Introducing the repository secret (#18)

* fixes #17
* corrections and adjustments

.editorconfig

@@ -1,33 +1,36 @@
+# –––––––––––––––––––––––––––––––––––––––––––––––
+# ––– General –––––––––––––––––––––––––––––––––––
+# ––– https://editorconfig.org ––––––––––––––––––
+# –––––––––––––––––––––––––––––––––––––––––––––––
+
 root = true
 
 [*]
 charset = utf-8
 end_of_line = lf
-trim_trailing_whitespace = true
+indent_style = space
 insert_final_newline = true
+trim_trailing_whitespace = true
 
-[*.md]
-indent_style = space
-trim_trailing_whitespace = false
+# –––––––––––––––––––––––––––––––––––––––––––––––
+# ––– Specific ––––––––––––––––––––––––––––––––––
+# –––––––––––––––––––––––––––––––––––––––––––––––
 
-[*.{yaml,yml}]
-indent_style = space
+[*.{yaml,yml,sh,bats}]
 indent_size = 2
 
 [Makefile]
 indent_style = tab
 indent_size = 4
 
-[Dockerfile]
-indent_style = space
-indent_size = 2
+[*.md]
+trim_trailing_whitespace = false
 
-[*.{sh,bats}]
-indent_style = space
-indent_size = 2
+# –––––––––––––––––––––––––––––––––––––––––––––––
+# ––– Git Submodules ––––––––––––––––––––––––––––
+# –––––––––––––––––––––––––––––––––––––––––––––––
 
-# directories created by git submodules
-[{test/bats/**,test/test_helper/bats-assert/**,test/test_helper/bats-support/**,target/docker-configomat/**}]
+[{test/bats/**,test/test_helper/**,target/docker-configomat/**}]
 indent_style = none
 indent_size = none
 end_of_line = none

.github/workflows/close_stale_issues.yml

@@ -8,7 +8,8 @@ jobs:
   stale:
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/stale@v3
+      - name: Close stale issues
+        uses: actions/stale@v3
         with:
           repo-token: ${{ secrets.GITHUB_TOKEN }}
           days-before-stale: 1 # TODO just for testing purposes, otherwise (20)

.github/workflows/default_on_push.yml

@@ -53,7 +53,7 @@ jobs:
       - name: Prepare tags
         id: prep
         run: |
-          DOCKER_IMAGE=docker.io/mailserver/docker-mailserver
+          DOCKER_IMAGE=${{ secrets.DOCKER_REPOSITORY }}
           VERSION=latest
           [[ $GITHUB_REF == refs/tags/* ]] && VERSION=${GITHUB_REF#refs/tags/v}
           [[ $GITHUB_REF == 'refs/heads/stable' ]] && VERSION=stable

.github/workflows/scheduled_builds.yml

@@ -16,7 +16,7 @@ jobs:
       - name: Prepare
         id: prep
         run: |
-          TAGS="docker.io/mailserver/docker-mailserver:stable"
+          TAGS=${{ secrets.DOCKER_REPOSITORY }}:stable
           echo ::set-output name=tags::${TAGS}
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v1
@@ -38,6 +38,5 @@ jobs:
             VCS_REF=${{ github.sha }}
             VCS_VER=${{ github.ref }}
           platforms: linux/amd64,linux/arm/v7,linux/arm64
-          pull: true
           push: true
           tags: ${{ steps.prep.outputs.tags }}

Dockerfile

@@ -38,13 +38,13 @@ RUN \
   apt-get -y install apt-utils &>/dev/null && \
   apt-get -y install postfix >/dev/null && \
   apt-get -y --no-install-recommends install \
-  # A - E
+  # A - D
   altermime amavisd-new apt-transport-https arj binutils bzip2 \
   dovecot-core dovecot-imapd dovecot-ldap dovecot-lmtpd \
   dovecot-managesieved dovecot-pop3d dovecot-sieve dovecot-solr \
-  dumb-init ca-certificates cabextract clamav clamav-daemon cpio curl ed \
-  # F - O
-  fail2ban fetchmail file gamin gnupg gzip iproute2 iptables \
+  dumb-init ca-certificates cabextract clamav clamav-daemon cpio curl \
+  # E - O
+  ed fail2ban fetchmail file gamin gnupg gzip iproute2 iptables \
   locales logwatch lhasa libdate-manip-perl liblz4-tool \
   libmail-spf-perl libnet-dns-perl libsasl2-modules lrzip lzop \
   netcat-openbsd nomarch opendkim opendkim-tools opendmarc \
@@ -73,7 +73,7 @@ RUN \
   rm -rf /var/log/clamav/
 
