diff --git a/.editorconfig b/.editorconfig deleted file mode 100644 index 5f150f35..00000000 --- a/.editorconfig +++ /dev/null @@ -1,20 +0,0 @@ -# This file is globally distributed to all container image projects from -# https://github.com/linuxserver/docker-jenkins-builder/blob/master/.editorconfig - -# top-most EditorConfig file -root = true - -# Unix-style newlines with a newline ending every file -[*] -end_of_line = lf -insert_final_newline = true -# trim_trailing_whitespace may cause unintended issues and should not be globally set true -trim_trailing_whitespace = false - -[{Dockerfile*,**.yml}] -indent_style = space -indent_size = 2 - -[{**.sh,root/etc/s6-overlay/s6-rc.d/**,root/etc/cont-init.d/**,root/etc/services.d/**}] -indent_style = space -indent_size = 4 diff --git a/.github/CONTRIBUTING.md b/.github/CONTRIBUTING.md deleted file mode 100644 index ae1a9b52..00000000 --- a/.github/CONTRIBUTING.md +++ /dev/null @@ -1,123 +0,0 @@ -# Contributing to baseimage-alpine - -## Gotchas - -* While contributing make sure to make all your changes before creating a Pull Request, as our pipeline builds each commit after the PR is open. -* Read, and fill the Pull Request template - * If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR - * If the PR is addressing an existing issue include, closes #\, in the body of the PR commit message -* If you want to discuss changes, you can also bring it up in [#dev-talk](https://discordapp.com/channels/354974912613449730/757585807061155840) in our [Discord server](https://linuxserver.io/discord) - -## Common files - -| File | Use case | -| :----: | --- | -| `Dockerfile` | Dockerfile used to build amd64 images | -| `Dockerfile.aarch64` | Dockerfile used to build 64bit ARM architectures | -| `Dockerfile.armhf` | Dockerfile used to build 32bit ARM architectures | -| `Jenkinsfile` | This file is a product of our builder and should not be edited directly. This is used to build the image | -| `jenkins-vars.yml` | This file is used to generate the `Jenkinsfile` mentioned above, it only affects the build-process | -| `package_versions.txt` | This file is generated as a part of the build-process and should not be edited directly. It lists all the installed packages and their versions | -| `README.md` | This file is a product of our builder and should not be edited directly. This displays the readme for the repository and image registries | -| `readme-vars.yml` | This file is used to generate the `README.md` | - -## Readme - -If you would like to change our readme, please __**do not**__ directly edit the readme, as it is auto-generated on each commit. -Instead edit the [readme-vars.yml](https://github.com/linuxserver/docker-baseimage-alpine/edit/3.22/readme-vars.yml). - -These variables are used in a template for our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) as part of an ansible play. -Most of these variables are also carried over to [docs.linuxserver.io](https://docs.linuxserver.io) - -### Fixing typos or clarify the text in the readme - -There are variables for multiple parts of the readme, the most common ones are: - -| Variable | Description | -| :----: | --- | -| `project_blurb` | This is the short excerpt shown above the project logo. | -| `app_setup_block` | This is the text that shows up under "Application Setup" if enabled | - -### Parameters - -The compose and run examples are also generated from these variables. - -We have a [reference file](https://github.com/linuxserver/docker-jenkins-builder/blob/master/vars/_container-vars-blank) in our Jenkins Builder. - -These are prefixed with `param_` for required parameters, or `opt_param` for optional parameters, except for `cap_add`. -Remember to enable param, if currently disabled. This differs between parameters, and can be seen in the reference file. - -Devices, environment variables, ports and volumes expects its variables in a certain way. - -### Devices - -```yml -param_devices: - - { device_path: "/dev/dri", device_host_path: "/dev/dri", desc: "For hardware transcoding" } -opt_param_devices: - - { device_path: "/dev/dri", device_host_path: "/dev/dri", desc: "For hardware transcoding" } -``` - -### Environment variables - -```yml -param_env_vars: - - { env_var: "TZ", env_value: "Europe/London", desc: "Specify a timezone to use EG Europe/London." } -opt_param_env_vars: - - { env_var: "VERSION", env_value: "latest", desc: "Supported values are LATEST, PLEXPASS or a specific version number." } -``` - -### Ports - -```yml -param_ports: - - { external_port: "80", internal_port: "80", port_desc: "Application WebUI" } -opt_param_ports: - - { external_port: "80", internal_port: "80", port_desc: "Application WebUI" } -``` - -### Volumes - -```yml -param_volumes: - - { vol_path: "/config", vol_host_path: "", desc: "Configuration files." } -opt_param_volumes: - - { vol_path: "/config", vol_host_path: "", desc: "Configuration files." } -``` - -### Testing template changes - -After you make any changes to the templates, you can use our [Jenkins Builder](https://github.com/linuxserver/docker-jenkins-builder) to have the files updated from the modified templates. Please use the command found under `Running Locally` [on this page](https://github.com/linuxserver/docker-jenkins-builder/blob/master/README.md) to generate them prior to submitting a PR. - -## Dockerfiles - -We use multiple Dockerfiles in our repos, this is because sometimes some CPU architectures needs different packages to work. -If you are proposing additional packages to be added, ensure that you added the packages to all the Dockerfiles in alphabetical order. - -### Testing your changes - -```bash -git clone https://github.com/linuxserver/docker-baseimage-alpine.git -cd docker-baseimage-alpine -docker build \ - --no-cache \ - --pull \ - -t linuxserver/baseimage-alpine:latest . -``` - -The ARM variants can be built on x86_64 hardware and vice versa using `lscr.io/linuxserver/qemu-static` - -```bash -docker run --rm --privileged lscr.io/linuxserver/qemu-static --reset -``` - -Once registered you can define the dockerfile to use with `-f Dockerfile.aarch64`. - -## Update the changelog - -If you are modifying the Dockerfiles or any of the startup scripts in [root](https://github.com/linuxserver/docker-baseimage-alpine/tree/3.22/root), add an entry to the changelog - -```yml -changelogs: - - { date: "DD.MM.YY:", desc: "Added some love to templates" } -``` diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml deleted file mode 100644 index 7eaac771..00000000 --- a/.github/FUNDING.yml +++ /dev/null @@ -1,2 +0,0 @@ -github: linuxserver -open_collective: linuxserver diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml deleted file mode 100644 index dada5509..00000000 --- a/.github/ISSUE_TEMPLATE/config.yml +++ /dev/null @@ -1,13 +0,0 @@ -blank_issues_enabled: false -contact_links: - - name: Discord chat support - url: https://linuxserver.io/discord - about: Realtime support / chat with the community and the team. - - - name: Discourse discussion forum - url: https://discourse.linuxserver.io - about: Post on our community forum. - - - name: Documentation - url: https://docs.linuxserver.io - about: Documentation - information about all of our containers. diff --git a/.github/ISSUE_TEMPLATE/issue.bug.yml b/.github/ISSUE_TEMPLATE/issue.bug.yml deleted file mode 100644 index 21933238..00000000 --- a/.github/ISSUE_TEMPLATE/issue.bug.yml +++ /dev/null @@ -1,68 +0,0 @@ -# Based on the issue template -name: Bug report -description: Create a report to help us improve -title: "[BUG] " -labels: [Bug] -body: - - type: checkboxes - attributes: - label: Is there an existing issue for this? - description: Please search to see if an issue already exists for the bug you encountered. - options: - - label: I have searched the existing issues - required: true - - type: textarea - attributes: - label: Current Behavior - description: Tell us what happens instead of the expected behavior. - validations: - required: true - - type: textarea - attributes: - label: Expected Behavior - description: Tell us what should happen. - validations: - required: false - - type: textarea - attributes: - label: Steps To Reproduce - description: Steps to reproduce the behavior. - placeholder: | - 1. In this environment... - 2. With this config... - 3. Run '...' - 4. See error... - validations: - required: true - - type: textarea - attributes: - label: Environment - description: | - examples: - - **OS**: Ubuntu 20.04 - - **How docker service was installed**: distro's packagemanager - value: | - - OS: - - How docker service was installed: - render: markdown - validations: - required: false - - type: textarea - attributes: - label: Docker creation - description: | - Command used to create docker container - Provide your docker create/run command or compose yaml snippet, or a screenshot of settings if using a gui to create the container - render: bash - validations: - required: true - - type: textarea - attributes: - description: | - Provide a full docker log, output of "docker logs baseimage-alpine" - label: Container logs - placeholder: | - Output of `docker logs baseimage-alpine` - render: bash - validations: - required: true diff --git a/.github/ISSUE_TEMPLATE/issue.feature.yml b/.github/ISSUE_TEMPLATE/issue.feature.yml deleted file mode 100644 index 099dcdb5..00000000 --- a/.github/ISSUE_TEMPLATE/issue.feature.yml +++ /dev/null @@ -1,31 +0,0 @@ -# Based on the issue template -name: Feature request -description: Suggest an idea for this project -title: "[FEAT] <title>" -labels: [enhancement] -body: - - type: checkboxes - attributes: - label: Is this a new feature request? - description: Please search to see if a feature request already exists. - options: - - label: I have searched the existing issues - required: true - - type: textarea - attributes: - label: Wanted change - description: Tell us what you want to happen. - validations: - required: true - - type: textarea - attributes: - label: Reason for change - description: Justify your request, why do you want it, what is the benefit. - validations: - required: true - - type: textarea - attributes: - label: Proposed code change - description: Do you have a potential code change in mind? - validations: - required: false diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md deleted file mode 100644 index e5cf4d95..00000000 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ /dev/null @@ -1,43 +0,0 @@ -<!--- Provide a general summary of your changes in the Title above --> - -[linuxserverurl]: https://linuxserver.io -[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)][linuxserverurl] - - -<!--- Before submitting a pull request please check the following --> - -<!--- If this is a fix for a typo (in code, documentation, or the README) please file an issue and let us sort it out. We do not need a PR --> -<!--- Ask yourself if this modification is something the whole userbase will benefit from, if this is a specific change for corner case functionality or plugins please look at making a Docker Mod or local script https://blog.linuxserver.io/2019/09/14/customizing-our-containers/ --> -<!--- That if the PR is addressing an existing issue include, closes #<issue number> , in the body of the PR commit message --> -<!--- You have included links to any files / patches etc your PR may be using in the body of the PR commit message --> -<!--- We maintain a changelog of major revisions to the container at the end of readme-vars.yml in the root of this repository, please add your changes there if appropriate --> - - -<!--- Coding guidelines: --> -<!--- 1. Installed packages in the Dockerfiles should be in alphabetical order --> -<!--- 2. Changes to Dockerfile should be replicated in Dockerfile.armhf and Dockerfile.aarch64 if applicable --> -<!--- 3. Indentation style (tabs vs 4 spaces vs 1 space) should match the rest of the document --> -<!--- 4. Readme is auto generated from readme-vars.yml, make your changes there --> - ------------------------------- - - - [ ] I have read the [contributing](https://github.com/linuxserver/docker-baseimage-alpine/blob/3.22/.github/CONTRIBUTING.md) guideline and understand that I have made the correct modifications - ------------------------------- - -<!--- We welcome all PR’s though this doesn’t guarantee it will be accepted. --> - -## Description: -<!--- Describe your changes in detail --> - -## Benefits of this PR and context: -<!--- Please explain why we should accept this PR. If this fixes an outstanding bug, please reference the issue # --> - -## How Has This Been Tested? -<!--- Please describe in detail how you tested your changes. --> -<!--- Include details of your testing environment, and the tests you ran to --> -<!