mirror of
https://github.com/linuxserver/docker-socket-proxy.git
synced 2026-03-23 00:05:53 +08:00
Compare commits
35 Commits
3.2.6-r0-l
...
main
| Author | SHA1 | Date | |
|---|---|---|---|
|
3daa1fa293 | ||
|
|
03f6cf0a3b | ||
|
|
e24d58e8d5 | ||
|
|
e48fa8cb48 | ||
|
|
2fa0a25516 | ||
|
|
1b802fff04 | ||
|
|
7b08306c83 | ||
|
|
285c2f1e8a | ||
|
|
d748b6059a | ||
|
|
759f3d4f53 | ||
|
|
98014fa778 | ||
|
|
cd7e38d6cf | ||
|
|
eb86659f88 | ||
|
|
9576190510 | ||
|
|
219ce6b08a | ||
|
|
3a026ca88a | ||
|
|
688325c7c1 | ||
|
|
220b60d1e4 | ||
|
|
5dda1e569d | ||
|
|
7209cedd27 | ||
|
|
33475e5a74 | ||
|
|
5ac3703d34 | ||
|
|
88a8b97a9b | ||
|
|
9c463c89fd | ||
|
|
95176795db | ||
|
|
9a9a4519f5 | ||
|
|
e2ad25826a | ||
|
|
3cdd8a617d | ||
|
|
3399089770 | ||
|
|
c29d4ca2be | ||
|
|
5199ebb5b9 | ||
|
|
a67fae181d | ||
|
|
a93fc20f4b | ||
|
|
481d04dd3e | ||
|
|
a297ad9bdd |
4
.github/workflows/external_trigger.yml
vendored
4
.github/workflows/external_trigger.yml
vendored
@ -29,7 +29,7 @@ jobs:
|
||||
echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY
|
||||
echo "> External trigger running off of main branch. To disable this trigger, add \`socket-proxy_main\` into the Github organizational variable \`SKIP_EXTERNAL_TRIGGER\`." >> $GITHUB_STEP_SUMMARY
|
||||
printf "\n## Retrieving external version\n\n" >> $GITHUB_STEP_SUMMARY
|
||||
EXT_RELEASE=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.22/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
|
||||
EXT_RELEASE=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.23/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
|
||||
&& awk '/^P:'"haproxy"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://')
|
||||
echo "Type is \`alpine_repo\`" >> $GITHUB_STEP_SUMMARY
|
||||
if grep -q "^socket-proxy_main_${EXT_RELEASE}" <<< "${SKIP_EXTERNAL_TRIGGER}"; then
|
||||
@ -107,7 +107,7 @@ jobs:
|
||||
if [ "${EXT_RELEASE_SANITIZED}" == "${IMAGE_VERSION}" ]; then
|
||||
echo "Sanitized version \`${EXT_RELEASE_SANITIZED}\` already pushed, exiting" >> $GITHUB_STEP_SUMMARY
|
||||
exit 0
|
||||
elif [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.22/main/aarch64/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"haproxy"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]] || [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.22/main/riscv64/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"haproxy"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]]; then
|
||||
elif [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.23/main/aarch64/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"haproxy"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]] || [[ $(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.23/main/riscv64/APKINDEX.tar.gz" | tar -xz -C /tmp && awk '/^P:'"haproxy"'$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://') != "${EXT_RELEASE}" ]]; then
|
||||
echo "New version \`${EXT_RELEASE}\` found; but not all arch repos updated yet; exiting" >> $GITHUB_STEP_SUMMARY
|
||||
FAILURE_REASON="New version ${EXT_RELEASE} for socket-proxy tag latest is detected, however not all arch repos are updated yet. Will try again later."
