Rebase to Alpine 3.18, deprecate armhf

This commit is contained in:
Eric Nemchik 2023-05-25 22:12:06 -05:00
parent f9a5348035
commit 7a6c539527
No known key found for this signature in database
8 changed files with 138 additions and 400 deletions

View File

@ -53,7 +53,6 @@ body:
options:
- x86-64
- arm64
- armhf
validations:
required: true
- type: textarea

View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.17
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:3.18
# set version label
ARG BUILD_DATE
@ -24,7 +24,7 @@ RUN \
openssl-dev \
python3-dev && \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
apk add --no-cache \
fail2ban \
gnupg \
memcached \
@ -45,55 +45,49 @@ RUN \
nginx-mod-stream \
nginx-mod-stream-geoip2 \
nginx-vim \
php81-bcmath \
php81-bz2 \
php81-ctype \
php81-curl \
php81-dom \
php81-exif \
php81-ftp \
php81-gd \
php81-gmp \
php81-iconv \
php81-imap \
php81-intl \
php81-ldap \
php81-mysqli \
php81-mysqlnd \
php81-opcache \
php81-pdo_mysql \
php81-pdo_odbc \
php81-pdo_pgsql \
php81-pdo_sqlite \
php81-pear \
php81-pecl-apcu \
php81-pecl-mailparse \
php81-pecl-memcached \
php81-pecl-redis \
php81-pgsql \
php81-phar \
php81-posix \
php81-soap \
php81-sockets \
php81-sodium \
php81-sqlite3 \
php81-tokenizer \
php81-xmlreader \
php81-xsl \
php81-zip \
php82-bcmath \
php82-bz2 \
php82-dom \
php82-exif \
php82-ftp \
php82-gd \
php82-gmp \
php82-imap \
php82-intl \
php82-ldap \
php82-mysqli \
php82-mysqlnd \
php82-opcache \
php82-pdo_mysql \
php82-pdo_odbc \
php82-pdo_pgsql \
php82-pdo_sqlite \
php82-pear \
php82-pecl-apcu \
php82-pecl-mailparse \
php82-pecl-memcached \
php82-pecl-redis \
php82-pgsql \
php82-posix \
php82-soap \
php82-sockets \
php82-sodium \
php82-sqlite3 \
php82-tokenizer \
php82-xmlreader \
php82-xsl \
whois && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php81-pecl-mcrypt \
php81-pecl-xmlrpc && \
php82-pecl-mcrypt && \
echo "**** install certbot plugins ****" && \
if [ -z ${CERTBOT_VERSION+x} ]; then \
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
fi && \
python3 -m ensurepip && \
pip3 install -U --no-cache-dir \
python3 -m venv /lsiopy && \
pip install -U --no-cache-dir \
pip \
wheel && \
pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
certbot==${CERTBOT_VERSION} \
certbot-dns-acmedns \
certbot-dns-aliyun \

View File

@ -1,6 +1,6 @@
# syntax=docker/dockerfile:1
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.17
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm64v8-3.18
# set version label
ARG BUILD_DATE
@ -24,7 +24,7 @@ RUN \
openssl-dev \
python3-dev && \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
apk add --no-cache \
fail2ban \
gnupg \
memcached \
@ -45,55 +45,49 @@ RUN \
nginx-mod-stream \
nginx-mod-stream-geoip2 \
nginx-vim \
php81-bcmath \
php81-bz2 \
php81-ctype \
php81-curl \
php81-dom \
php81-exif \
php81-ftp \
php81-gd \
php81-gmp \
php81-iconv \
php81-imap \
php81-intl \
php81-ldap \
php81-mysqli \
php81-mysqlnd \
php81-opcache \
php81-pdo_mysql \
php81-pdo_odbc \
php81-pdo_pgsql \
php81-pdo_sqlite \
php81-pear \
php81-pecl-apcu \
php81-pecl-mailparse \
php81-pecl-memcached \
php81-pecl-redis \
php81-pgsql \
php81-phar \
php81-posix \
php81-soap \
php81-sockets \
php81-sodium \
php81-sqlite3 \
php81-tokenizer \
php81-xmlreader \
php81-xsl \
php81-zip \
php82-bcmath \
php82-bz2 \
php82-dom \
php82-exif \
php82-ftp \
php82-gd \
php82-gmp \
php82-imap \
php82-intl \
php82-ldap \
php82-mysqli \
php82-mysqlnd \
php82-opcache \
php82-pdo_mysql \
php82-pdo_odbc \
php82-pdo_pgsql \
php82-pdo_sqlite \
php82-pear \
php82-pecl-apcu \
php82-pecl-mailparse \
php82-pecl-memcached \
php82-pecl-redis \
php82-pgsql \
php82-posix \
php82-soap \
php82-sockets \
php82-sodium \
php82-sqlite3 \
php82-tokenizer \
php82-xmlreader \
php82-xsl \
whois && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php81-pecl-mcrypt \
php81-pecl-xmlrpc && \
php82-pecl-mcrypt && \
echo "**** install certbot plugins ****" && \
if [ -z ${CERTBOT_VERSION+x} ]; then \
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
fi && \
python3 -m ensurepip && \
pip3 install -U --no-cache-dir \
python3 -m venv /lsiopy && \
pip install -U --no-cache-dir \
pip \
wheel && \
pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
pip install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.18/ \
certbot==${CERTBOT_VERSION} \
certbot-dns-acmedns \
certbot-dns-aliyun \