 # –––––––––––––––––––––––––––––––––––––––––––––––
-# ––– Dovecot –––––––––––––––––––––––––––––––––––
+# ––– Dovecot & MkCert ––––––––––––––––––––––––––
 # –––––––––––––––––––––––––––––––––––––––––––––––
 
 COPY target/dovecot/auth-passwdfile.inc target/dovecot/??-*.conf /etc/dovecot/conf.d/
@@ -95,7 +95,6 @@ RUN \
   sed -i 's/KEYDIR=.*/KEYDIR=\/etc\/dovecot\/ssl/g' /usr/share/dovecot/mkcert.sh && \
   sed -i 's/KEYFILE=.*/KEYFILE=\$KEYDIR\/dovecot.key/g' /usr/share/dovecot/mkcert.sh && \
   sed -i 's/RANDFILE.*//g' /usr/share/dovecot/dovecot-openssl.cnf && \
-  # create directory for certificates required by mkcert
   mkdir /etc/dovecot/ssl && \
   chmod 755 /etc/dovecot/ssl && \
   ./mkcert.sh 2>&1 >/dev/null && \
@@ -156,13 +155,13 @@ RUN \
   sed -i -r 's/#(@|   \\%)bypass/\1bypass/g' /etc/amavis/conf.d/15-content_filter_mode && \
   adduser clamav amavis >/dev/null && \
   adduser amavis clamav >/dev/null && \
-  # no syslog user in debian compared to ubuntu
+  # no syslog user in Debian compared to Ubuntu
   adduser --system syslog >/dev/null && \
   useradd -u 5000 -d /home/docker -s /bin/bash -p "$(echo docker | openssl passwd -1 -stdin)" docker >/dev/null && \
   echo "0 4 * * * /usr/local/bin/virus-wiper" | crontab - && \
   chmod 644 /etc/amavis/conf.d/*
 
-RUN su - amavis -c "razor-admin -create && razor-admin -register"
+RUN su - amavis -c "razor-admin -create && sleep 3 && razor-admin -register"
 
 # –––––––––––––––––––––––––––––––––––––––––––––––
 # ––– Fail2Ban, DKIM & DMARC ––––––––––––––––––––
@@ -180,7 +179,7 @@ COPY target/opendmarc/default-opendmarc /etc/default/opendmarc
 COPY target/opendmarc/ignore.hosts /etc/opendmarc/ignore.hosts
 
 RUN \
-  # switch iptables and ip6tables to legacy for fail2ban
+  # switch iptables and ip6tables to legacy for Fail2Ban
   update-alternatives --set iptables /usr/sbin/iptables-legacy && \
   update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy
 
@@ -225,12 +224,12 @@ RUN \
   sed -i -r '/postrotate/,/endscript/d' /etc/logrotate.d/clamav-freshclam && \
   sed -i -r 's|/var/log/mail|/var/log/mail/mail|g' /etc/logrotate.d/rsyslog && \
   sed -i -r '/\/var\/log\/mail\/mail.log/d' /etc/logrotate.d/rsyslog && \
-  # prevent syslog logrotate warnings \
+  # prevent syslog logrotate warnings
   sed -i -e 's/\(printerror "could not determine current runlevel"\)/#\1/' /usr/sbin/invoke-rc.d && \
   sed -i -e 's/^\(POLICYHELPER=\).*/\1/' /usr/sbin/invoke-rc.d && \
   # prevent syslog warning about imklog permissions
   sed -i -e 's/^module(load=\"imklog\")/#module(load=\"imklog\")/' /etc/rsyslog.conf && \
-  # prevent email when /sbin/init or init system is not existing \
+  # prevent email when /sbin/init or init system is not existing
   sed -i -e 's|invoke-rc.d rsyslog rotate > /dev/null|/usr/bin/supervisorctl signal hup rsyslog >/dev/null|g' /usr/lib/rsyslog/rsyslog-rotate
 