|
||||
curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903,
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
FROM docker.io/alpine:3.22
|
||||
FROM docker.io/alpine:3.23
|
||||
|
||||
# set version label
|
||||
ARG BUILD_DATE
|
||||
@ -17,7 +17,7 @@ RUN \
|
||||
curl \
|
||||
tzdata && \
|
||||
if [ -z ${HAPROXY_VERSION+x} ]; then \
|
||||
HAPROXY_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.22/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
|
||||
HAPROXY_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.23/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
|
||||
&& awk '/^P:haproxy$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://'); \
|
||||
fi && \
|
||||
apk add --no-cache \
|
||||
@ -32,6 +32,8 @@ RUN \
|
||||
ENV ALLOW_RESTARTS=0 \
|
||||
ALLOW_STOP=0 \
|
||||
ALLOW_START=0 \
|
||||
ALLOW_PAUSE=0 \
|
||||
ALLOW_UNPAUSE=0 \
|
||||
AUTH=0 \
|
||||
BUILD=0 \
|
||||
COMMIT=0 \
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
FROM docker.io/alpine:3.22
|
||||
FROM docker.io/alpine:3.23
|
||||
|
||||
# set version label
|
||||
ARG BUILD_DATE
|
||||
@ -17,7 +17,7 @@ RUN \
|
||||
curl \
|
||||
tzdata && \
|
||||
if [ -z ${HAPROXY_VERSION+x} ]; then \
|
||||
HAPROXY_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.22/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
|
||||
HAPROXY_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.23/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
|
||||
&& awk '/^P:haproxy$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://'); \
|
||||
fi && \
|
||||
apk add --no-cache \
|
||||
@ -32,6 +32,8 @@ RUN \
|
||||
ENV ALLOW_RESTARTS=0 \
|
||||
ALLOW_STOP=0 \
|
||||
ALLOW_START=0 \
|
||||
ALLOW_PAUSE=0 \
|
||||
ALLOW_UNPAUSE=0 \
|
||||
AUTH=0 \
|
||||
BUILD=0 \
|
||||
COMMIT=0 \
|
||||
|
||||
@ -1,6 +1,6 @@
|
||||
# syntax=docker/dockerfile:1
|
||||
|
||||
FROM docker.io/alpine:3.22
|
||||
FROM docker.io/alpine:3.23
|
||||
|
||||
# set version label
|
||||
ARG BUILD_DATE
|
||||
@ -17,7 +17,7 @@ RUN \
|
||||
curl \
|
||||
tzdata && \
|
||||
if [ -z ${HAPROXY_VERSION+x} ]; then \
|
||||
HAPROXY_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.22/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
|
||||
HAPROXY_VERSION=$(curl -sL "http://dl-cdn.alpinelinux.org/alpine/v3.23/main/x86_64/APKINDEX.tar.gz" | tar -xz -C /tmp \
|
||||
&& awk '/^P:haproxy$/,/V:/' /tmp/APKINDEX | sed -n 2p | sed 's/^V://'); \
|
||||
fi && \
|
||||
apk add --no-cache \
|
||||
@ -32,6 +32,8 @@ RUN \
|
||||
ENV ALLOW_RESTARTS=0 \
|
||||
ALLOW_STOP=0 \
|
||||
ALLOW_START=0 \
|
||||
ALLOW_PAUSE=0 \
|
||||
ALLOW_UNPAUSE=0 \
|
||||
AUTH=0 \
|
||||
BUILD=0 \
|
||||
COMMIT=0 \
|
||||
|
||||
125
Jenkinsfile
vendored
125
Jenkinsfile
vendored
@ -27,7 +27,7 @@ pipeline {
|
||||
DEV_DOCKERHUB_IMAGE = 'lsiodev/socket-proxy'
|
||||
PR_DOCKERHUB_IMAGE = 'lspipepr/socket-proxy'
|
||||
DIST_IMAGE = 'alpine'
|
||||
DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.22/main/'
|
||||
DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.23/main/'
|
||||
DIST_REPO_PACKAGES = 'haproxy'
|
||||
MULTIARCH='true'
|
||||
CI='true'
|
||||
@ -211,6 +211,7 @@ pipeline {
|
||||
env.META_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
|
||||
env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
|
||||
env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
|
||||
env.CITEST_IMAGETAG = 'latest'
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -236,6 +237,7 @@ pipeline {
|
||||
env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
|
||||
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/'
|
||||
env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
|
||||
env.CITEST_IMAGETAG = 'develop'
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -261,6 +263,7 @@ pipeline {
|
||||