View File

@ -1,186 +0,0 @@
# syntax=docker/dockerfile:1
FROM ghcr.io/linuxserver/baseimage-alpine-nginx:arm32v7-3.17
# set version label
ARG BUILD_DATE
ARG VERSION
ARG CERTBOT_VERSION
LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
LABEL maintainer="nemchik"
# environment settings
ENV DHLEVEL=2048 ONLY_SUBDOMAINS=false AWS_CONFIG_FILE=/config/dns-conf/route53.ini
ENV S6_BEHAVIOUR_IF_STAGE2_FAILS=2
RUN \
echo "**** install build packages ****" && \
apk add --no-cache --virtual=build-dependencies \
build-base \
cargo \
libffi-dev \
libxml2-dev \
libxslt-dev \
openssl-dev \
python3-dev && \
echo "**** install runtime packages ****" && \
apk add --no-cache --upgrade \
fail2ban \
gnupg \
memcached \
nginx-mod-http-brotli \
nginx-mod-http-dav-ext \
nginx-mod-http-echo \
nginx-mod-http-fancyindex \
nginx-mod-http-geoip2 \
nginx-mod-http-headers-more \
nginx-mod-http-image-filter \
nginx-mod-http-perl \
nginx-mod-http-redis2 \
nginx-mod-http-set-misc \
nginx-mod-http-upload-progress \
nginx-mod-http-xslt-filter \
nginx-mod-mail \
nginx-mod-rtmp \
nginx-mod-stream \
nginx-mod-stream-geoip2 \
nginx-vim \
php81-bcmath \
php81-bz2 \
php81-ctype \
php81-curl \
php81-dom \
php81-exif \
php81-ftp \
php81-gd \
php81-gmp \
php81-iconv \
php81-imap \
php81-intl \
php81-ldap \
php81-mysqli \
php81-mysqlnd \
php81-opcache \
php81-pdo_mysql \
php81-pdo_odbc \
php81-pdo_pgsql \
php81-pdo_sqlite \
php81-pear \
php81-pecl-apcu \
php81-pecl-mailparse \
php81-pecl-memcached \
php81-pecl-redis \
php81-pgsql \
php81-phar \
php81-posix \
php81-soap \
php81-sockets \
php81-sodium \
php81-sqlite3 \
php81-tokenizer \
php81-xmlreader \
php81-xsl \
php81-zip \
whois && \
apk add --no-cache --repository=http://dl-cdn.alpinelinux.org/alpine/edge/testing \
php81-pecl-mcrypt \
php81-pecl-xmlrpc && \
echo "**** install certbot plugins ****" && \
if [ -z ${CERTBOT_VERSION+x} ]; then \
CERTBOT_VERSION=$(curl -sL https://pypi.python.org/pypi/certbot/json |jq -r '. | .info.version'); \
fi && \
python3 -m ensurepip && \
pip3 install -U --no-cache-dir \
pip \
wheel && \
pip3 install -U --no-cache-dir --find-links https://wheel-index.linuxserver.io/alpine-3.17/ \
certbot==${CERTBOT_VERSION} \
certbot-dns-acmedns \
certbot-dns-aliyun \
certbot-dns-azure \
certbot-dns-cloudflare \
certbot-dns-cpanel \
certbot-dns-desec \
certbot-dns-digitalocean \
certbot-dns-directadmin \
certbot-dns-dnsimple \
certbot-dns-dnsmadeeasy \
certbot-dns-dnspod \
certbot-dns-do \
certbot-dns-domeneshop \
certbot-dns-duckdns \
certbot-dns-dynu \
certbot-dns-gehirn \
certbot-dns-godaddy \
certbot-dns-google \
certbot-dns-google-domains \
certbot-dns-he \
certbot-dns-hetzner \
certbot-dns-infomaniak \
certbot-dns-inwx \
certbot-dns-ionos \
certbot-dns-linode \
certbot-dns-loopia \
certbot-dns-luadns \
certbot-dns-netcup \
certbot-dns-njalla \
certbot-dns-nsone \
certbot-dns-ovh \
certbot-dns-porkbun \
certbot-dns-rfc2136 \
certbot-dns-route53 \
certbot-dns-sakuracloud \
certbot-dns-standalone \
certbot-dns-transip \
certbot-dns-vultr \
certbot-plugin-gandi \
cryptography \
future \
requests && \
echo "**** enable OCSP stapling from base ****" && \
sed -i \
's|#ssl_stapling on;|ssl_stapling on;|' \
/defaults/nginx/ssl.conf.sample && \
sed -i \
's|#ssl_stapling_verify on;|ssl_stapling_verify on;|' \
/defaults/nginx/ssl.conf.sample && \
sed -i \
's|#ssl_trusted_certificate /config/keys/cert.crt;|ssl_trusted_certificate /config/keys/cert.crt;|' \
/defaults/nginx/ssl.conf.sample && \
echo "**** correct ip6tables legacy issue ****" && \
rm \
/sbin/ip6tables && \
ln -s \
/sbin/ip6tables-nft /sbin/ip6tables && \
echo "**** remove unnecessary fail2ban filters ****" && \
rm \
/etc/fail2ban/jail.d/alpine-ssh.conf && \
echo "**** copy fail2ban default action and filter to /defaults ****" && \
mkdir -p /defaults/fail2ban && \
mv /etc/fail2ban/action.d /defaults/fail2ban/ && \
mv /etc/fail2ban/filter.d /defaults/fail2ban/ && \
echo "**** define allowipv6 to silence warning ****" && \
sed -i 's/#allowipv6 = auto/allowipv6 = auto/g' /etc/fail2ban/fail2ban.conf && \
echo "**** copy proxy confs to /defaults ****" && \
mkdir -p \
/defaults/nginx/proxy-confs && \
curl -o \
/tmp/proxy-confs.tar.gz -L \
"https://github.com/linuxserver/reverse-proxy-confs/tarball/master" && \
tar xf \
/tmp/proxy-confs.tar.gz -C \
/defaults/nginx/proxy-confs --strip-components=1 --exclude=linux*/.editorconfig --exclude=linux*/.gitattributes --exclude=linux*/.github --exclude=linux*/.gitignore --exclude=linux*/LICENSE && \
echo "**** cleanup ****" && \
apk del --purge \
build-dependencies && \
rm -rf \
/tmp/* \
$HOME/.cache \
$HOME/.cargo
# copy local files
COPY root/ /
# ports and volumes
EXPOSE 80 443
VOLUME /config

