Georg Lauterbach
2bc4078e35
ci: update to new output format on GH actions ( #2892 )
2022-11-07 09:31:29 +01:00
dependabot[bot]
776b8c1192
chore(deps): Bump docker/setup-qemu-action from 2.0.0 to 2.1.0 ( #2880 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-10-31 18:23:24 +01:00
dependabot[bot]
cfb87d4c86
chore(deps): Bump docker/setup-buildx-action from 2.0.0 to 2.2.1 ( #2879 )
2022-10-31 15:58:17 +01:00
dependabot[bot]
d8f4b74715
chore(deps): Bump docker/metadata-action from 4.1.0 to 4.1.1 ( #2860 )
2022-10-24 19:44:39 +02:00
dependabot[bot]
907fd8b09e
chore(deps): Bump peaceiris/actions-gh-pages from 3.8.0 to 3.9.0 ( #2861 )
2022-10-24 19:42:28 +02:00
dependabot[bot]
b60b4015ab
chore(deps): Bump docker/build-push-action from 3.1.1 to 3.2.0 ( #2835 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-10-17 17:54:27 +00:00
dependabot[bot]
70493092ff
chore(deps): Bump docker/metadata-action from 4.0.1 to 4.1.0 ( #2836 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-17 19:52:35 +02:00
Georg Lauterbach
488b256e95
ci: misc test enhancements ( #2815 )
...
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2022-10-14 09:48:28 +02:00
dependabot[bot]
2da80bd5be
chore(deps): Bump actions/stale from 5 to 6 ( #2800 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 5 to 6.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-26 21:39:07 +02:00
Georg Lauterbach
d6c7c2b3bc
adjusting semver tag of a step in publish workflow ( #2785 )
...
This is a critical fix for https://github.com/docker-mailserver/docker-mailserver/actions/runs/3095956307/jobs/5011369215 so we can properly publish images again.
2022-09-21 20:07:10 +02:00
Georg Lauterbach
7fe6748637
add outputs
to workflow_call
on generic_build
( #2780 )
...
Looking at
https://docs.github.com/en/actions/using-workflows/reusing-workflows#using-outputs-from-a-reusable-workflow ,
we can see that we need to manually set the outputs for a whole generic
workflow. This commit fixes an issue where the cache key was not set
properly as the input was empty (because the output of the previous job
was not actually set).
2022-09-21 10:18:18 +02:00
Georg Lauterbach
32c508aa2a
ci: enhance build process ( #2755 )
...
This new script is a clean way of handling the installation of packages.
I think the huge `RUN` command in `Dockerfile` was hard to read and
maintain.
Using a script is a non-issue, as the image is rebuilt whenever the
script is touched.
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2022-09-21 09:31:28 +02:00
Georg Lauterbach
6113b99881
ci: adjust build arguments ( #2772 )
...
The build arguments `VCS_REF` and `VCS_VER` were renamed and given
proper values according to their names.
1. `VCS_REVISION` holds the current SHA sum of the (git) HEAD pointer
2. `VCS_VERSION` now holds the contents of the `VERSION` file, i.e. a
semver version tag (one can now inspect the image and find a proper
version tag in the `org.opencontainers.image.version` label)
The build arguments were given defaults in order to allow the
`generic_build` and `generic_test` workflows to omit them (as they are
not need there anyways). When publishing images, this is fina as the
cache will rebuild almost all of the image except the last few layers
which are `LABEL`s anyways.
2022-09-16 19:23:33 +02:00
Georg Lauterbach
f8e1bb0f42
ci: improve GitHub Action CI with re-usable workflows ( #2753 )
...
Mew re-usable workflows are introduced to handle building, testing and publishing the container
image in a uniform and easy way. Now, the `scheduled_builds`, `default_on_push`
and a part of the `test_merge_requests` workflow can use the same code
for building, testing and publishing the container images. This is DRY.
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2022-09-09 11:12:17 +02:00
Brennan Kinney
21fbbfabe1
ci: Better build caching for CI ( #2742 )
...
* ci: Cache builds by splitting into two jobs
For the cache to work properly, we need to derive a cache key from the build context (files that affect the Dockerfile build) instead of the cache key changing by commit SHA.
We also need to avoid a test suite failure from preventing the caching of a build, thus splitting into separate jobs.
This first attempt used `upload-artifact` and `download-artifact` to transfer the built image, but it has quite a bit of overhead and prevented multi-platform build (without complicating the workflow further).
* ci: Transfer to dependent job via cache only
While `download-artifact` + `docker load` is a little faster than rebuilding the image from cached layers, `upload-artifact` takes about 2 minutes to upload the AMD64 (330MB) tar image export (likely due to compression during upload?).
The `actions/cache` approach however does not incur that hit and is very quick (<10 secs) to complete it's post upload work. The dependent job still gets a cache-hit, and the build job is able to properly support multi-platform builds.
