diff --git a/.dockerignore b/.dockerignore index 41c6b10..34f666e 100644 --- a/.dockerignore +++ b/.dockerignore @@ -1,4 +1,5 @@ Dockerfile +buildx.Dockerfile docker-compose.yml README.md .env diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..c6c9d42 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,46 @@ +name: Release `Auth Proxy` + +on: + push: + tags: + - v* + +jobs: + release: + runs-on: ubuntu-latest + env: + GO_VERSION: stable + CGO_ENABLED: 0 + + steps: + # https://github.com/marketplace/actions/checkout + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + + # https://github.com/marketplace/actions/setup-go-environment + - name: Set up Go ${{ env.GO_VERSION }} + uses: actions/setup-go@v5 + with: + go-version: ${{ env.GO_VERSION }} + + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Login to Docker Hub + uses: docker/login-action@v3 + with: + username: ${{ secrets.DOCKER_USERNAME }} + password: ${{ secrets.DOCKER_PASSWORD }} + + # https://goreleaser.com/ci/actions/ + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v5 + with: + version: latest + args: release --clean + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN_REPO }} diff --git a/.goreleaser.yml b/.goreleaser.yml index b0e0989..cca0c51 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -22,7 +22,7 @@ builds: - arm goarm: - 7 - binary: '{{ .ProjectName }}_v{{ .Version }}' + binary: '{{ .ProjectName }}' archives: - format: tar.gz @@ -37,7 +37,7 @@ archives: - goos: windows format: zip files: - - ./web + - web - LICENSE changelog: @@ -46,4 +46,90 @@ changelog: exclude: - "^docs:" - "^test:" - - '^chore:' + - "^chore:" + - "^build:" + - "^build(deps):" + +# https://goreleaser.com/cookbooks/multi-platform-docker-images/ +docker_manifests: + - name_template: 'wengchaoxi/auth-proxy:{{ .Tag }}' + image_templates: + - 'wengchaoxi/auth-proxy:{{ .Tag }}-amd64' + - 'wengchaoxi/auth-proxy:{{ .Tag }}-arm64' + - 'wengchaoxi/auth-proxy:{{ .Tag }}-armv7' + - name_template: 'wengchaoxi/auth-proxy:latest' + image_templates: + - 'wengchaoxi/auth-proxy:latest-amd64' + - 'wengchaoxi/auth-proxy:latest-arm64' + - 'wengchaoxi/auth-proxy:latest-armv7' + +dockers: + - use: buildx + goos: linux + goarch: amd64 + dockerfile: buildx.Dockerfile + image_templates: + - 'wengchaoxi/auth-proxy:{{ .Tag }}-amd64' + - 'wengchaoxi/auth-proxy:latest-amd64' + build_flag_templates: + - '--pull' + # https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys + - '--label=org.opencontainers.image.title={{.ProjectName}}' + - '--label=org.opencontainers.image.description=A minimalist reverse proxy service for web service authentication' + - '--label=org.opencontainers.image.source={{.GitURL}}' + - '--label=org.opencontainers.image.url={{.GitURL}}' + - '--label=org.opencontainers.image.documentation={{.GitURL}}' + - '--label=org.opencontainers.image.created={{.Date}}' + - '--label=org.opencontainers.image.revision={{.FullCommit}}' + - '--label=org.opencontainers.image.version={{.Version}}' + - '--platform=linux/amd64' + extra_files: + - web + - LICENSE + + - use: buildx + goos: linux + goarch: arm64 + dockerfile: buildx.Dockerfile + image_templates: + - 'wengchaoxi/auth-proxy:{{ .Tag }}-arm64' + - 'wengchaoxi/auth-proxy:latest-arm64' + build_flag_templates: + - '--pull' + # https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys + - '--label=org.opencontainers.image.title={{.ProjectName}}' + - '--label=org.opencontainers.image.description=A minimalist reverse proxy service for web service authentication' + - '--label=org.opencontainers.image.source={{.GitURL}}' + - '--label=org.opencontainers.image.url={{.GitURL}}' + - '--label=org.opencontainers.image.documentation={{.GitURL}}' + - '--label=org.opencontainers.image.created={{.Date}}' + - '--label=org.opencontainers.image.revision={{.FullCommit}}' + - '--label=org.opencontainers.image.version={{.Version}}' + - '--platform=linux/arm64' + extra_files: + - web + - LICENSE + + - use: buildx + goos: linux + goarch: arm + goarm: '7' + dockerfile: buildx.Dockerfile + image_templates: + - 'wengchaoxi/auth-proxy:{{ .Tag }}-armv7' + - 'wengchaoxi/auth-proxy:latest-armv7' + build_flag_templates: + - '--pull' + # https://github.com/opencontainers/image-spec/blob/main/annotations.md#pre-defined-annotation-keys + - '--label=org.opencontainers.image.title={{.ProjectName}}' + - '--label=org.opencontainers.image.description=A minimalist reverse proxy service for web service authentication' + - '--label=org.opencontainers.image.source={{.GitURL}}' + - '--label=org.opencontainers.image.url={{.GitURL}}' + - '--label=org.opencontainers.image.documentation={{.GitURL}}' + - '--label=org.opencontainers.image.created={{.Date}}' + - '--label=org.opencontainers.image.revision={{.FullCommit}}' + - '--label=org.opencontainers.image.version={{.Version}}' + - '--platform=linux/arm/v7' + extra_files: + - web + - LICENSE diff --git a/buildx.Dockerfile b/buildx.Dockerfile new file mode 100644 index 0000000..df00145 --- /dev/null +++ b/buildx.Dockerfile @@ -0,0 +1,17 @@ +# syntax=docker/dockerfile:1 +FROM golang:1.22-alpine AS builder +RUN apk --no-cache --no-progress add ca-certificates tzdata \ + && update-ca-certificates \ + && rm -rf /var/cache/apk/* + +FROM scratch +COPY --from=builder /usr/share/zoneinfo /usr/share/zoneinfo +COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/ + +WORKDIR /app +COPY auth-proxy ./ +COPY web ./web +COPY LICENSE ./ + +EXPOSE 18000 +ENTRYPOINT ["/app/auth-proxy"]