--- see how your change affects other areas of the code, etc. --> - - -## Source / References: -<!--- Please include any forum posts/github links relevant to the PR --> diff --git a/.github/workflows/build_docker.yml b/.github/workflows/build_docker.yml new file mode 100644 index 00000000..4d3fec4d --- /dev/null +++ b/.github/workflows/build_docker.yml @@ -0,0 +1,73 @@ +name: Build and Push Docker Image to GHCR + +# 触发条件:推送到 main 分支 或 推送版本标签 (例如 v1.0.0) +on: + push: + branches: [ "main" ] + tags: [ "v*.*.*" ] + # 允许手动触发 + workflow_dispatch: + +env: + REGISTRY: ghcr.io + # 镜像名称会自动使用你的 GitHub 仓库名,格式为 ghcr.io/OWNER/REPO + IMAGE_NAME: ${{ github.repository }} + +jobs: + build-and-push: + runs-on: ubuntu-latest + # 关键:为 GITHUB_TOKEN 设置写 packages 的权限 + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # 设置 QEMU,为构建多架构镜像做准备(如 amd64, arm64) + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + # 设置 Docker Buildx,这是使用高级构建功能(如缓存、多架构)的基础 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + # 登录到 GitHub Container Registry + - name: Log in to GHCR + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + # 提取 Docker 元数据,自动生成智能的 tags 和 labels + # 例如:推 main 分支会生成 tag `main`,推 v1.2.3 标签会生成 `v1.2.3` 和 `latest` + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=semver,pattern={{version}} + type=ref,event=branch + type=sha,format=short + + # 构建并推送 Docker 镜像 + - name: Build and push Docker image + uses: docker/build-push-action@v6 + with: + context: . + # 指定 Dockerfile 路径,默认是 ./Dockerfile + file: ./Dockerfile + # 是否推送,PR 事件通常不推送 + push: true + # 使用上一步 meta 生成的 tags + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + # 利用 GitHub Actions 缓存来加速构建 + cache-from: type=gha + cache-to: type=gha,mode=max + # 如果需要构建多架构镜像,取消下面的注释并指定平台 + # platforms: linux/amd64,linux/arm64 \ No newline at end of file diff --git a/.github/workflows/build_docker_nodejs.yml b/.github/workflows/build_docker_nodejs.yml new file mode 100644 index 00000000..5d0b8b92 --- /dev/null +++ b/.github/workflows/build_docker_nodejs.yml @@ -0,0 +1,73 @@ +name: Build Docker-Nodejs + +# 触发条件:推送到 main 分支 或 推送版本标签 (例如 v1.0.0) +on: + push: + branches: [ "main" ] + tags: [ "v*.*.*" ] + # 允许手动触发 + workflow_dispatch: + +env: + REGISTRY: ghcr.io + # 镜像名称会自动使用你的 GitHub 仓库名,格式为 ghcr.io/OWNER/REPO + IMAGE_NAME: ${{ github.repository }}-nodejs + +jobs: + build-and-push: + runs-on: ubuntu-latest + # 关键:为 GITHUB_TOKEN 设置写 packages 的权限 + permissions: + contents: read + packages: write + + steps: + - name: Checkout repository + uses: actions/checkout@v4 + + # 设置 QEMU,为构建多架构镜像做准备(如 amd64, arm64) + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + + # 设置 Docker Buildx,这是使用高级构建功能(如缓存、多架构)的基础 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + # 登录到 GitHub Container Registry + - name: Log in to GHCR + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ github.actor }} + password: ${{ secrets.GITHUB_TOKEN }} + + # 提取 Docker 元数据,自动生成智能的 tags 和 labels + # 例如:推 main 分支会生成 tag `main`,推 v1.2.3 标签会生成 `v1.2.3` 和 `latest` + - name: Extract Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} + tags: | + type=raw,value=latest,enable={{is_default_branch}} + type=semver,pattern={{version}} + type=ref,event=branch + type=sha,format=short + + # 构建并推送 Docker 镜像 + - name: Build and push Docker image + uses: docker/build-push-action@v6 + with: + context: . + # 指定 Dockerfile 路径,默认是 ./Dockerfile + file: ./Dockerfile-20.20-alpine3.23 + # 是否推送,PR 事件通常不推送 + push: true + # 使用上一步 meta 生成的 tags + tags: ${{ steps.meta.outputs.tags }} + labels: ${{ steps.meta.outputs.labels }} + # 利用 GitHub Actions 缓存来加速构建 + cache-from: type=gha + cache-to: type=gha,mode=max + # 如果需要构建多架构镜像,取消下面的注释并指定平台 + # platforms: linux/amd64,linux/arm64 \ No newline at end of file diff --git a/.github/workflows/call_issue_pr_tracker.yml b/.github/workflows/call_issue_pr_tracker.yml deleted file mode 100644 index d07cf121..00000000 --- a/.github/workflows/call_issue_pr_tracker.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Issue & PR Tracker - -on: - issues: - types: [opened,reopened,labeled,unlabeled,closed] - pull_request_target: - types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed] - pull_request_review: - types: [submitted,edited,dismissed] - -permissions: - contents: read - -jobs: - manage-project: - permissions: - issues: write - uses: linuxserver/github-workflows/.github/workflows/issue-pr-tracker.yml@v1 - secrets: inherit diff --git a/.github/workflows/call_issues_cron.yml b/.github/workflows/call_issues_cron.yml deleted file mode 100644 index 283ef140..00000000 --- a/.github/workflows/call_issues_cron.yml +++ /dev/null @@ -1,16 +0,0 @@ -name: Mark stale issues and pull requests -on: - schedule: - - cron: '9 11 * * *' - workflow_dispatch: - -permissions: - contents: read - -jobs: - stale: - permissions: - issues: write - pull-requests: write - uses: linuxserver/github-workflows/.github/workflows/issues-cron.yml@v1 - secrets: inherit diff --git a/.github/workflows/external_trigger.yml b/.github/workflows/external_trigger.yml deleted file mode 100644 index 7ae0c623..00000000 --- a/.github/workflows/external_trigger.yml +++ /dev/null @@ -1,28 +0,0 @@ -name: External Trigger Main - -on: - workflow_dispatch: - -permissions: - contents: read - -jobs: - external-trigger-3-22: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4.1.1 - - - name: External Trigger - if: github.ref == 'refs/heads/3.22' - env: - SKIP_EXTERNAL_TRIGGER: ${{ vars.SKIP_EXTERNAL_TRIGGER }} - run: | - printf "# External trigger for docker-baseimage-alpine\n\n" >> $GITHUB_STEP_SUMMARY - echo "Type is \`os\`" >> $GITHUB_STEP_SUMMARY - echo "No external release, exiting" >> $GITHUB_STEP_SUMMARY - exit 0 - if grep -q "^baseimage-alpine_3.22_${EXT_RELEASE}" <<< "${SKIP_EXTERNAL_TRIGGER}"; then - echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY - echo "> Github organizational variable \`SKIP_EXTERNAL_TRIGGER\` matches current external release; skipping trigger." >> $GITHUB_STEP_SUMMARY - exit 0 - fi diff --git a/.github/workflows/external_trigger_scheduler.yml b/.github/workflows/external_trigger_scheduler.yml deleted file mode 100644 index 2ca6ddfb..00000000 --- a/.github/workflows/external_trigger_scheduler.yml +++ /dev/null @@ -1,48 +0,0 @@ -name: External Trigger Scheduler - -on: - schedule: - - cron: '20 * * * *' - workflow_dispatch: - -permissions: - contents: read - -jobs: - external-trigger-scheduler: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4.1.1 - with: - fetch-depth: '0' - - - name: External Trigger Scheduler - run: | - printf "# External trigger scheduler for docker-baseimage-alpine\n\n" >> $GITHUB_STEP_SUMMARY - printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY - for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes) - do - if [[ "${br}" == "HEAD" ]]; then - printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY - continue - fi - printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY - ls_jenkins_vars=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-baseimage-alpine/${br}/jenkins-vars.yml) - ls_branch=$(echo "${ls_jenkins_vars}" | yq -r '.ls_branch') - ls_trigger=$(echo "${ls_jenkins_vars}" | yq -r '.external_type') - if [[ "${br}" == "${ls_branch}" ]] && [[ "${ls_trigger}" != "os" ]]; then - echo "Branch appears to be live and trigger is not os; checking workflow." >> $GITHUB_STEP_SUMMARY - if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-baseimage-alpine/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then - echo "Triggering external trigger workflow for branch." >> $GITHUB_STEP_SUMMARY - curl -iX POST \ - -H "Authorization: token ${{ secrets.CR_PAT }}" \ - -H "Accept: application/vnd.github.v3+json" \ - -d "{\"ref\":\"refs/heads/${br}\"}" \ - https://api.github.com/repos/linuxserver/docker-baseimage-alpine/actions/workflows/external_trigger.yml/dispatches - else - echo "Skipping branch due to no external trigger workflow present." >> $GITHUB_STEP_SUMMARY - fi - else - echo "Skipping branch due to being detected as dev branch or having no external version." >> $GITHUB_STEP_SUMMARY - fi - done diff --git a/.github/workflows/greetings.yml b/.github/workflows/greetings.yml deleted file mode 100644 index 3a23a449..00000000 --- a/.github/workflows/greetings.yml +++ /dev/null @@ -1,19 +0,0 @@ -name: Greetings - -on: [pull_request_target, issues] - -permissions: - contents: read - -jobs: - greeting: - permissions: - issues: write - pull-requests: write - runs-on: ubuntu-latest - steps: - - uses: actions/first-interaction@v1 - with: - issue-message: 'Thanks for opening your first issue here! Be sure to follow the relevant issue templates, or risk having this issue marked as invalid.' - pr-message: 'Thanks for opening this pull request! Be sure to follow the [pull request template](https://github.com/linuxserver/docker-baseimage-alpine/blob/3.22/.github/PULL_REQUEST_TEMPLATE.md)!' - repo-token: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/package_trigger_scheduler.yml b/.github/workflows/package_trigger_scheduler.yml deleted file mode 100644 index 760cbbbe..00000000 --- a/.github/workflows/package_trigger_scheduler.yml +++ /dev/null @@ -1,103 +0,0 @@ -name: Package Trigger Scheduler - -on: - schedule: - - cron: '15 13 * * 6' - workflow_dispatch: - -permissions: - contents: read - -jobs: - package-trigger-scheduler: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4.1.1 - with: - fetch-depth: '0' - - - name: Package Trigger Scheduler - env: - SKIP_PACKAGE_TRIGGER: ${{ vars.SKIP_PACKAGE_TRIGGER }} - run: | - printf "# Package trigger scheduler for docker-baseimage-alpine\n\n" >> $GITHUB_STEP_SUMMARY - printf "Found the branches:\n\n%s\n" "$(git for-each-ref --format='- %(refname:lstrip=3)' refs/remotes)" >> $GITHUB_STEP_SUMMARY - for br in $(git for-each-ref --format='%(refname:lstrip=3)' refs/remotes) - do - if [[ "${br}" == "HEAD" ]]; then - printf "\nSkipping %s.\n" ${br} >> $GITHUB_STEP_SUMMARY - continue - fi - printf "\n## Evaluating \`%s\`\n\n" ${br} >> $GITHUB_STEP_SUMMARY - JENKINS_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-baseimage-alpine/${br}/jenkins-vars.yml) - if ! curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-baseimage-alpine/${br}/Jenkinsfile >/dev/null 2>&1; then - echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY - echo "> No Jenkinsfile found. Branch is either deprecated or is an early dev branch." >> $GITHUB_STEP_SUMMARY - skipped_branches="${skipped_branches}${br} " - elif [[ "${br}" == $(yq -r '.ls_branch' <<< "${JENKINS_VARS}") ]]; then - echo "Branch appears to be live; checking workflow." >> $GITHUB_STEP_SUMMARY - README_VARS=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-baseimage-alpine/${br}/readme-vars.yml) - if [[ $(yq -r '.project_deprecation_status' <<< "${README_VARS}") == "true" ]]; then - echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY - echo "> Branch appears to be deprecated; skipping trigger." >> $GITHUB_STEP_SUMMARY - skipped_branches="${skipped_branches}${br} " - elif [[ $(yq -r '.skip_package_check' <<< "${JENKINS_VARS}") == "true" ]]; then - echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY - echo "> Skipping branch ${br} due to \`skip_package_check\` being set in \`jenkins-vars.yml\`." >> $GITHUB_STEP_SUMMARY - skipped_branches="${skipped_branches}${br} " - elif grep -q "^baseimage-alpine_${br}" <<< "${SKIP_PACKAGE_TRIGGER}"; then - echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY - echo "> Github organizational variable \`SKIP_PACKAGE_TRIGGER\` contains \`baseimage-alpine_${br}\`; skipping trigger." >> $GITHUB_STEP_SUMMARY - skipped_branches="${skipped_branches}${br} " - elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-baseimage-alpine/job/${br}/lastBuild/api/json | jq -r '.building' 2>/dev/null) == "true" ]; then - echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY - echo "> There already seems to be an active build on Jenkins; skipping package trigger for ${br}" >> $GITHUB_STEP_SUMMARY - skipped_branches="${skipped_branches}${br} " - else - echo "> [!NOTE]" >> $GITHUB_STEP_SUMMARY - echo "> Triggering package trigger for branch ${br}" >> $GITHUB_STEP_SUMMARY - printf "> To disable, add \`baseimage-alpine_%s\` into the Github organizational variable \`SKIP_PACKAGE_TRIGGER\`.