actions/setup-node@v1 + uses: actions/setup-node@v2 with: - node-verison: '12.x' + node-verison: 12 + check-latest: true - name: Setup Go uses: actions/setup-go@v2 - with: - go-version: '1.14' - - name: Build binary - run: make build + - name: Build wg-ui + run: | + export PATH=$PATH:$(go env GOPATH)/bin + make build - name: Check binary run: file bin/wireguard-ui diff --git a/.github/workflows/push_master.yaml b/.github/workflows/push_master.yaml index 7fb54ca..b288412 100644 --- a/.github/workflows/push_master.yaml +++ b/.github/workflows/push_master.yaml @@ -3,206 +3,121 @@ name: Main on: push: branches: - - master + - main jobs: docker-build: - name: Docker + name: Docker Main runs-on: ubuntu-20.04 steps: - name: Checkout uses: actions/checkout@v2 - - name: Prepare - id: prepare - run: | - DOCKER_IMAGE=embarkstudios/wireguard-ui - DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 - VERSION=latest - - TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" - echo ::set-output name=docker_image::${DOCKER_IMAGE} - echo ::set-output name=version::${VERSION} - echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ - --build-arg VERSION=${VERSION} \ - ${TAGS} --file Dockerfile . + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx - uses: crazy-max/ghaction-docker-buildx@master + uses: docker/setup-buildx-action@v1 - - name: Cache Docker Buildx + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Cache Docker layers uses: actions/cache@v2 - id: cache with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - - name: Docker Buildx (build) - run: | - docker buildx build \ - --cache-from "type=local,src=/tmp/.buildx-cache" \ - --cache-to "type=local,dest=/tmp/.buildx-cache" \ - --output "type=image,push=false" \ - ${{ steps.prepare.outputs.buildx_args }} - - - name: Docker Login - if: success() - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin - - - name: Docker Buildx (push) - if: success() - run: | - docker buildx build \ - --cache-from "type=local,src=/tmp/.buildx-cache" \ - --output "type=image,push=true" \ - ${{ steps.prepare.outputs.buildx_args }} - - - name: Docker Check Manifest - if: always() - run: | - docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} - - - name: Clear - if: always() - run: | - rm -f ${HOME}/.docker/config.json + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64,linux/arm/v7 + push: true + tags: embarkstudios/wireguard-ui:latest + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache docker-userspace: name: Docker UserSpace runs-on: ubuntu-20.04 + needs: docker-build steps: - name: Checkout uses: actions/checkout@v2 - - name: Prepare - id: prepare - run: | - DOCKER_IMAGE=embarkstudios/wireguard-ui - DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 - VERSION=userspace - - TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" - echo ::set-output name=docker_image::${DOCKER_IMAGE} - echo ::set-output name=version::${VERSION} - echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ - --build-arg VERSION=${VERSION} \ - ${TAGS} --file UserSpace.Dockerfile . + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 - name: Set up Docker Buildx - uses: crazy-max/ghaction-docker-buildx@master + uses: docker/setup-buildx-action@v1 - - name: Cache Docker Buildx + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Cache Docker layers uses: actions/cache@v2 - id: cache with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - - name: Docker Buildx (build) - run: | - docker buildx build \ - --cache-from "type=local,src=/tmp/.buildx-cache" \ - --cache-to "type=local,dest=/tmp/.buildx-cache" \ - --output "type=image,push=false" \ - ${{ steps.prepare.outputs.buildx_args }} - - - name: Docker Login - if: success() - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin - - - name: Docker Buildx (push) - if: success() - run: | - docker buildx build \ - --cache-from "type=local,src=/tmp/.buildx-cache" \ - --output "type=image,push=true" \ - ${{ steps.prepare.outputs.buildx_args }} - - - name: Docker Check Manifest - if: always() - run: | - docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} - - - name: Clear - if: always() - run: | - rm -f ${HOME}/.docker/config.json + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: . + file: ./UserSpace.Dockerfile + platforms: linux/amd64,linux/arm64,linux/arm/v7 + push: true + tags: embarkstudios/wireguard-ui:userspace + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache docker-debug: name: Docker Debug runs-on: ubuntu-20.04 + needs: [docker-build, docker-userspace] steps: - name: Checkout uses: actions/checkout@v2 - - name: Prepare - id: prepare - run: | - DOCKER_IMAGE=embarkstudios/wireguard-ui - DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 - VERSION=debug + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 - TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" - echo ::set-output name=docker_image::${DOCKER_IMAGE} - echo ::set-output name=version::${VERSION} - echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ - --build-arg VERSION=${VERSION} \ - ${TAGS} --file