Added additional notes about timing and size of including ARM builds.
* ci: Move Dockerfile ARG to end of build
When the ARG changes due to commit SHA, it invalidates all cache due to the LABEL layers at the start. Then any RUN layers implicitly invalidate, even when the ARG is not used.
Introduced basic multi-stage build, and relocated the container config / metadata to the end of the build. This avoids invalidating expensive caching layers (size and build time) needlessly.
2022-08-28 11:42:42 +12:00
Georg Lauterbach
8a4329ae9f
scripts: revised linting script ( #2737 )
...
The new version uses our `log.sh` helper to simplify logging
significantly. Moreover, the script was adjusted to the current style
and the GitHub workflow was streamlined. The workflow is ot providing
the version anymore (which was useless anyway), and has been compacted.
2022-08-22 16:22:46 +02:00
dependabot[bot]
2d0f5a0791
chore(deps): Bump docker/build-push-action from 3.1.0 to 3.1.1 ( #2714 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-08 16:37:07 +02:00
dependabot[bot]
73ef30e14c
chore(deps): Bump docker/build-push-action from 3.0.0 to 3.1.0 ( #2694 )
2022-07-25 18:18:37 +02:00
Brennan Kinney
8a0c71bd0c
docs(fix): Update to fix regression causing broken links ( #2681 )
2022-07-15 10:07:45 +12:00
dependabot[bot]
2a590113fd
chore(deps): Bump myrotvorets/set-commit-status-action from 1.1.4 to 1.1.5 ( #2664 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-06-28 09:03:57 +00:00
Frederic Werner
ea8e293dcc
docs(deps): bump mkdocs-material to v8.3.5 ( #2641 )
...
* docs(deps): bump mkdocs-material to v8.3.4
* docs(deps): bump mkdocs-material to v8.3.5
2022-06-15 11:38:32 +12:00
Naveen
13a194466b
chore: Set permissions for GitHub actions ( #2555 )
...
* chore: Set permissions for GitHub actions
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
* Update docs-production-deploy.yml
* added `packages: write` permissions
this is apparently needed by GH so this repository can push new images.
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-05-11 09:51:15 +02:00
dependabot[bot]
28dfb1bd00
chore(deps): Bump docker/setup-qemu-action from 1.2.0 to 2.0.0 ( #2580 )
...
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 1.2.0 to 2.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](https://github.com/docker/setup-qemu-action/compare/v1.2.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-10 18:07:49 +02:00
dependabot[bot]
66949604a2
chore(deps): Bump docker/login-action from 1.14.1 to 2.0.0 ( #2584 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.14.1 to 2.0.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.14.1...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-10 08:46:44 +02:00
dependabot[bot]
fc454b62ba
chore(deps): Bump docker/metadata-action from 3.8.0 to 4.0.1 ( #2581 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.8.0 to 4.0.1.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](https://github.com/docker/metadata-action/compare/v3.8.0...v4.0.1 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-10 08:45:36 +02:00
dependabot[bot]
18f697970f
chore(deps): Bump docker/build-push-action from 2.10.0 to 3.0.0 ( #2582 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2.10.0 to 3.0.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v2.10.0...v3.0.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-10 08:43:00 +02:00
dependabot[bot]
a7c02365ce
chore(deps): Bump docker/setup-buildx-action from 1.7.0 to 2.0.0 ( #2583 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1.7.0 to 2.0.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1.7.0...v2.0.0 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-10 08:32:18 +02:00
dependabot[bot]
94fff05424
chore(deps): Bump docker/setup-buildx-action from 1.6.0 to 1.7.0 ( #2574 )
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](https://github.com/docker/setup-buildx-action/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2022-05-02 15:52:19 +02:00
dependabot[bot]
25678694b5
chore(deps): Bump docker/metadata-action from 3.7.0 to 3.8.0 ( #2573 )
...
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.7.0 to 3.8.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](https://github.com/docker/metadata-action/compare/v3.7.0...v3.8.0 )
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-02 15:24:58 +02:00
dependabot[bot]
3cb5668b6f
chore(deps): Bump docker/metadata-action from 3.6.2 to 3.7.0 ( #2543 )
2022-04-11 21:30:15 +02:00
dependabot[bot]
f3fe454b43
chore(deps): Bump actions/upload-artifact from 2 to 3 ( #2542 )
2022-04-11 16:19:53 +02:00
dependabot[bot]
6553f627e8
chore(deps): Bump actions/stale from 4 to 5 ( #2544 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 4 to 5.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-11 15:29:38 +02:00
dependabot[bot]
7c150402a0
chore(deps): Bump peterjgrainger/action-create-branch ( #2528 )
...