\n\n" "${br}" >> $GITHUB_STEP_SUMMARY - triggered_branches="${triggered_branches}${br} " - response=$(curl -iX POST \ - https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-baseimage-alpine/job/${br}/buildWithParameters?PACKAGE_CHECK=true \ - --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|") - if [[ -z "${response}" ]]; then - echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY - echo "> Jenkins build could not be triggered. Skipping branch." - continue - fi - echo "Jenkins [job queue url](${response%$'\r'})" >> $GITHUB_STEP_SUMMARY - echo "Sleeping 10 seconds until job starts" >> $GITHUB_STEP_SUMMARY - sleep 10 - buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url') - buildurl="${buildurl%$'\r'}" - echo "Jenkins job [build url](${buildurl})" >> $GITHUB_STEP_SUMMARY - echo "Attempting to change the Jenkins job description" >> $GITHUB_STEP_SUMMARY - if ! curl -ifX POST \ - "${buildurl}submitDescription" \ - --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} \ - --data-urlencode "description=GHA package trigger https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}" \ - --data-urlencode "Submit=Submit"; then - echo "> [!WARNING]" >> $GITHUB_STEP_SUMMARY - echo "> Unable to change the Jenkins job description." - fi - sleep 20 - fi - else - echo "Skipping branch ${br} due to being detected as dev branch." >> $GITHUB_STEP_SUMMARY - fi - done - if [[ -n "${triggered_branches}" ]] || [[ -n "${skipped_branches}" ]]; then - if [[ -n "${triggered_branches}" ]]; then - NOTIFY_BRANCHES="**Triggered:** ${triggered_branches} \n" - NOTIFY_BUILD_URL="**Build URL:** https://ci.linuxserver.io/blue/organizations/jenkins/Docker-Pipeline-Builders%2Fdocker-baseimage-alpine/activity/ \n" - echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****" - fi - if [[ -n "${skipped_branches}" ]]; then - NOTIFY_BRANCHES="${NOTIFY_BRANCHES}**Skipped:** ${skipped_branches} \n" - fi - echo "**** Notifying Discord ****" - curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://cdn.discordapp.com/avatars/354986384542662657/df91181b3f1cf0ef1592fbe18e0962d7.png","embeds": [{"color": 9802903, - "description": "**Package Check Build(s) for baseimage-alpine** \n'"${NOTIFY_BRANCHES}"''"${NOTIFY_BUILD_URL}"'"}], - "username": "Github Actions"}' ${{ secrets.DISCORD_WEBHOOK }} - fi diff --git a/.github/workflows/permissions.yml b/.github/workflows/permissions.yml deleted file mode 100644 index 02e1bdb9..00000000 --- a/.github/workflows/permissions.yml +++ /dev/null @@ -1,12 +0,0 @@ -name: Permission check -on: - pull_request_target: - paths: - - '**/run' - - '**/finish' - - '**/check' - - 'root/migrations/*' - -jobs: - permission_check: - uses: linuxserver/github-workflows/.github/workflows/init-svc-executable-permissions.yml@v1 diff --git a/Dockerfile b/Dockerfile index 09a6635a..c3532e63 100644 --- a/Dockerfile +++ b/Dockerfile @@ -50,7 +50,7 @@ ARG MODS_VERSION="v3" ARG PKG_INST_VERSION="v1" ARG LSIOWN_VERSION="v1" ARG WITHCONTENV_VERSION="v1" -LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}" +LABEL build_version="fbicloud version:- ${VERSION} Build-date:- ${BUILD_DATE}" LABEL maintainer="TheLamer" ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/docker-mods.${MODS_VERSION}" "/docker-mods" diff --git a/Dockerfile-20.20-alpine3.23 b/Dockerfile-20.20-alpine3.23 new file mode 100644 index 00000000..c3532e63 --- /dev/null +++ b/Dockerfile-20.20-alpine3.23 @@ -0,0 +1,102 @@ +# syntax=docker/dockerfile:1 + +FROM alpine:3.21 AS rootfs-stage + +ARG S6_OVERLAY_VERSION="3.2.1.0" +ARG ROOTFS=/root-out +ARG REL=v3.22 +ARG ARCH=x86_64 +ARG MIRROR=http://dl-cdn.alpinelinux.org/alpine +ARG PACKAGES=alpine-baselayout,\ +alpine-keys,\ +apk-tools,\ +busybox,\ +libc-utils + +# install packages +RUN \ + apk add --no-cache \ + bash \ + xz + +# build rootfs +RUN \ + mkdir -p "${ROOTFS}/etc/apk" && \ + { \ + echo "${MIRROR}/${REL}/main"; \ + echo "${MIRROR}/${REL}/community"; \ + } > "${ROOTFS}/etc/apk/repositories" && \ + apk --root "${ROOTFS}" --no-cache --keys-dir /etc/apk/keys add --arch ${ARCH} --initdb ${PACKAGES//,/ } && \ + sed -i -e 's/^root::/root:!:/' /root-out/etc/shadow + +# add s6 overlay +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-noarch.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-noarch.tar.xz +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-${ARCH}.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-${ARCH}.tar.xz + +# add s6 optional symlinks +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-noarch.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-symlinks-noarch.tar.xz && unlink /root-out/usr/bin/with-contenv +ADD https://github.com/just-containers/s6-overlay/releases/download/v${S6_OVERLAY_VERSION}/s6-overlay-symlinks-arch.tar.xz /tmp +RUN tar -C /root-out -Jxpf /tmp/s6-overlay-symlinks-arch.tar.xz + +# Runtime stage +FROM scratch +COPY --from=rootfs-stage /root-out/ / +ARG BUILD_DATE +ARG VERSION +ARG MODS_VERSION="v3" +ARG PKG_INST_VERSION="v1" +ARG LSIOWN_VERSION="v1" +ARG WITHCONTENV_VERSION="v1" +LABEL build_version="fbicloud version:- ${VERSION} Build-date:- ${BUILD_DATE}" +LABEL maintainer="TheLamer" + +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/docker-mods.${MODS_VERSION}" "/docker-mods" +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/package-install.${PKG_INST_VERSION}" "/etc/s6-overlay/s6-rc.d/init-mods-package-install/run" +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/lsiown.${LSIOWN_VERSION}" "/usr/bin/lsiown" +ADD --chmod=755 "https://raw.githubusercontent.com/linuxserver/docker-mods/mod-scripts/with-contenv.${WITHCONTENV_VERSION}" "/usr/bin/with-contenv" + +# environment variables +ENV PS1="$(whoami)@$(hostname):$(pwd)\\$ " \ + HOME="/root" \ + TERM="xterm" \ + S6_CMD_WAIT_FOR_SERVICES_MAXTIME="0" \ + S6_VERBOSITY=1 \ + S6_STAGE2_HOOK=/docker-mods \ + VIRTUAL_ENV=/lsiopy \ + PATH="/lsiopy/bin:$PATH" + +RUN \ + echo "**** install runtime packages ****" && \ + apk add --no-cache \ + alpine-release \ + bash \ + ca-certificates \ + catatonit \ + coreutils \ + curl \ + findutils \ + jq \ + netcat-openbsd \ + procps-ng \ + shadow \ + tzdata && \ + echo "**** create abc user and make our folders ****" && \ + groupmod -g 1000 users && \ + useradd -u 911 -U -d /config -s /bin/false abc && \ + usermod -G users abc && \ + mkdir -p \ + /app \ + /config \ + /defaults \ + /lsiopy && \ + echo "**** cleanup ****" && \ + rm -rf \ + /tmp/* + +# add local files +COPY root/ / + +ENTRYPOINT ["/init"] diff --git a/Jenkinsfile b/Jenkinsfile deleted file mode 100644 index dbbc6f01..00000000 --- a/Jenkinsfile +++ /dev/null @@ -1,1257 +0,0 @@ -pipeline { - agent { - label 'X86-64-MULTI' - } - options { - buildDiscarder(logRotator(numToKeepStr: '10', daysToKeepStr: '60')) - parallelsAlwaysFailFast() - } - // Input to determine if this is