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
|
||||
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
|
||||
env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache'
|
||||
env.CITEST_IMAGETAG = 'develop'
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -283,7 +286,7 @@ pipeline {
|
||||
-v ${WORKSPACE}:/mnt \
|
||||
-e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \
|
||||
-e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \
|
||||
ghcr.io/linuxserver/baseimage-alpine:3.20 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
|
||||
ghcr.io/linuxserver/baseimage-alpine:3.23 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\
|
||||
apk add --no-cache python3 && \
|
||||
python3 -m venv /lsiopy && \
|
||||
pip install --no-cache-dir -U pip && \
|
||||
@ -555,13 +558,16 @@ pipeline {
|
||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||
|
||||
if [[ "${PACKAGE_CHECK}" != "true" ]]; then
|
||||
declare -A pids
|
||||
IFS=',' read -ra CACHE <<< "$BUILDCACHE"
|
||||
for i in "${CACHE[@]}"; do
|
||||
docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} &
|
||||
pids[$!]="$i"
|
||||
done
|
||||
for p in $(jobs -p); do
|
||||
wait "$p" || { echo "job $p failed" >&2; exit 1; }
|
||||
for p in "${!pids[@]}"; do
|
||||
wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
|
||||
done
|
||||
fi
|
||||
'''
|
||||
@ -621,13 +627,16 @@ pipeline {
|
||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||
|
||||
if [[ "${PACKAGE_CHECK}" != "true" ]]; then
|
||||
declare -A pids
|
||||
IFS=',' read -ra CACHE <<< "$BUILDCACHE"
|
||||
for i in "${CACHE[@]}"; do
|
||||
docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} &
|
||||
pids[$!]="$i"
|
||||
done
|
||||
for p in $(jobs -p); do
|
||||
wait "$p" || { echo "job $p failed" >&2; exit 1; }
|
||||
for p in "${!pids[@]}"; do
|
||||
wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
|
||||
done
|
||||
fi
|
||||
'''
|
||||
@ -681,12 +690,14 @@ pipeline {
|
||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||
if [[ "${PACKAGE_CHECK}" != "true" ]]; then
|
||||
declare -A pids
|
||||
IFS=',' read -ra CACHE <<< "$BUILDCACHE"
|
||||
for i in "${CACHE[@]}"; do
|
||||
docker push ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} &
|
||||
pids[$!]="$i"
|
||||
done
|
||||
for p in $(jobs -p); do
|
||||
wait "$p" || { echo "job $p failed" >&2; exit 1; }
|
||||
for p in "${!pids[@]}"; do
|
||||
wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
|
||||
done
|
||||
fi
|
||||
'''
|
||||
@ -747,13 +758,16 @@ pipeline {
|
||||
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
|
||||
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
|
||||
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
|
||||
|
||||
if [[ "${PACKAGE_CHECK}" != "true" ]]; then
|
||||
declare -A pids
|
||||
IFS=',' read -ra CACHE <<< "$BUILDCACHE"
|
||||
for i in "${CACHE[@]}"; do
|
||||
docker push ${i}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} &
|
||||
pids[$!]="$i"
|
||||
done
|
||||
for p in $(jobs -p); do
|
||||
wait "$p" || { echo "job $p failed" >&2; exit 1; }
|
||||
for p in "${!pids[@]}"; do
|
||||
wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; }
|
||||
done
|
||||
fi
|
||||
'''
|
||||
@ -878,7 +892,7 @@ pipeline {
|
||||
CI_DOCKERENV="LSIO_FIRST_PARTY=true"
|
||||
fi
|
||||
fi
|
||||
docker pull ghcr.io/linuxserver/ci:latest
|
||||
docker pull ghcr.io/linuxserver/ci:${CITEST_IMAGETAG}
|
||||
if [ "${MULTIARCH}" == "true" ]; then
|
||||
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64
|
||||
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
|
||||
@ -904,7 +918,9 @@ pipeline {
|
||||
-e WEB_PATH=\"${CI_WEBPATH}\" \
|
||||
-e NODE_NAME=\"${NODE_NAME}\" \
|
||||
-e SYFT_IMAGE_TAG=\"${CI_SYFT_IMAGE_TAG:-${SYFT_IMAGE_TAG}}\" \
|
||||
-t ghcr.io/linuxserver/ci:latest \