 # –––––––––––––––––––––––––––––––––––––––––––––––

Makefile

@@ -1,6 +1,6 @@
 SHELL = /bin/bash
 
-NAME    ?= docker.io/mailserver/testing:local
+NAME    ?= mailserver-testing:ci
 VCS_REF := $(shell git rev-parse --short HEAD)
 VCS_VER := $(shell git describe --tags --contains --always)
 
@@ -27,7 +27,7 @@ clean:
 # remove running and stopped test containers
 	-@ [[ -d config.bak ]] && { rm -rf config ; mv config.bak config ; } || :
 	-@ [[ -d testconfig.bak ]] && { sudo rm -rf test/config ; mv testconfig.bak test/config ; } || :
-	-@ docker ps -a | grep -E "testing:local|ldap_for_mail|mail_override_hostname" | cut -f 1-1 -d ' ' | xargs --no-run-if-empty docker rm -f
+	-@ docker ps -a | grep -E "mail|ldap_for_mail|mail_overri.*" | cut -f 1-1 -d ' ' | xargs --no-run-if-empty docker rm -f
 	-@ sudo rm -rf test/onedir test/alias test/quota test/relay test/config/dovecot-lmtp/userdb test/config/key* test/config/opendkim/keys/domain.tld/ test/config/opendkim/keys/example.com/ test/config/opendkim/keys/localdomain2.com/ test/config/postfix-aliases.cf test/config/postfix-receive-access.cf test/config/postfix-receive-access.cfe test/config/dovecot-quotas.cf test/config/postfix-send-access.cf test/config/postfix-send-access.cfe test/config/relay-hosts/chksum test/config/relay-hosts/postfix-aliases.cf test/config/dhparams.pem test/config/dovecot-lmtp/dh.pem test/config/relay-hosts/dovecot-quotas.cf test/config/user-patches.sh test/alias/config/postfix-virtual.cf test/quota/config/dovecot-quotas.cf test/quota/config/postfix-accounts.cf test/relay/config/postfix-relaymap.cf test/relay/config/postfix-sasl-password.cf test/duplicate_configs/
 
 # –––––––––––––––––––––––––––––––––––––––––––––––

setup.sh

@@ -103,9 +103,9 @@ Usage: ${0} [-i IMAGE_NAME] [-c CONTAINER_NAME] <subcommand> <subcommand> [args]
 
 OPTIONS:
 
-  -i IMAGE_NAME     The name of the docker-mailserver image, by default
-                    'mailserver/docker-mailserver:latest' for docker, and
-                    'docker.io/mailserver/docker-mailserver:latest' for podman.
+  -i IMAGE_NAME     The name of the docker-mailserver image
+                    The default value is
+                    'docker.io/mailserver/docker-maiserver:latest'
 
   -c CONTAINER_NAME The name of the running container.
 
@@ -223,7 +223,7 @@ function _main
 
   if [[ -z ${IMAGE_NAME} ]]
   then
-      IMAGE_NAME=${NAME:-'docker.io/mailserver/docker-mailserver:latest'}
+    IMAGE_NAME=${NAME:-docker.io/mailserver/docker-mailserver:latest}
   fi
 
   if test -t 0

test/test_helper/common.bash

@@ -3,7 +3,7 @@
 load 'test_helper/bats-support/load'
 load 'test_helper/bats-assert/load'
 
-NAME=${NAME:-'docker.io/mailserver/testing:latest'}
+NAME=${NAME:-mailserver-testing:ci}
 
 # default timeout is 120 seconds
 TEST_TIMEOUT_IN_SECONDS=${TEST_TIMEOUT_IN_SECONDS-120}