a package check - parameters { - string(defaultValue: 'false', description: 'package check run', name: 'PACKAGE_CHECK') - } - // Configuration for the variables used for this specific repo - environment { - BUILDS_DISCORD=credentials('build_webhook_url') - GITHUB_TOKEN=credentials('498b4638-2d02-4ce5-832d-8a57d01d97ab') - GITLAB_TOKEN=credentials('b6f0f1dd-6952-4cf6-95d1-9c06380283f0') - GITLAB_NAMESPACE=credentials('gitlab-namespace-id') - DOCKERHUB_TOKEN=credentials('docker-hub-ci-pat') - QUAYIO_API_TOKEN=credentials('quayio-repo-api-token') - GIT_SIGNING_KEY=credentials('484fbca6-9a4f-455e-b9e3-97ac98785f5f') - BUILD_VERSION_ARG = 'OS' - LS_USER = 'linuxserver' - LS_REPO = 'docker-baseimage-alpine' - CONTAINER_NAME = 'baseimage-alpine' - DOCKERHUB_IMAGE = 'lsiobase/alpine' - DEV_DOCKERHUB_IMAGE = 'lsiodev/alpine' - PR_DOCKERHUB_IMAGE = 'lspipepr/alpine' - DIST_IMAGE = 'alpine' - MULTIARCH='true' - CI='true' - CI_WEB='false' - CI_PORT='80' - CI_SSL='true' - CI_DELAY='30' - CI_DOCKERENV='LSIO_FIRST_PARTY=true' - CI_AUTH='' - CI_WEBPATH='' - } - stages { - stage("Set git config"){ - steps{ - sh '''#!/bin/bash - cat ${GIT_SIGNING_KEY} > /config/.ssh/id_sign - chmod 600 /config/.ssh/id_sign - ssh-keygen -y -f /config/.ssh/id_sign > /config/.ssh/id_sign.pub - echo "Using $(ssh-keygen -lf /config/.ssh/id_sign) to sign commits" - git config --global gpg.format ssh - git config --global user.signingkey /config/.ssh/id_sign - git config --global commit.gpgsign true - ''' - } - } - // Setup all the basic environment variables needed for the build - stage("Set ENV Variables base"){ - steps{ - echo "Running on node: ${NODE_NAME}" - sh '''#! /bin/bash - echo "Pruning builder" - docker builder prune -f --builder container || : - containers=$(docker ps -q) - if [[ -n "${containers}" ]]; then - BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit') - for container in ${containers}; do - if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then - echo "skipping buildx container in docker stop" - else - echo "Stopping container ${container}" - docker stop ${container} - fi - done - fi - docker system prune -f --volumes || : - docker image prune -af || : - ''' - script{ - env.EXIT_STATUS = '' - env.LS_RELEASE = sh( - script: '''docker run --rm quay.io/skopeo/stable:v1 inspect docker://ghcr.io/${LS_USER}/${CONTAINER_NAME}:3.22 2>/dev/null | jq -r '.Labels.build_version' | awk '{print $3}' | grep '\\-ls' || : ''', - returnStdout: true).trim() - env.LS_RELEASE_NOTES = sh( - script: '''cat readme-vars.yml | awk -F \\" '/date: "[0-9][0-9].[0-9][0-9].[0-9][0-9]:/ {print $4;exit;}' | sed -E ':a;N;$!ba;s/\\r{0,1}\\n/\\\\n/g' ''', - returnStdout: true).trim() - env.GITHUB_DATE = sh( - script: '''date '+%Y-%m-%dT%H:%M:%S%:z' ''', - returnStdout: true).trim() - env.COMMIT_SHA = sh( - script: '''git rev-parse HEAD''', - returnStdout: true).trim() - env.GH_DEFAULT_BRANCH = sh( - script: '''git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||' ''', - returnStdout: true).trim() - env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/commit/' + env.GIT_COMMIT - env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DOCKERHUB_IMAGE + '/tags/' - env.PULL_REQUEST = env.CHANGE_ID - env.TEMPLATED_FILES = 'Jenkinsfile README.md LICENSE .editorconfig ./.github/CONTRIBUTING.md ./.github/FUNDING.yml ./.github/ISSUE_TEMPLATE/config.yml ./.github/ISSUE_TEMPLATE/issue.bug.yml ./.github/ISSUE_TEMPLATE/issue.feature.yml ./.github/PULL_REQUEST_TEMPLATE.md ./.github/workflows/external_trigger_scheduler.yml ./.github/workflows/greetings.yml ./.github/workflows/package_trigger_scheduler.yml ./.github/workflows/call_issue_pr_tracker.yml ./.github/workflows/call_issues_cron.yml ./.github/workflows/permissions.yml ./.github/workflows/external_trigger.yml' - if ( env.SYFT_IMAGE_TAG == null ) { - env.SYFT_IMAGE_TAG = 'latest' - } - } - echo "Using syft image tag ${SYFT_IMAGE_TAG}" - sh '''#! /bin/bash - echo "The default github branch detected as ${GH_DEFAULT_BRANCH}" ''' - script{ - env.LS_RELEASE_NUMBER = sh( - script: '''echo ${LS_RELEASE} |sed 's/^.*-ls//g' ''', - returnStdout: true).trim() - } - script{ - env.LS_TAG_NUMBER = sh( - script: '''#! /bin/bash - tagsha=$(git rev-list -n 1 3.22-${LS_RELEASE} 2>/dev/null) - if [ "${tagsha}" == "${COMMIT_SHA}" ]; then - echo ${LS_RELEASE_NUMBER} - elif [ -z "${GIT_COMMIT}" ]; then - echo ${LS_RELEASE_NUMBER} - else - echo $((${LS_RELEASE_NUMBER} + 1)) - fi''', - returnStdout: true).trim() - } - } - } - /* ####################### - Package Version Tagging - ####################### */ - // Grab the current package versions in Git to determine package tag - stage("Set Package tag"){ - steps{ - script{ - env.PACKAGE_TAG = sh( - script: '''#!/bin/bash - if [ -e package_versions.txt ] ; then - cat package_versions.txt | md5sum | cut -c1-8 - else - echo none - fi''', - returnStdout: true).trim() - } - } - } - /* ######################## - External Release Tagging - ######################## */ - // If this is an os release set release type to none to indicate no external release - stage("Set ENV os"){ - steps{ - script{ - env.EXT_RELEASE = env.PACKAGE_TAG - env.RELEASE_LINK = 'none' - } - } - } - // Sanitize the release tag and strip illegal docker or github characters - stage("Sanitize tag"){ - steps{ - script{ - env.EXT_RELEASE_CLEAN = sh( - script: '''echo ${EXT_RELEASE} | sed 's/[~,%@+;:/ ]//g' ''', - returnStdout: true).trim() - - def semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)\.(\d+)/ - if (semver.find()) { - env.SEMVER = "${semver[0][1]}.${semver[0][2]}.${semver[0][3]}" - } else { - semver = env.EXT_RELEASE_CLEAN =~ /(\d+)\.(\d+)(?:\.(\d+))?(.*)/ - if (semver.find()) { - if (semver[0][3]) { - env.SEMVER = "${semver[0][1]}.${semver[0][2]}.${semver[0][3]}" - } else if (!semver[0][3] && !semver[0][4]) { - env.SEMVER = "${semver[0][1]}.${semver[0][2]}.