185
Jenkinsfile vendored
View File

@ -40,7 +40,12 @@ pipeline {
// Setup all the basic environment variables needed for the build
stage("Set ENV Variables base"){
steps{
sh '''docker pull quay.io/skopeo/stable:v1 || : '''
sh '''#! /bin/bash
containers=$(docker ps -aq)
if [[ -n "${containers}" ]]; then
docker stop ${containers}
fi
docker system prune -af --volumes || : '''
script{
env.EXIT_STATUS = ''
env.LS_RELEASE = sh(
@ -158,7 +163,7 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
} else {
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER
}
@ -181,7 +186,7 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
} else {
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA
}
@ -204,12 +209,12 @@ pipeline {
env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME
env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME
if (env.MULTIARCH == 'true') {
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm32v7-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
env.CI_TAGS = 'amd64-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
} else {
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
env.CI_TAGS = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
}
env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-pr-' + env.PULL_REQUEST
env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
env.META_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST
env.EXT_RELEASE_TAG = 'version-' + env.EXT_RELEASE_CLEAN
env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST
env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/'
@ -337,6 +342,8 @@ pipeline {
git clone https://github.com/linuxserver/templates.git ${TEMPDIR}/unraid/templates
if [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-logo.png ]]; then
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-logo.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
elif [[ -f ${TEMPDIR}/unraid/docker-templates/linuxserver.io/img/${CONTAINER_NAME}-icon.png ]]; then
sed -i "s|master/linuxserver.io/img/linuxserver-ls-logo.png|master/linuxserver.io/img/${CONTAINER_NAME}-icon.png|" ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml
fi
if [[ ("${BRANCH_NAME}" == "master") || ("${BRANCH_NAME}" == "main") ]] && [[ (! -f ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml) || ("$(md5sum ${TEMPDIR}/unraid/templates/unraid/${CONTAINER_NAME}.xml | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/${CONTAINER_NAME}.xml | awk '{ print $1 }')") ]]; then
cd ${TEMPDIR}/unraid/templates/
@ -428,8 +435,7 @@ pipeline {
}
steps{
sh '''#! /bin/bash
set -e
PACKAGE_UUID=$(curl -X GET -H "Authorization: Bearer ${SCARF_TOKEN}" https://scarf.sh/api/v1/organizations/linuxserver-ci/packages | jq -r '.[] | select(.name=="linuxserver/swag") | .uuid')
PACKAGE_UUID=$(curl -X GET -H "Authorization: Bearer ${SCARF_TOKEN}" https://scarf.sh/api/v1/organizations/linuxserver-ci/packages | jq -r '.[] | select(.name=="linuxserver/swag") | .uuid' || :)
if [ -z "${PACKAGE_UUID}" ]; then
echo "Adding package to Scarf.sh"
curl -sX POST https://scarf.sh/api/v1/organizations/linuxserver-ci/packages \
@ -509,41 +515,6 @@ pipeline {
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
}
}
stage('Build ARMHF') {
agent {
label 'ARMHF'
}
steps {
echo "Running on node: ${NODE_NAME}"
echo 'Logging into Github'
sh '''#! /bin/bash
echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin
'''
sh "sed -r -i 's|(^FROM .*)|\\1\\n\\nENV LSIO_FIRST_PARTY=true|g' Dockerfile.armhf"
sh "docker buildx build \
--label \"org.opencontainers.image.created=${GITHUB_DATE}\" \
--label \"org.opencontainers.image.authors=linuxserver.io\" \
--label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-swag/packages\" \
--label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-swag\" \
--label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-swag\" \
--label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \
--label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \
--label \"org.opencontainers.image.vendor=linuxserver.io\" \
--label \"org.opencontainers.image.licenses=GPL-3.0-only\" \
--label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \
--label \"org.opencontainers.image.title=Swag\" \