|
||||
-e COMMIT_SHA=\"${COMMIT_SHA}\" \
|
||||
-e BUILD_NUMBER=\"${BUILD_NUMBER}\" \
|
||||
-t ghcr.io/linuxserver/ci:${CITEST_IMAGETAG} \
|
||||
python3 test_build.py'''
|
||||
}
|
||||
}
|
||||
@ -930,9 +946,11 @@ pipeline {
|
||||
CACHEIMAGE=${i}
|
||||
fi
|
||||
done
|
||||
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:latest -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:latest -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
if [ -n "${SEMVER}" ]; then
|
||||
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
fi
|
||||
done
|
||||
'''
|
||||
@ -957,22 +975,31 @@ pipeline {
|
||||
CACHEIMAGE=${i}
|
||||
fi
|
||||
done
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-latest -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-latest -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:riscv64-${META_TAG} -t ${MANIFESTIMAGE}:riscv64-latest -t ${MANIFESTIMAGE}:riscv64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-latest -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-latest -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:riscv64-${META_TAG} -t ${MANIFESTIMAGE}:riscv64-latest -t ${MANIFESTIMAGE}:riscv64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
if [ -n "${SEMVER}" ]; then
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:riscv64-${SEMVER} ${CACHEIMAGE}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER}
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:riscv64-${SEMVER} ${CACHEIMAGE}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
fi
|
||||
done
|
||||
for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:riscv64-latest ${MANIFESTIMAGE}:arm64v8-latest
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:riscv64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
|
||||
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:riscv64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:riscv64-latest ${MANIFESTIMAGE}:arm64v8-latest || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:riscv64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:riscv64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
if [ -n "${SEMVER}" ]; then
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:riscv64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
|
||||
docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:riscv64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} || \
|
||||
{ if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; }
|
||||
fi
|
||||
done
|
||||
'''
|
||||
@ -990,23 +1017,41 @@ pipeline {
|
||||
environment name: 'EXIT_STATUS', value: ''
|
||||
}
|
||||
steps {
|
||||
echo "Pushing New tag for current commit ${META_TAG}"
|
||||
sh '''curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
|
||||
-d '{"tag":"'${META_TAG}'",\
|
||||
"object": "'${COMMIT_SHA}'",\
|
||||
"message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to main",\
|
||||
"type": "commit",\
|
||||
"tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' '''
|
||||
echo "Pushing New release for Tag"
|
||||
sh '''#! /bin/bash
|
||||
echo "Auto-generating release notes"
|
||||
if [ "$(git tag --points-at HEAD)" != "" ]; then
|
||||
echo "Existing tag points to current commit, suggesting no new LS changes"
|
||||
AUTO_RELEASE_NOTES="No changes"
|
||||
else
|
||||
AUTO_RELEASE_NOTES=$(curl -fsL -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github+json" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases/generate-notes \
|
||||
-d '{"tag_name":"'${META_TAG}'",\
|
||||
"target_commitish": "main"}' \
|
||||
| jq -r '.body' | sed 's|## What.s Changed||')
|
||||
fi
|
||||
echo "Pushing New tag for current commit ${META_TAG}"
|
||||
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \
|
||||
-d '{"tag":"'${META_TAG}'",\
|
||||
"object": "'${COMMIT_SHA}'",\
|
||||