${(new Date()).format('YYYYMMdd')}" - } - } - } - - if (env.SEMVER != null) { - if (BRANCH_NAME != "${env.GH_DEFAULT_BRANCH}") { - env.SEMVER = "${env.SEMVER}-${BRANCH_NAME}" - } - println("SEMVER: ${env.SEMVER}") - } else { - println("No SEMVER detected") - } - - } - } - } - // If this is a 3.22 build use live docker endpoints - stage("Set ENV live build"){ - when { - branch "3.22" - environment name: 'CHANGE_ID', value: '' - } - steps { - script{ - env.IMAGE = env.DOCKERHUB_IMAGE - env.GITHUBIMAGE = 'ghcr.io/' + env.LS_USER + '/' + env.CONTAINER_NAME - env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/' + env.CONTAINER_NAME - env.QUAYIMAGE = 'quay.io/linuxserver.io/' + env.CONTAINER_NAME - if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-3.22-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|riscv64-3.22-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER + '|arm64v8-3.22-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - } else { - env.CI_TAGS = '3.22-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - } - env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - env.META_TAG = '3.22-' + env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - env.EXT_RELEASE_TAG = '3.22-version-' + env.EXT_RELEASE_CLEAN - env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' - env.CITEST_IMAGETAG = 'latest' - } - } - } - // If this is a dev build use dev docker endpoints - stage("Set ENV dev build"){ - when { - not {branch "3.22"} - environment name: 'CHANGE_ID', value: '' - } - steps { - script{ - env.IMAGE = env.DEV_DOCKERHUB_IMAGE - env.GITHUBIMAGE = 'ghcr.io/' + env.LS_USER + '/lsiodev-' + env.CONTAINER_NAME - env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lsiodev-' + env.CONTAINER_NAME - env.QUAYIMAGE = 'quay.io/linuxserver.io/lsiodev-' + env.CONTAINER_NAME - if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|riscv64-3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '|arm64v8-3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA - } else { - env.CI_TAGS = '3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA - } - env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA - env.META_TAG = '3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA - env.EXT_RELEASE_TAG = '3.22-version-' + env.EXT_RELEASE_CLEAN - env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.DEV_DOCKERHUB_IMAGE + '/tags/' - env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' - env.CITEST_IMAGETAG = 'develop' - } - } - } - // If this is a pull request build use dev docker endpoints - stage("Set ENV PR build"){ - when { - not {environment name: 'CHANGE_ID', value: ''} - } - steps { - script{ - env.IMAGE = env.PR_DOCKERHUB_IMAGE - env.GITHUBIMAGE = 'ghcr.io/' + env.LS_USER + '/lspipepr-' + env.CONTAINER_NAME - env.GITLABIMAGE = 'registry.gitlab.com/linuxserver.io/' + env.LS_REPO + '/lspipepr-' + env.CONTAINER_NAME - env.QUAYIMAGE = 'quay.io/linuxserver.io/lspipepr-' + env.CONTAINER_NAME - if (env.MULTIARCH == 'true') { - env.CI_TAGS = 'amd64-3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|riscv64-3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST + '|arm64v8-3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST - } else { - env.CI_TAGS = '3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST - } - env.VERSION_TAG = env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST - env.META_TAG = '3.22-' + env.EXT_RELEASE_CLEAN + '-pkg-' + env.PACKAGE_TAG + '-dev-' + env.COMMIT_SHA + '-pr-' + env.PULL_REQUEST - env.EXT_RELEASE_TAG = '3.22-version-' + env.EXT_RELEASE_CLEAN - env.CODE_URL = 'https://github.com/' + env.LS_USER + '/' + env.LS_REPO + '/pull/' + env.PULL_REQUEST - env.DOCKERHUB_LINK = 'https://hub.docker.com/r/' + env.PR_DOCKERHUB_IMAGE + '/tags/' - env.BUILDCACHE = 'docker.io/lsiodev/buildcache,registry.gitlab.com/linuxserver.io/docker-jenkins-builder/lsiodev-buildcache,ghcr.io/linuxserver/lsiodev-buildcache,quay.io/linuxserver.io/lsiodev-buildcache' - env.CITEST_IMAGETAG = 'develop' - } - } - } - // Run ShellCheck - stage('ShellCheck') { - when { - environment name: 'CI', value: 'true' - } - steps { - withCredentials([ - string(credentialsId: 'ci-tests-s3-key-id', variable: 'S3_KEY'), - string(credentialsId: 'ci-tests-s3-secret-access-key', variable: 'S3_SECRET') - ]) { - script{ - env.SHELLCHECK_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/shellcheck-result.xml' - } - sh '''curl -sL https://raw.githubusercontent.com/linuxserver/docker-jenkins-builder/master/checkrun.sh | /bin/bash''' - sh '''#! /bin/bash - docker run --rm \ - -v ${WORKSPACE}:/mnt \ - -e AWS_ACCESS_KEY_ID=\"${S3_KEY}\" \ - -e AWS_SECRET_ACCESS_KEY=\"${S3_SECRET}\" \ - ghcr.io/linuxserver/baseimage-alpine:3.23 s6-envdir -fn -- /var/run/s6/container_environment /bin/bash -c "\ - apk add --no-cache python3 && \ - python3 -m venv /lsiopy && \ - pip install --no-cache-dir -U pip && \ - pip install --no-cache-dir s3cmd && \ - s3cmd put --no-preserve --acl-public -m text/xml /mnt/shellcheck-result.xml s3://ci-tests.linuxserver.io/${IMAGE}/${META_TAG}/shellcheck-result.xml" || :''' - } - } - } - // Use helper containers to render templated files - stage('Update-Templates') { - when { - branch "3.22" - environment name: 'CHANGE_ID', value: '' - expression { - env.CONTAINER_NAME != null - } - } - steps { - sh '''#! /bin/bash - set -e - TEMPDIR=$(mktemp -d) - docker pull ghcr.io/linuxserver/jenkins-builder:latest - # Cloned repo paths for templating: - # ${TEMPDIR}/docker-${CONTAINER_NAME}: Cloned branch 3.22 of ${LS_USER}/${LS_REPO} for running the jenkins builder on - # ${TEMPDIR}/repo/${LS_REPO}: Cloned branch 3.22 of ${LS_USER}/${LS_REPO} for commiting various templated file changes and pushing back to Github - # ${TEMPDIR}/docs/docker-documentation: Cloned docs repo for pushing docs updates to Github - # ${TEMPDIR}/unraid/docker-templates: Cloned docker-templates repo to check for logos - # ${TEMPDIR}/unraid/templates: Cloned templates repo for commiting unraid template changes and pushing back to Github - git clone --branch 3.22 --depth 1 https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/docker-${CONTAINER_NAME} - docker run --rm -v ${TEMPDIR}/docker-${CONTAINER_NAME}:/tmp -e LOCAL=true -e PUID=$(id -u) -e PGID=$(id -g) ghcr.io/linuxserver/jenkins-builder:latest - echo "Starting Stage 1 - Jenkinsfile update" - if [[ "$(md5sum Jenkinsfile | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile | awk '{ print $1 }')" ]]; then - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f 3.22 - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/Jenkinsfile ${TEMPDIR}/repo/${LS_REPO}/ - git add Jenkinsfile - git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git 3.22 - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git 3.22 - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Updating Jenkinsfile and