--label \"org.opencontainers.image.description=SWAG - Secure Web Application Gateway (formerly known as letsencrypt, no relation to Let's Encrypt™) sets up an Nginx webserver and reverse proxy with php support and a built-in certbot client that automates free SSL server certificate generation and renewal processes (Let's Encrypt and ZeroSSL). It also contains fail2ban for intrusion prevention.\" \
--no-cache --pull -f Dockerfile.armhf -t ${IMAGE}:arm32v7-${META_TAG} --platform=linux/arm/v7 \
--build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ."
sh "docker tag ${IMAGE}:arm32v7-${META_TAG} ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
retry(5) {
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}"
}
sh '''docker rmi \
${IMAGE}:arm32v7-${META_TAG} \
ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} || :'''
}
}
stage('Build ARM64') {
agent {
label 'ARM64'
@ -574,9 +545,12 @@ pipeline {
retry(5) {
sh "docker push ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}"
}
sh '''docker rmi \
${IMAGE}:arm64v8-${META_TAG} \
ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :'''
sh '''#! /bin/bash
containers=$(docker ps -aq)
if [[ -n "${containers}" ]]; then
docker stop ${containers}
fi
docker system prune -af --volumes || : '''
}
}
}
@ -637,13 +611,6 @@ pipeline {
environment name: 'EXIT_STATUS', value: ''
}
steps {
sh '''#! /bin/bash
echo "Packages were updated. Cleaning up the image and exiting."
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
docker rmi ${IMAGE}:amd64-${META_TAG}
else
docker rmi ${IMAGE}:${META_TAG}
fi'''
script{
env.EXIT_STATUS = 'ABORTED'
}
@ -661,13 +628,6 @@ pipeline {
}
}
steps {
sh '''#! /bin/bash
echo "There are no package updates. Cleaning up the image and exiting."
if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" == "false" ]; then
docker rmi ${IMAGE}:amd64-${META_TAG}
else
docker rmi ${IMAGE}:${META_TAG}
fi'''
script{
env.EXIT_STATUS = 'ABORTED'
}
@ -695,9 +655,7 @@ pipeline {
set -e
docker pull ghcr.io/linuxserver/ci:latest
if [ "${MULTIARCH}" == "true" ]; then
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
fi
docker run --rm \
@ -768,17 +726,6 @@ pipeline {
done
'''
}
sh '''#! /bin/bash
for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
docker rmi \
${DELETEIMAGE}:${META_TAG} \
${DELETEIMAGE}:${EXT_RELEASE_TAG} \
${DELETEIMAGE}:latest || :
if [ -n "${SEMVER}" ]; then
docker rmi ${DELETEIMAGE}:${SEMVER} || :
fi
done
'''
}
}
}
@ -811,8 +758,6 @@ pipeline {
echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin
echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin
if [ "${CI}" == "false" ]; then
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm32v7-${META_TAG}
docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER}
docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG}
fi
@ -820,49 +765,47 @@ pipeline {
docker tag ${IMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG}
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-latest
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
docker tag ${IMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG}
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-latest
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
docker tag ${IMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-latest
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
docker tag ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:amd64-${SEMVER}
docker tag ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${SEMVER}
docker tag ${MANIFESTIMAGE}:arm64v8-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
fi
docker push ${MANIFESTIMAGE}:amd64-${META_TAG}
docker push ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG}
docker push ${MANIFESTIMAGE}:amd64-latest
docker push ${MANIFESTIMAGE}:arm32v7-${META_TAG}
docker push ${MANIFESTIMAGE}:arm32v7-latest
docker push ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG}
docker push ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker push ${MANIFESTIMAGE}:arm64v8-latest
docker push ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
if [ -n "${SEMVER}" ]; then
docker push ${MANIFESTIMAGE}:amd64-${SEMVER}
docker push ${MANIFESTIMAGE}:arm32v7-${SEMVER}
docker push ${MANIFESTIMAGE}:arm64v8-${SEMVER}
