diff --git a/.github/workflows/BuildImage.yml b/.github/workflows/BuildImage.yml index c81c87f..3803786 100644 --- a/.github/workflows/BuildImage.yml +++ b/.github/workflows/BuildImage.yml @@ -1,78 +1,47 @@ name: Build Image -on: [push, pull_request, workflow_dispatch] +on: [push, pull_request_target, workflow_dispatch] env: + GITHUB_REPO: "linuxserver/docker-mods" #don't modify ENDPOINT: "linuxserver/mods" #don't modify BASEIMAGE: "universal" #replace MODNAME: "docker" #replace jobs: - build: + set-vars: runs-on: ubuntu-latest steps: - - uses: actions/checkout@v2.3.3 - - - name: Build image + - name: Set Vars + id: outputs run: | - # Set version - if [ -z ${COMPOSE_RELEASE+x} ]; then COMPOSE_RELEASE=$(curl -sX GET "https://api.github.com/repos/docker/compose/releases/latest" | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||'); fi - if [ -z ${DOCKER_RELEASE+x} ]; then DOCKER_RELEASE=$(curl -sX GET "https://api.github.com/repos/moby/moby/releases/latest" | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||'); fi - COMBINED_VERSION=${DOCKER_RELEASE}-${COMPOSE_RELEASE} - echo "**** Combined version is ${COMBINED_VERSION} ****" - echo "COMBINED_VERSION=${COMBINED_VERSION}" >> $GITHUB_ENV - if curl -fSsL "https://download.docker.com/linux/static/stable/x86_64/docker-${DOCKER_RELEASE}.tgz" >/dev/null && curl -fSsL "https://download.docker.com/linux/static/stable/armhf/docker-${DOCKER_RELEASE}.tgz" >/dev/null && curl -fSsL "https://download.docker.com/linux/static/stable/aarch64/docker-${DOCKER_RELEASE}.tgz" >/dev/null; then echo "Docker tarballs exist, proceeding"; else echo "Docker tarballs are missing, exiting!" && exit 1; fi - # Build image - docker build --no-cache --build-arg COMPOSE_RELEASE=${COMPOSE_RELEASE} --build-arg DOCKER_RELEASE=${DOCKER_RELEASE} -t ${{ github.sha }} . + echo "GITHUB_REPO=${{ env.GITHUB_REPO }}" >> $GITHUB_OUTPUT + echo "ENDPOINT=${{ env.ENDPOINT }}" >> $GITHUB_OUTPUT + echo "BASEIMAGE=${{ env.BASEIMAGE }}" >> $GITHUB_OUTPUT + echo "MODNAME=${{ env.MODNAME }}" >> $GITHUB_OUTPUT + # **** If the mod needs to be versioned, set the versioning logic below. Otherwise leave as is. **** + COMPOSE_RELEASE=$(curl -sX GET "https://api.github.com/repos/docker/compose/releases/latest" | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||') + DOCKER_RELEASE=$(curl -sX GET "https://api.github.com/repos/moby/moby/releases/latest" | awk '/tag_name/{print $4;exit}' FS='[""]' | sed 's|^v||') + MOD_VERSION="${DOCKER_RELEASE}-${COMPOSE_RELEASE}" + echo "MOD_VERSION=${MOD_VERSION}" >> $GITHUB_OUTPUT + outputs: + GITHUB_REPO: ${{ steps.outputs.outputs.GITHUB_REPO }} + ENDPOINT: ${{ steps.outputs.outputs.ENDPOINT }} + BASEIMAGE: ${{ steps.outputs.outputs.BASEIMAGE }} + MODNAME: ${{ steps.outputs.outputs.MODNAME }} + MOD_VERSION: ${{ steps.outputs.outputs.MOD_VERSION }} - - name: Tag image - if: ${{ github.ref == format('refs/heads/{0}-{1}', env.BASEIMAGE, env.MODNAME) }} - run: | - docker tag ${{ github.sha }} ${ENDPOINT}:${BASEIMAGE}-${MODNAME} - docker tag ${{ github.sha }} ${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ env.COMBINED_VERSION }} - docker tag ${{ github.sha }} ${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ env.COMBINED_VERSION }}-${{ github.sha }} - docker tag ${{ github.sha }} ${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ github.sha }} - docker tag ${{ github.sha }} ghcr.io/${ENDPOINT}:${BASEIMAGE}-${MODNAME} - docker tag ${{ github.sha }} ghcr.io/${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ env.COMBINED_VERSION }} - docker tag ${{ github.sha }} ghcr.io/${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ env.COMBINED_VERSION }}-${{ github.sha }} - docker tag ${{ github.sha }} ghcr.io/${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ github.sha }} - - - name: Credential check - if: ${{ github.ref == format('refs/heads/{0}-{1}', env.BASEIMAGE, env.MODNAME) }} - run: | - echo "CR_USER=${{ secrets.CR_USER }}" >> $GITHUB_ENV - echo "CR_PAT=${{ secrets.CR_PAT }}" >> $GITHUB_ENV - echo "DOCKERUSER=${{ secrets.DOCKERUSER }}" >> $GITHUB_ENV - echo "DOCKERPASS=${{ secrets.DOCKERPASS }}" >> $GITHUB_ENV - if [[ "${{ secrets.CR_USER }}" == "" && "${{ secrets.CR_PAT }}" == "" && "${{ secrets.DOCKERUSER }}" == "" && "${{ secrets.DOCKERPASS }}" == "" ]]; then - echo "::error::Push credential secrets missing." - echo "::error::You must set either CR_USER & CR_PAT or DOCKERUSER & DOCKERPASS as secrets in your repo settings." - echo "::error::See https://github.com/linuxserver/docker-mods/blob/master/README.md for more information/instructions." - exit 1 - fi - - - name: Login to GitHub Container Registry - if: ${{ github.ref == format('refs/heads/{0}-{1}', env.BASEIMAGE, env.MODNAME) && env.CR_USER && env.CR_PAT }} - run: | - echo "${{ secrets.CR_PAT }}" | docker login ghcr.io -u ${{ secrets.CR_USER }} --password-stdin - - - name: Push tags to GitHub Container Registry - if: ${{ github.ref == format('refs/heads/{0}-{1}', env.BASEIMAGE, env.MODNAME) && env.CR_USER && env.CR_PAT }} - run: | - docker push ghcr.io/${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ env.COMBINED_VERSION }} - docker push ghcr.io/${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ env.COMBINED_VERSION }}-${{ github.sha }} - docker push ghcr.io/${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ github.sha }} - docker push ghcr.io/${ENDPOINT}:${BASEIMAGE}-${MODNAME} - - - name: Login to DockerHub - if: ${{ github.ref == format('refs/heads/{0}-{1}', env.BASEIMAGE, env.MODNAME) && env.DOCKERUSER && env.DOCKERPASS }} - run: | - echo ${{ secrets.DOCKERPASS }} | docker login -u ${{ secrets.DOCKERUSER }} --password-stdin - - - name: Push tags to DockerHub - if: ${{ github.ref == format('refs/heads/{0}-{1}', env.BASEIMAGE, env.MODNAME) && env.DOCKERUSER && env.DOCKERPASS }} - run: | - docker push ${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ env.COMBINED_VERSION }} - docker push ${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ env.COMBINED_VERSION }}-${{ github.sha }} - docker push ${ENDPOINT}:${BASEIMAGE}-${MODNAME}-${{ github.sha }} - docker push ${ENDPOINT}:${BASEIMAGE}-${MODNAME} + build: + uses: linuxserver/github-workflows/.github/workflows/docker-mod-builder.yml@v1 + needs: set-vars + secrets: + CR_USER: ${{ secrets.CR_USER }} + CR_PAT: ${{ secrets.CR_PAT }} + DOCKERUSER: ${{ secrets.DOCKERUSER }} + DOCKERPASS: ${{ secrets.DOCKERPASS }} + with: + GITHUB_REPO: ${{ needs.set-vars.outputs.GITHUB_REPO }} + ENDPOINT: ${{ needs.set-vars.outputs.ENDPOINT }} + BASEIMAGE: ${{ needs.set-vars.outputs.BASEIMAGE }} + MODNAME: ${{ needs.set-vars.outputs.MODNAME }} + MOD_VERSION: ${{ needs.set-vars.outputs.MOD_VERSION }} diff --git a/.github/workflows/call_issue_pr_tracker.yml b/.github/workflows/call_issue_pr_tracker.yml new file mode 100644 index 0000000..2c30784 --- /dev/null +++ b/.github/workflows/call_issue_pr_tracker.yml @@ -0,0 +1,16 @@ +name: Issue & PR Tracker + +on: + issues: + types: [opened,reopened,labeled,unlabeled,closed] + pull_request_target: + types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed] + pull_request_review: + types: [submitted,edited,dismissed] + +jobs: + manage-project: + permissions: + issues: write + uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1 + secrets: inherit diff --git a/.github/workflows/permissions.yml b/.github/workflows/permissions.yml new file mode 100644 index 0000000..1447bc5 --- /dev/null +++ b/.github/workflows/permissions.yml @@ -0,0 +1,10 @@ +name: Permission check +on: + pull_request_target: + paths: + - '**/run' + - '**/finish' + - '**/check' +jobs: + permission_check: + uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1 diff --git a/Dockerfile b/Dockerfile index 703572d..87c8206 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,19 +1,25 @@ -FROM ghcr.io/linuxserver/baseimage-alpine:3.15 as buildstage +# syntax=docker/dockerfile:1 -ARG DOCKER_RELEASE -ARG COMPOSE_RELEASE +FROM ghcr.io/linuxserver/baseimage-alpine:3.17 as buildstage + +ARG MOD_VERSION RUN \ echo "**** install packages ****" && \ apk add --no-cache \ - curl \ git \ go && \ - echo "**** retrieve latest docker version ****" && \ - if [ -z ${DOCKER_RELEASE+x} ]; then \ + echo "**** retrieve latest version ****" && \ + if [[ -z "${MOD_VERSION+x}" ]]; then \ DOCKER_RELEASE=$(curl -sX GET "https://api.github.com/repos/moby/moby/releases/latest" \ | awk '/tag_name/{print $4;exit}' FS='[""]' \ | sed 's|^v||'); \ + COMPOSE_RELEASE=$(curl -sX GET "https://api.github.com/repos/docker/compose/releases/latest" \ + | awk '/tag_name/{print $4;exit}' FS='[""]' \ + | sed 's|^v||'); \ + else \ + DOCKER_RELEASE=$(echo "${MOD_VERSION}" | sed 's|-.*||'); \ + COMPOSE_RELEASE=$(echo "${MOD_VERSION}" | sed 's|.*-||'); \ fi && \ echo "**** grab docker ****" && \ mkdir -p \ @@ -42,12 +48,6 @@ RUN \ /tmp/docker_aarch64.tgz -C \ /tmp/docker_aarch64 --strip-components=1 && \ cp /tmp/docker_aarch64/docker /root-layer/docker-bins/docker_aarch64 && \ - echo "**** retrieve latest compose version ****" && \ - if [ -z ${COMPOSE_RELEASE+x} ]; then \ - COMPOSE_RELEASE=$(curl -sX GET "https://api.github.com/repos/docker/compose/releases/latest" \ - | awk '/tag_name/{print $4;exit}' FS='[""]' \ - | sed 's|^v||'); \ - fi && \ echo "**** grab compose ****" && \ curl -fo \ /root-layer/docker-bins/docker-compose_x86_64 -L \ diff --git a/root/etc/cont-init.d/95-docker b/root/etc/cont-init.d/95-docker deleted file mode 100644 index 8138cbb..0000000 --- a/root/etc/cont-init.d/95-docker +++ /dev/null @@ -1,32 +0,0 @@ -#!/usr/bin/with-contenv bash - -echo "**** installing docker and docker compose ****" -ARCH=$(uname -m) -if [ -d "/docker-bins" ] ; then - echo "Copying over docker and docker-compose binaries" - mkdir -p /usr/local/lib/docker/cli-plugins - mv "/docker-bins/docker-compose_${ARCH}" /usr/local/lib/docker/cli-plugins/docker-compose - mv "/docker-bins/docker_${ARCH}" /usr/local/bin/docker - mv "/docker-bins/compose-switch_${ARCH}" /usr/local/bin/docker-compose - rm -rf /docker-bins -else - echo "**** docker and docker-compose already installed, skipping ****" -fi - -if [ -S /var/run/docker.sock ]; then - DOCKER_GID=$(stat -c '%g' "/var/run/docker.sock") - if id -G abc | grep -qw "$DOCKER_GID"; then - exit 0 - else - DOCKER_NAME=$(getent group "${DOCKER_GID}" | awk -F: '{print $1}') - if [ -z "${DOCKER_NAME}" ]; then - DOCKER_NAME="dockergroup" - groupadd -g "${DOCKER_GID}" "${DOCKER_NAME}" - fi - usermod -aG "${DOCKER_NAME}" abc - fi -elif [ -n "$DOCKER_HOST" ]; then - echo "**** Remote docker service $DOCKER_HOST will be used ****" -else - echo "**** Please map /var/run/docker.sock for access to docker service on host. Alternatively you can manually define a remote host address with the docker cli option -H ****" -fi