"message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to main",\
|
||||
"type": "commit",\
|
||||
"tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}'
|
||||
echo "Pushing New release for Tag"
|
||||
echo "Updating external repo packages to ${EXT_RELEASE_CLEAN}" > releasebody.json
|
||||
echo '{"tag_name":"'${META_TAG}'",\
|
||||
"target_commitish": "main",\
|
||||
"name": "'${META_TAG}'",\
|
||||
"body": "**CI Report:**\\n\\n'${CI_URL:-N/A}'\\n\\n**LinuxServer Changes:**\\n\\n'${LS_RELEASE_NOTES}'\\n\\n**Remote Changes:**\\n\\n' > start
|
||||
printf '","draft": false,"prerelease": false}' >> releasebody.json
|
||||
paste -d'\\0' start releasebody.json > releasebody.json.done
|
||||
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done'''
|
||||
jq -n \
|
||||
--arg tag_name "$META_TAG" \
|
||||
--arg target_commitish "main" \
|
||||
--arg ci_url "${CI_URL:-N/A}" \
|
||||
--arg ls_notes "$AUTO_RELEASE_NOTES" \
|
||||
--arg remote_notes "$(cat releasebody.json)" \
|
||||
'{
|
||||
"tag_name": $tag_name,
|
||||
"target_commitish": $target_commitish,
|
||||
"name": $tag_name,
|
||||
"body": ("**CI Report:**\\n\\n" + $ci_url + "\\n\\n**LinuxServer Changes:**\\n\\n" + $ls_notes + "\\n\\n**Remote Changes:**\\n\\n" + $remote_notes),
|
||||
"draft": false,
|
||||
"prerelease": false }' > releasebody.json.done
|
||||
curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done
|
||||
'''
|
||||
}
|
||||
}
|
||||
// Add protection to the release branch
|
||||
|
||||
@ -85,6 +85,8 @@ services:
|
||||
- ALLOW_START=0 #optional
|
||||
- ALLOW_STOP=0 #optional
|
||||
- ALLOW_RESTARTS=0 #optional
|
||||
- ALLOW_PAUSE=0 #optional
|
||||
- ALLOW_UNPAUSE=0 #optional
|
||||
- AUTH=0 #optional
|
||||
- BUILD=0 #optional
|
||||
- COMMIT=0 #optional
|
||||
@ -127,6 +129,8 @@ docker run -d \
|
||||
-e ALLOW_START=0 `#optional` \
|
||||
-e ALLOW_STOP=0 `#optional` \
|
||||
-e ALLOW_RESTARTS=0 `#optional` \
|
||||
-e ALLOW_PAUSE=0 `#optional` \
|
||||
-e ALLOW_UNPAUSE=0 `#optional` \
|
||||
-e AUTH=0 `#optional` \
|
||||
-e BUILD=0 `#optional` \
|
||||
-e COMMIT=0 `#optional` \
|
||||
@ -169,6 +173,8 @@ Containers are configured using parameters passed at runtime (such as those abov
|
||||
| `-e ALLOW_START=0` | `/containers/{id}/start` - **This option will work even if `POST=0`** |
|
||||
| `-e ALLOW_STOP=0` | `/containers/{id}/stop` - **This option will work even if `POST=0`** |
|
||||
| `-e ALLOW_RESTARTS=0` | `/containers/{id}/stop`, `/containers/{id}/restart`, and `/containers/{id}/kill` - **This option will work even if `POST=0`** |
|
||||
| `-e ALLOW_PAUSE=0` | `/containers/{id}/pause` - **This option will work even if `POST=0`** |
|
||||
| `-e ALLOW_UNPAUSE=0` | `/containers/{id}/unpause` - **This option will work even if `POST=0`** |
|
||||
| `-e AUTH=0` | `/auth` |
|
||||
| `-e BUILD=0` | `/build` |
|
||||
| `-e COMMIT=0` | `/commit` |
|
||||
@ -319,6 +325,8 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
|
||||
|
||||
## Versions
|
||||
|
||||
* **24.02.26:** - Add `ALLOW_PAUSE` and `ALLOW_UNPAUSE`.
|
||||
* **26.12.25:** - Rebase to Alpine 3.23.
|
||||
* **19.08.25:** - Add tzdata for localised logging timestamps.
|
||||
* **03.06.25:** - Rebase to Alpine 3.22. Add RISCV support.
|
||||
* **08.04.25:** - Add `LOG_LEVEL` back.
|
||||
|
||||
@ -16,7 +16,7 @@ repo_vars:
|
||||
- DEV_DOCKERHUB_IMAGE = 'lsiodev/socket-proxy'
|
||||
- PR_DOCKERHUB_IMAGE = 'lspipepr/socket-proxy'
|
||||
- DIST_IMAGE = 'alpine'
|
||||
- DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.22/main/'
|
||||
- DIST_REPO = 'http://dl-cdn.alpinelinux.org/alpine/v3.23/main/'
|
||||
- DIST_REPO_PACKAGES = 'haproxy'
|
||||
- MULTIARCH='true'
|
||||
- CI='true'
|
||||
|
||||
@ -1,21 +1,21 @@
|
||||
NAME VERSION TYPE
|
||||
alpine-baselayout 3.7.0-r0 apk
|
||||