fi
docker manifest push --purge ${MANIFESTIMAGE}:latest || :
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:arm64v8-latest
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm32v7-latest --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:amd64-latest ${MANIFESTIMAGE}:arm64v8-latest
docker manifest annotate ${MANIFESTIMAGE}:latest ${MANIFESTIMAGE}:arm64v8-latest --os linux --arch arm64 --variant v8
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG} || :
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm32v7-${META_TAG} --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} --os linux --arch arm64 --variant v8
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} || :
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm32v7-${EXT_RELEASE_TAG} --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG}
docker manifest annotate ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} --os linux --arch arm64 --variant v8
if [ -n "${SEMVER}" ]; then
docker manifest push --purge ${MANIFESTIMAGE}:${SEMVER} || :
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm32v7-${SEMVER} --os linux --arch arm
docker manifest create ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER}
docker manifest annotate ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} --os linux --arch arm64 --variant v8
fi
token=$(curl -sX GET "https://ghcr.io/token?scope=repository%3Alinuxserver%2F${CONTAINER_NAME}%3Apull" | jq -r '.token')
digest=$(curl -s \
--header "Accept: application/vnd.docker.distribution.manifest.v2+json" \
--header "Authorization: Bearer ${token}" \
"https://ghcr.io/v2/linuxserver/${CONTAINER_NAME}/manifests/arm32v7-latest")
if [[ $(echo "$digest" | jq -r '.layers') != "null" ]]; then
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest || :
docker manifest create ${MANIFESTIMAGE}:arm32v7-latest ${MANIFESTIMAGE}:amd64-latest
docker manifest push --purge ${MANIFESTIMAGE}:arm32v7-latest
fi
docker manifest push --purge ${MANIFESTIMAGE}:latest
docker manifest push --purge ${MANIFESTIMAGE}:${META_TAG}
docker manifest push --purge ${MANIFESTIMAGE}:${EXT_RELEASE_TAG}
@ -872,29 +815,6 @@ pipeline {
done
'''
}
sh '''#! /bin/bash
for DELETEIMAGE in "${GITHUBIMAGE}" "${GITLABIMAGE}" "${QUAYIMAGE}" "${IMAGE}"; do
docker rmi \
${DELETEIMAGE}:amd64-${META_TAG} \
${DELETEIMAGE}:amd64-latest \
${DELETEIMAGE}:amd64-${EXT_RELEASE_TAG} \
${DELETEIMAGE}:arm32v7-${META_TAG} \
${DELETEIMAGE}:arm32v7-latest \
${DELETEIMAGE}:arm32v7-${EXT_RELEASE_TAG} \
${DELETEIMAGE}:arm64v8-${META_TAG} \
${DELETEIMAGE}:arm64v8-latest \
${DELETEIMAGE}:arm64v8-${EXT_RELEASE_TAG} || :
if [ -n "${SEMVER}" ]; then
docker rmi \
${DELETEIMAGE}:amd64-${SEMVER} \
${DELETEIMAGE}:arm32v7-${SEMVER} \
${DELETEIMAGE}:arm64v8-${SEMVER} || :
fi
done
docker rmi \
ghcr.io/linuxserver/lsiodev-buildcache:arm32v7-${COMMIT_SHA}-${BUILD_NUMBER} \
ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || :
'''
}
}
}
@ -965,7 +885,6 @@ pipeline {
stage('Pull Request Comment') {
when {
not {environment name: 'CHANGE_ID', value: ''}
environment name: 'CI', value: 'true'
environment name: 'EXIT_STATUS', value: ''
}
steps {
@ -1019,16 +938,24 @@ pipeline {
echo "$escaped_table"
}
# Retrieve JSON data from URL
data=$(get_json "$CI_JSON_URL")
# Create table from JSON data
table=$(build_table "$data")
echo -e "$table"
if [[ "${CI}" = "true" ]]; then
# Retrieve JSON data from URL
data=$(get_json "$CI_JSON_URL")
# Create table from JSON data
table=$(build_table "$data")
echo -e "$table"
curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
-d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}"'''
curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
-d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}"
else
curl -X POST -H "Authorization: token $GITHUB_TOKEN" \
-H "Accept: application/vnd.github.v3+json" \
"https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \
-d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}"
fi
'''
}
}
@ -1055,6 +982,14 @@ pipeline {
}
}
cleanup {
sh '''#! /bin/bash
echo "Performing docker system prune!!"
containers=$(docker ps -aq)
if [[ -n "${containers}" ]]; then
docker stop ${containers}
fi
docker system prune -af --volumes || :
'''
cleanWs()
}
}