Dockerfile.debug . + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 - - name: Set up Buildx - uses: crazy-max/ghaction-docker-buildx@master + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} - - name: Cache Docker Buildx + - name: Cache Docker layers uses: actions/cache@v2 - id: cache with: path: /tmp/.buildx-cache key: ${{ runner.os }}-buildx-${{ github.sha }} restore-keys: | ${{ runner.os }}-buildx- - - name: Docker Buildx (build) - run: | - docker buildx build \ - --cache-from "type=local,src=/tmp/.buildx-cache" \ - --cache-to "type=local,dest=/tmp/.buildx-cache" \ - --output "type=image,push=false" \ - ${{ steps.prepare.outputs.buildx_args }} - - - name: Docker Login - if: success() - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin - - - name: Docker Buildx (push) - if: success() - run: | - docker buildx build \ - --cache-from "type=local,src=/tmp/.buildx-cache" \ - --output "type=image,push=true" \ - ${{ steps.prepare.outputs.buildx_args }} - - - name: Docker Check Manifest - if: always() - run: | - docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} - - - name: Clear - if: always() - run: | - rm -f ${HOME}/.docker/config.json + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile.debug + platforms: linux/amd64,linux/arm64,linux/arm/v7 + push: true + tags: embarkstudios/wireguard-ui:debug + cache-from: type=local,src=/tmp/.buildx-cache + cache-to: type=local,dest=/tmp/.buildx-cache diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml index ee35d52..c980e32 100644 --- a/.github/workflows/release.yaml +++ b/.github/workflows/release.yaml @@ -3,7 +3,7 @@ name: Release on: push: branches: - - master + - main tags: - v* @@ -13,50 +13,31 @@ jobs: if: startsWith(github.ref, 'refs/tags/') runs-on: ubuntu-20.04 steps: - - - name: Checkout + - name: Checkout uses: actions/checkout@v2 - - - name: Prepare - id: prepare - run: | - DOCKER_IMAGE=embarkstudios/wireguard-ui - DOCKER_PLATFORMS=linux/amd64,linux/arm64,linux/arm/v7 - VERSION=${GITHUB_REF#refs/tags/v} - TAGS="--tag ${DOCKER_IMAGE}:${VERSION}" - echo ::set-output name=docker_image::${DOCKER_IMAGE} - echo ::set-output name=version::${VERSION} - echo ::set-output name=buildx_args::--platform ${DOCKER_PLATFORMS} \ - --build-arg VERSION=${VERSION} \ - ${TAGS} --file Dockerfile . - - - name: Set up Docker Buildx - uses: crazy-max/ghaction-docker-buildx@master - - - name: Docker Buildx (build) - run: | - docker buildx build --output "type=image,push=false" ${{ steps.prepare.outputs.buildx_args }} - - - name: Docker Login - if: success() - env: - DOCKER_USERNAME: ${{ secrets.DOCKER_USERNAME }} - DOCKER_PASSWORD: ${{ secrets.DOCKER_PASSWORD }} - run: | - echo "${DOCKER_PASSWORD}" | docker login --username "${DOCKER_USERNAME}" --password-stdin - - - name: Docker Buildx (push) - if: success() - run: | - docker buildx build --output "type=image,push=true" ${{ steps.prepare.outputs.buildx_args }} - - - name: Docker Check Manifest - if: always() - run: | - docker run --rm mplatform/mquery ${{ steps.prepare.outputs.docker_image }}:${{ steps.prepare.outputs.version }} - - - name: Clear + - name: Set up QEMU + uses: docker/setup-qemu-action@v1 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v1 + + - name: Login to DockerHub + uses: docker/login-action@v1 + with: + username: ${{ secrets.DOCKERHUB_USERNAME }} + password: ${{ secrets.DOCKERHUB_TOKEN }} + + - name: Build and push + uses: docker/build-push-action@v2 + with: + context: . + file: ./Dockerfile + platforms: linux/amd64,linux/arm64,linux/arm/v7 + push: true + tags: embarkstudios/wireguard-ui:${GITHUB_REF#refs/tags/v} + + - name: Clear if: always() run: | rm -f ${HOME}/.docker/config.json @@ -69,9 +50,9 @@ jobs: - uses: actions/checkout@v2 - name: Setup NodeJS - uses: actions/setup-node@v1 + uses: actions/setup-node@v2 with: - node-verison: '12.x' + node-verison: 12 - name: npm install & build run: | @@ -79,8 +60,6 @@ jobs: - name: Setup Go uses: actions/setup-go@v2 - with: - go-version: '1.14' - name: Insert assets into go run: | diff --git a/Dockerfile b/Dockerfile index 6afbfe8..de0a1e1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,7 +5,7 @@ RUN npm install COPY ui . RUN npm run build -FROM docker.io/golang:1.14 AS build +FROM docker.io/golang:latest AS build WORKDIR /wg RUN go get github.com/go-bindata/go-bindata/... RUN go get github.com/elazarl/go-bindata-assetfs/... diff --git a/UserSpace.Dockerfile b/UserSpace.Dockerfile index 615e70f..a857e1f 100644 --- a/UserSpace.Dockerfile +++ b/UserSpace.Dockerfile @@ -5,7 +5,7 @@ RUN npm install COPY ui . RUN npm run build -FROM docker.io/golang:1.14 AS build +FROM docker.io/golang:latest AS build WORKDIR /wg RUN go get github.com/go-bindata/go-bindata/... RUN go get github.com/elazarl/go-bindata-assetfs/... @@ -17,7 +17,7 @@ COPY --from=ui /ui/dist ui/dist RUN go-bindata-assetfs -prefix ui/dist ui/dist RUN go install . -FROM docker.io/golang:1.14 AS wg_go_build +FROM docker.io/golang:latest AS wg_go_build WORKDIR /wg-go RUN git init && \ git remote add origin https://git.zx2c4.com/wireguard-go && \