Bumps [peterjgrainger/action-create-branch](https://github.com/peterjgrainger/action-create-branch ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/peterjgrainger/action-create-branch/releases )
- [Commits](https://github.com/peterjgrainger/action-create-branch/compare/v2.1.0...v2.2.0 )
---
updated-dependencies:
- dependency-name: peterjgrainger/action-create-branch
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-05 10:43:58 +12:00
Frederic Werner
7655c788ee
docs(deps): bump mkdocs-material to v8.2.8 ( #2516 )
2022-03-31 14:21:43 +02:00
dependabot[bot]
00dffb21f0
chore(deps): Bump actions/cache from 2.1.7 to 3 ( #2502 )
2022-03-21 18:43:58 +01:00
dependabot[bot]
0dc80e6d13
chore(deps): Bump docker/build-push-action from 2.9.0 to 2.10.0 ( #2501 )
2022-03-21 15:03:38 +01:00
dependabot[bot]
542c1f4e8d
chore(deps): bump docker/login-action from 1.14.0 to 1.14.1 ( #2471 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.14.0 to 1.14.1.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.14.0...v1.14.1 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2022-03-09 11:59:00 +13:00
dependabot[bot]
bf7fba68bd
chore(deps): bump actions/checkout from 2 to 3 ( #2470 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Frederic Werner <20406381+wernerfred@users.noreply.github.com>
2022-03-09 11:57:01 +13:00
dependabot[bot]
59712122ff
chore(deps): bump docker/login-action from 1.13.0 to 1.14.0 ( #2442 )
2022-02-28 22:17:22 +01:00
dependabot[bot]
6d6a3de47b
chore(deps): bump docker/login-action from 1.12.0 to 1.13.0 ( #2427 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.12.0...v1.13.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Casper <casperklein@users.noreply.github.com>
2022-02-22 08:37:44 +13:00
Frederic Werner
358df6ada2
docs(deps): bump mkdocs-material to v8.2.1 ( #2422 )
...
* docs(deps): bump mkdocs-material to v8.2.1
* feat(docs): enable mermaid integration
Configuration based on https://squidfunk.github.io/mkdocs-material/reference/diagrams/?h=mermaid#configuration
* fix: allow yaml value mapping
* chore: Adopt mkdocs-material mermaid integration support
Supported by the docs generator now, we no longer need to rely on external image generator or live editor link (both relied on large base64 encoding of mermaid markup). SVG will be rendered by docs now, although a little different style (can be fixed with custom CSS).
Co-authored-by: Brennan Kinney <5098581+polarathene@users.noreply.github.com>
2022-02-19 21:26:56 +01:00
dependabot[bot]
7b21db77cc
chore(deps): bump docker/build-push-action from 2.8.0 to 2.9.0 ( #2399 )
...
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](https://github.com/docker/build-push-action/compare/v2.8.0...v2.9.0 )
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-07 16:57:22 +01:00
dependabot[bot]
b2b701a478
chore(deps): bump docker/build-push-action from 2.7.0 to 2.8.0 ( #2376 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-24 20:28:14 +01:00
Frederic Werner
4f6db41d03
docs(deps): bump mkdocs-material to v8.1.7 ( #2374 )
2022-01-20 10:45:23 +01:00
Frederic Werner
c6b6f680f5
docs(deps): bump mkdocs-material to v8.1.6 ( #2368 )
2022-01-12 18:10:18 +01:00
dependabot[bot]
014dddafbc
chore(deps): bump peterjgrainger/action-create-branch ( #2345 )
2021-12-27 21:54:10 +01:00
dependabot[bot]
6dd2c1d5d6
chore(deps): bump docker/login-action from 1.11.0 to 1.12.0 ( #2346 )
2021-12-27 21:27:02 +01:00
Casper
d46e094280
Remove quotes to meet style guidelines ( #2330 )
...
Co-authored-by: Georg Lauterbach <44545919+georglauterbach@users.noreply.github.com>
2021-12-21 17:01:40 +01:00
Brennan Kinney
bdb770a0aa
ci(fix): Do not trust user controlled input ( #2337 )
...
The prepare workflow runs in an untrusted context already and thus should not have anything worthwhile to exploit.
However care should still be taken to avoid interpolating expressions into shell scripts directly that is data a user can control the value of. Especially to avoid any maintainer referencing an existing workflow from copying a risky snippet unaware of different security contexts for workflows.
In this case, as per Github Documentation and referenced issue comment, the PR title is user controllable data, which if directly interpolated into the shell script being run (as it previously was), allows for injecting commands to execute.
2021-12-21 21:46:09 +13:00
dependabot[bot]
ce4bc8a2bd
chore(deps): bump docker/login-action from 1.10.0 to 1.11.0 ( #2335 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.10.0 to 1.11.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v1.10.0...v1.11.0 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-20 15:57:02 +01:00