View File

@ -56,7 +56,7 @@ The architectures supported by this image are:
| :----: | :----: | ---- |
| x86-64 | ✅ | amd64-\<version tag\> |
| arm64 | ✅ | arm64v8-\<version tag\> |
| armhf | ✅ | arm32v7-\<version tag\> |
| armhf | ❌ | |
## Application Setup
@ -336,6 +336,7 @@ Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64
## Versions
* **25.05.23:** - Rebase to Alpine 3.18, deprecate armhf.
* **27.04.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf, authentik-location.conf, authentik-server.conf - Simplify auth configs and fix Set-Cookie header bug.
* **13.04.23:** - [Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, authelia-location.conf, authentik-location.conf, and site-confs/default.conf - Move ssl.conf include to default.conf. Remove Authorization headers in authelia. Sort proxy_set_header in authelia and authentik.
* **25.03.23:** - Fix renewal post hook.

View File

@ -6,6 +6,7 @@ external_type: pip_version
release_type: stable
release_tag: latest
ls_branch: master
build_armhf: false
repo_vars:
- EXT_PIP = 'certbot'
- BUILD_VERSION_ARG = 'CERTBOT_VERSION'

View File

@ -14,7 +14,6 @@ project_blurb_optional_extras: []
available_architectures:
- { arch: "{{ arch_x86_64 }}", tag: "amd64-latest"}
- { arch: "{{ arch_arm64 }}", tag: "arm64v8-latest"}
- { arch: "{{ arch_armhf }}", tag: "arm32v7-latest"}
# development version
development_versions: false
@ -154,6 +153,7 @@ app_setup_block: |
# changelog
changelogs:
- { date: "25.05.23:", desc: "Rebase to Alpine 3.18, deprecate armhf." }
- { date: "27.04.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) authelia-location.conf, authelia-server.conf, authentik-location.conf, authentik-server.conf - Simplify auth configs and fix Set-Cookie header bug." }
- { date: "13.04.23:", desc: "[Existing users should update:](https://github.com/linuxserver/docker-swag/blob/master/README.md#updating-configs) nginx.conf, authelia-location.conf, authentik-location.conf, and site-confs/default.conf - Move ssl.conf include to default.conf. Remove Authorization headers in authelia. Sort proxy_set_header in authelia and authentik." }
- { date: "25.03.23:", desc: "Fix renewal post hook." }