alpine-baselayout-data 3.7.0-r0 apk
|
||||
alpine-keys 2.5-r0 apk
|
||||
alpine-release 3.22.2-r0 apk
|
||||
apk-tools 2.14.9-r3 apk
|
||||
busybox 1.37.0-r19 apk
|
||||
busybox-binsh 1.37.0-r19 apk
|
||||
ca-certificates-bundle 20250911-r0 apk
|
||||
haproxy 3.2.6-r0 apk
|
||||
libapk2 2.14.9-r3 apk
|
||||
libcrypto3 3.5.4-r0 apk
|
||||
libssl3 3.5.4-r0 apk
|
||||
lua5.4-libs 5.4.7-r0 apk
|
||||
musl 1.2.5-r10 apk
|
||||
musl-utils 1.2.5-r10 apk
|
||||
pcre2 10.43-r1 apk
|
||||
scanelf 1.3.8-r1 apk
|
||||
ssl_client 1.37.0-r19 apk
|
||||
tzdata 2025b-r0 apk
|
||||
alpine-baselayout 3.7.1-r8 apk
|
||||
alpine-baselayout-data 3.7.1-r8 apk
|
||||
alpine-keys 2.6-r0 apk
|
||||
alpine-release 3.23.3-r0 apk
|
||||
apk-tools 3.0.3-r1 apk
|
||||
busybox 1.37.0-r30 apk
|
||||
busybox-binsh 1.37.0-r30 apk
|
||||
ca-certificates-bundle 20251003-r0 apk
|
||||
haproxy 3.2.14-r0 apk
|
||||
libapk 3.0.3-r1 apk
|
||||
libcrypto3 3.5.5-r0 apk
|
||||
libssl3 3.5.5-r0 apk
|
||||
lua5.4-libs 5.4.8-r0 apk
|
||||
musl 1.2.5-r21 apk
|
||||
musl-utils 1.2.5-r21 apk
|
||||
pcre2 10.47-r0 apk
|
||||
scanelf 1.3.8-r2 apk
|
||||
ssl_client 1.37.0-r30 apk
|
||||
tzdata 2026a-r0 apk
|
||||
zlib 1.3.1-r2 apk
|
||||
|
||||
@ -92,6 +92,8 @@ full_custom_readme: |
|
||||
- ALLOW_START=0 #optional
|
||||
- ALLOW_STOP=0 #optional
|
||||
- ALLOW_RESTARTS=0 #optional
|
||||
- ALLOW_PAUSE=0 #optional
|
||||
- ALLOW_UNPAUSE=0 #optional
|
||||
- AUTH=0 #optional
|
||||
- BUILD=0 #optional
|
||||
- COMMIT=0 #optional
|
||||
@ -134,6 +136,8 @@ full_custom_readme: |
|
||||
-e ALLOW_START=0 `#optional` \
|
||||
-e ALLOW_STOP=0 `#optional` \
|
||||
-e ALLOW_RESTARTS=0 `#optional` \
|
||||
-e ALLOW_PAUSE=0 `#optional` \
|
||||
-e ALLOW_UNPAUSE=0 `#optional` \
|
||||
-e AUTH=0 `#optional` \
|
||||
-e BUILD=0 `#optional` \
|
||||
-e COMMIT=0 `#optional` \
|
||||
@ -176,6 +180,8 @@ full_custom_readme: |
|
||||
| `-e ALLOW_START=0` | `/containers/{id}/start` - **This option will work even if `POST=0`** |
|
||||
| `-e ALLOW_STOP=0` | `/containers/{id}/stop` - **This option will work even if `POST=0`** |
|
||||
| `-e ALLOW_RESTARTS=0` | `/containers/{id}/stop`, `/containers/{id}/restart`, and `/containers/{id}/kill` - **This option will work even if `POST=0`** |
|
||||
| `-e ALLOW_PAUSE=0` | `/containers/{id}/pause` - **This option will work even if `POST=0`** |
|
||||
| `-e ALLOW_UNPAUSE=0` | `/containers/{id}/unpause` - **This option will work even if `POST=0`** |
|
||||
| `-e AUTH=0` | `/auth` |
|
||||
| `-e BUILD=0` | `/build` |
|
||||
| `-e COMMIT=0` | `/commit` |
|
||||
@ -326,6 +332,8 @@ full_custom_readme: |
|
||||
|
||||
## Versions
|
||||
|
||||
* **24.02.26:** - Add `ALLOW_PAUSE` and `ALLOW_UNPAUSE`.
|
||||
* **26.12.25:** - Rebase to Alpine 3.23.
|
||||
* **19.08.25:** - Add tzdata for localised logging timestamps.
|
||||
* **03.06.25:** - Rebase to Alpine 3.22. Add RISCV support.
|
||||
* **08.04.25:** - Add `LOG_LEVEL` back.
|
||||
|
||||
@ -28,6 +28,8 @@ frontend proxy
|
||||
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/((stop)|(restart)|(kill)) } { env(ALLOW_RESTARTS) -m bool }
|
||||
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/start } { env(ALLOW_START) -m bool }
|
||||
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/stop } { env(ALLOW_STOP) -m bool }
|
||||
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/pause } { env(ALLOW_PAUSE) -m bool }
|
||||
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/containers/[a-zA-Z0-9_.-]+/unpause } { env(ALLOW_UNPAUSE) -m bool }
|
||||
http-request deny unless METH_GET || { env(POST) -m bool }
|
||||
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/auth } { env(AUTH) -m bool }
|
||||
http-request allow if { path,url_dec -m reg -i ^(/v[\d\.]+)?/build } { env(BUILD) -m bool }
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user