merge dev -> main (1.0.0) (#96)

* skip manual config step * better ux * eslint * cleanup * update protobufs (#88) * feat: config polling (#86) * CI: fix re-creating manifests * chore: log version with git commit hash on startup (#89) * update protobufs (#90) * Rework instance config fetching (#91) * instance config fetching rework * update protobufs * add teonite link (#92) * add link * noreferrer * add defguard link * Basic nix flake without rust * Flake update * enable ARMv7 build (#93) Co-authored-by: Maciej Wójcik <[email protected]> * Make a pre-release and release docker build workflow (#94) * split builds * fix vergen * add flavor to build-docker workflow * bump version to 1.0.0 (#95) --------- Co-authored-by: Robert Olejnik <[email protected]> Co-authored-by: Jacek Chmielewski <[email protected]> Co-authored-by: Adam Ciarciński <[email protected]> Co-authored-by: Maciek <[email protected]> Co-authored-by: Maciej Wójcik <[email protected]>
DefGuard · Nov 5, 2024 · 44d968f · 44d968f
1 parent ba1cc4e
commit 44d968f
Show file tree

Hide file tree

Showing 29 changed files with 548 additions and 75 deletions.
diff --git a/.github/workflows/build-docker.yml b/.github/workflows/build-docker.yml
@@ -7,6 +7,10 @@ on:
         description: "List of tags as key-value pair attributes"
         required: false
         type: string
+      flavor:
+        description: "List of flavors as key-value pair attributes"
+        required: false
+        type: string
 
 env:
   GHCR_REPO: ghcr.io/defguard/defguard-proxy
@@ -19,12 +23,17 @@ jobs:
       - ${{ matrix.runner }}
     strategy:
       matrix:
-        cpu: [arm64, amd64]
+        cpu: [arm64, amd64, arm/v7]
         include:
           - cpu: arm64
             runner: ARM64
+            tag: arm64
           - cpu: amd64
             runner: X64
+            tag: amd64
+          - cpu: arm/v7
+            runner: ARM
+            tag: armv7
     steps:
       - name: Checkout
         uses: actions/checkout@v4
@@ -49,7 +58,7 @@ jobs:
           platforms: linux/${{ matrix.cpu }}
           provenance: false
           push: true
-          tags: ${{ env.GHCR_REPO }}:${{ github.sha }}-${{ matrix.cpu }}
+          tags: "${{ env.GHCR_REPO }}:${{ github.sha }}-${{ matrix.tag }}"
           cache-from: type=gha
           cache-to: type=gha,mode=max
 
@@ -63,6 +72,7 @@ jobs:
         with:
           images: |
             ${{ env.GHCR_REPO }}
+          flavor: ${{ inputs.flavor }}
           tags: ${{ inputs.tags }}
       - name: Login to GitHub container registry
         uses: docker/login-action@v3
@@ -75,6 +85,7 @@ jobs:
           tags='${{ env.GHCR_REPO }}:${{ github.sha }} ${{ steps.meta.outputs.tags }}'
           for tag in ${tags}
           do
-            docker manifest create --amend ${tag} ${{ env.GHCR_REPO }}:${{ github.sha }}-amd64 ${{ env.GHCR_REPO }}:${{ github.sha }}-arm64
+            docker manifest rm ${tag} || true
+            docker manifest create ${tag} ${{ env.GHCR_REPO }}:${{ github.sha }}-amd64 ${{ env.GHCR_REPO }}:${{ github.sha }}-arm64 ${{ env.GHCR_REPO }}:${{ github.sha }}-armv7
             docker manifest push ${tag}
           done
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -10,7 +10,12 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  build-latest:
+  build-docker-release:
+    # Ignore tags with -, like v1.0.0-alpha
+    # This job will build the docker container with the "latest" tag which
+    # is a tag used in production, thus it should only be run for full releases.
+    if: startsWith(github.ref, 'refs/tags/') && !contains(github.ref, '-')
+    name: Build Release Docker image
     uses: ./.github/workflows/build-docker.yml
     with:
       tags: |
@@ -19,6 +24,20 @@ jobs:
         type=semver,pattern={{major}}.{{minor}}
         type=sha
 
+  build-docker-prerelease:
+    # Only build tags with -, like v1.0.0-alpha
+    if: startsWith(github.ref, 'refs/tags/') && contains(github.ref, '-')
+    name: Build Pre-release Docker image
+    uses: ./.github/workflows/build-docker.yml
+    with:
+      tags: |
+        type=raw,value=pre-release
+        type=semver,pattern={{version}}
+        type=sha
+      # Explicitly disable latest tag. It will be added otherwise.
+      flavor: |
+        latest=false
+
   create-release:
     name: create-release
     runs-on: self-hosted