curben
/
cloudflared-mirror
mirror of https://github.com/cloudflare/cloudflared.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

maggie's changes (#1)

This commit is contained in:
Markis Taylor 2023-04-04 22:12:08 -04:00 committed by GitHub
parent 5e37a65dac
commit e3117223ed
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 107 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

96
.github/workflows/fetch-upstream.yaml vendored Normal file
View File

@ -0,0 +1,96 @@
name: "Fetch upstream changes and create tags"
on:
workflow_dispatch:
env:
REGISTRY: ghcr.io
IMAGE_NAME: maggie0002/cloudflared
jobs:
fetch-and-tag:
name: "Fetch upstream changes and create tags"
runs-on: "ubuntu-latest"
outputs:
output1: ${{ steps.fetch_and_tag_step.outputs.current_tag }}
steps:
- uses: actions/checkout@v3
with:
fetch-depth: 0
token: ${{secrets.TAP}}
- name: Fetch upstream and rebase
run: |
git config user.email "41898282+github-actions[bot]@users.noreply.github.com" && \
git config user.name "GitHub Workflow" && \
git remote add upstream https://github.com/cloudflare/cloudflared.git && \
git fetch --tags upstream && \
git rebase upstream/master
- name: Get and store latest tag as output variable
id: fetch_and_tag_step
run: |
echo $(git log --tags --simplify-by-decoration --pretty="format:%D" --reverse -n1 | cut -d" " -f2 | sed '$s/,$//') && \
latest_tag=$(git log --tags --simplify-by-decoration --pretty="format:%D" --reverse -n1 | cut -d" " -f2 | sed '$s/,$//') && \
echo "latest_tag=$(git log --tags --simplify-by-decoration --pretty="format:%D" --reverse -n1 | cut -d" " -f2 | sed '$s/,$//')" >> "$GITHUB_ENV" && \
echo "::set-output name=current_tag::$latest_tag"
- name: If a new tag from CloudFlare
if: ${{ !endsWith(env.latest_tag, '-ma') }}
run: |
git tag "${{env.latest_tag}}-ma"
- name: Push changes
run: |
git push origin master --tags -f
build-and-push:
name: "Build and publish images"
runs-on: ubuntu-latest
needs: [fetch-and-tag]
if: ${{ !endsWith(needs.fetch-and-tag.outputs.output1, '-ma') }}
permissions:
contents: read
packages: write
steps:
- name: Checkout repository based on tag
uses: actions/checkout@v3
with:
fetch-depth: 0
ref: ${{ needs.fetch-and-tag.outputs.output1 }}
- name: Rebase the custom build on to this tag
run: |
git config user.email "41898282+github-actions[bot]@users.noreply.github.com" && \
git config user.name "GitHub Workflow" && \
git merge origin/base -m "Merge Docker build files"
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v1
- name: Available platforms
run: echo ${{ steps.buildx.outputs.platforms }}
- name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push Docker image
uses: docker/build-push-action@v2
with:
context: .
file: ./Dockerfile
platforms: linux/amd64,linux/arm64,linux/arm/v7,linux/arm/v6
push: true
tags: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ needs.fetch-and-tag.outputs.output1 }},${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest
cache-from: type=gha
cache-to: type=gha,mode=max

18
Dockerfile
View File

@ -6,7 +6,9 @@ ENV GO111MODULE=on \
CGO_ENABLED=0 \ CGO_ENABLED=0 \
TARGET_GOOS=${TARGET_GOOS} \ TARGET_GOOS=${TARGET_GOOS} \
TARGET_GOARCH=${TARGET_GOARCH} TARGET_GOARCH=${TARGET_GOARCH}
LABEL org.opencontainers.image.source="https://github.com/cloudflare/cloudflared"
WORKDIR /go/src/github.com/cloudflare/cloudflared/ WORKDIR /go/src/github.com/cloudflare/cloudflared/
# copy our sources into the builder image # copy our sources into the builder image
@ -15,17 +17,15 @@ COPY . .
# compile cloudflared # compile cloudflared
RUN make cloudflared RUN make cloudflared
# use a distroless base image with glibc # use an empty image, and rely on GoLang to manage binaries
FROM gcr.io/distroless/base-debian11:nonroot FROM scratch
LABEL org.opencontainers.image.source="https://github.com/cloudflare/cloudflared" LABEL org.opencontainers.image.source="https://github.com/cloudflare/cloudflared"
# copy our compiled binary # copy required files into the container
COPY --from=builder --chown=nonroot /go/src/github.com/cloudflare/cloudflared/cloudflared /usr/local/bin/ COPY --from=builder /go/src/github.com/cloudflare/cloudflared/cloudflared .
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ca-certificates.crt
# run as non-privileged user
USER nonroot
# command / entrypoint of container # command / entrypoint of container
ENTRYPOINT ["cloudflared", "--no-autoupdate"] ENTRYPOINT ["./cloudflared", "--no-autoupdate"]
CMD ["version"] CMD ["version"]

3
Makefile
View File

@ -35,7 +35,8 @@ ifeq ($(FIPS), true)
VERSION_FLAGS := $(VERSION_FLAGS) -X "main.BuildType=FIPS" VERSION_FLAGS := $(VERSION_FLAGS) -X "main.BuildType=FIPS"
endif endif
LDFLAGS := -ldflags='$(VERSION_FLAGS) $(LINK_FLAGS)' LDFLAGS := -ldflags='$(VERSION_FLAGS) $(LINK_FLAGS) -s -w'
ifneq ($(GO_BUILD_TAGS),) ifneq ($(GO_BUILD_TAGS),)
GO_BUILD_TAGS := -tags "$(GO_BUILD_TAGS)" GO_BUILD_TAGS := -tags "$(GO_BUILD_TAGS)"
endif endif