exiting build, new one will trigger based on commit" - rm -Rf ${TEMPDIR} - exit 0 - else - echo "Jenkinsfile is up to date." - fi - echo "Starting Stage 2 - Delete old templates" - OLD_TEMPLATES=".github/ISSUE_TEMPLATE.md .github/ISSUE_TEMPLATE/issue.bug.md .github/ISSUE_TEMPLATE/issue.feature.md .github/workflows/call_invalid_helper.yml .github/workflows/stale.yml .github/workflows/package_trigger.yml" - for i in ${OLD_TEMPLATES}; do - if [[ -f "${i}" ]]; then - TEMPLATES_TO_DELETE="${i} ${TEMPLATES_TO_DELETE}" - fi - done - if [[ -n "${TEMPLATES_TO_DELETE}" ]]; then - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f 3.22 - for i in ${TEMPLATES_TO_DELETE}; do - git rm "${i}" - done - git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git 3.22 - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git 3.22 - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Deleting old/deprecated templates and exiting build, new one will trigger based on commit" - rm -Rf ${TEMPDIR} - exit 0 - else - echo "No templates to delete" - fi - echo "Starting Stage 3 - Update templates" - CURRENTHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) - cd ${TEMPDIR}/docker-${CONTAINER_NAME} - NEWHASH=$(grep -hs ^ ${TEMPLATED_FILES} | md5sum | cut -c1-8) - if [[ "${CURRENTHASH}" != "${NEWHASH}" ]] || ! grep -q '.jenkins-external' "${WORKSPACE}/.gitignore" 2>/dev/null; then - mkdir -p ${TEMPDIR}/repo - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/repo/${LS_REPO} - cd ${TEMPDIR}/repo/${LS_REPO} - git checkout -f 3.22 - cd ${TEMPDIR}/docker-${CONTAINER_NAME} - mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/workflows - mkdir -p ${TEMPDIR}/repo/${LS_REPO}/.github/ISSUE_TEMPLATE - cp --parents ${TEMPLATED_FILES} ${TEMPDIR}/repo/${LS_REPO}/ || : - cp --parents readme-vars.yml ${TEMPDIR}/repo/${LS_REPO}/ || : - cd ${TEMPDIR}/repo/${LS_REPO}/ - if ! grep -q '.jenkins-external' .gitignore 2>/dev/null; then - echo ".jenkins-external" >> .gitignore - git add .gitignore - fi - git add readme-vars.yml ${TEMPLATED_FILES} - git commit -m 'Bot Updating Templated Files' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git 3.22 - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git 3.22 - echo "true" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "Updating templates and exiting build, new one will trigger based on commit" - rm -Rf ${TEMPDIR} - exit 0 - else - echo "false" > /tmp/${COMMIT_SHA}-${BUILD_NUMBER} - echo "No templates to update" - fi - echo "Starting Stage 4 - External repo updates: Docs, Unraid Template and Readme Sync to Docker Hub" - mkdir -p ${TEMPDIR}/docs - git clone --depth=1 https://github.com/linuxserver/docker-documentation.git ${TEMPDIR}/docs/docker-documentation - if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]] && [[ (! -f ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md) || ("$(md5sum ${TEMPDIR}/docs/docker-documentation/docs/images/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')" != "$(md5sum ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md | awk '{ print $1 }')") ]]; then - cp ${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/docker-${CONTAINER_NAME}.md ${TEMPDIR}/docs/docker-documentation/docs/images/ - cd ${TEMPDIR}/docs/docker-documentation - GH_DOCS_DEFAULT_BRANCH=$(git remote show origin | grep "HEAD branch:" | sed 's|.*HEAD branch: ||') - git add docs/images/docker-${CONTAINER_NAME}.md - echo "Updating docs repo" - git commit -m 'Bot Updating Documentation' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} || \ - (MAXWAIT="10" && echo "Push to docs failed, trying again in ${MAXWAIT} seconds" && \ - sleep $((RANDOM % MAXWAIT)) && \ - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH} --rebase && \ - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/linuxserver/docker-documentation.git ${GH_DOCS_DEFAULT_BRANCH}) - else - echo "Docs update not needed, skipping" - fi - if [[ "${BRANCH_NAME}" == "${GH_DEFAULT_BRANCH}" ]]; then - if [[ $(cat ${TEMPDIR}/docker-${CONTAINER_NAME}/README.md | wc -m) -gt 25000 ]]; then - echo "Readme is longer than 25,000 characters. Syncing the lite version to Docker Hub" - DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/.jenkins-external/README.lite" - else - echo "Syncing readme to Docker Hub" - DH_README_SYNC_PATH="${TEMPDIR}/docker-${CONTAINER_NAME}/README.md" - fi - if curl -s https://hub.docker.com/v2/namespaces/${DOCKERHUB_IMAGE%%/*}/repositories/${DOCKERHUB_IMAGE##*/}/tags | jq -r '.message' | grep -q 404; then - echo "Docker Hub endpoint doesn't exist. Creating endpoint first." - DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token') - curl -s \ - -H "Authorization: JWT ${DH_TOKEN}" \ - -H "Content-Type: application/json" \ - -X POST \ - -d '{"name":"'${DOCKERHUB_IMAGE##*/}'", "namespace":"'${DOCKERHUB_IMAGE%%/*}'"}' \ - https://hub.docker.com/v2/repositories/ || : - fi - DH_TOKEN=$(curl -d '{"username":"linuxserverci", "password":"'${DOCKERHUB_TOKEN}'"}' -H "Content-Type: application/json" -X POST https://hub.docker.com/v2/users/login | jq -r '.token') - curl -s \ - -H "Authorization: JWT ${DH_TOKEN}" \ - -H "Content-Type: application/json" \ - -X PATCH \ - -d "{\\"full_description\\":$(jq -Rsa . ${DH_README_SYNC_PATH})}" \ - https://hub.docker.com/v2/repositories/${DOCKERHUB_IMAGE} || : - else - echo "Not the default Github branch. Skipping readme sync to Docker Hub." - fi - rm -Rf ${TEMPDIR}''' - script{ - env.FILES_UPDATED = sh( - script: '''cat /tmp/${COMMIT_SHA}-${BUILD_NUMBER}''', - returnStdout: true).trim() - } - } - } - // Exit the build if the Templated files were just updated - stage('Template-exit') { - when { - branch "3.22" - environment name: 'CHANGE_ID', value: '' - environment name: 'FILES_UPDATED', value: 'true' - expression { - env.CONTAINER_NAME != null - } - } - steps { - script{ - env.EXIT_STATUS = 'ABORTED' - } - } - } - // If this is a 3.22 build check the S6 service file perms - stage("Check S6 Service file Permissions"){ - when { - branch "3.22" - environment name: 'CHANGE_ID', value: '' - environment name: 'EXIT_STATUS', value: '' - } - steps { - script{ - sh '''#! /bin/bash - WRONG_PERM=$(find ./ -path "./.git" -prune -o \\( -name "run" -o -name "finish" -o -name "check" \\) -not -perm -u=x,g=x,o=x -print) - if [[ -n "${WRONG_PERM}" ]]; then - echo "The following S6 service files are missing the executable bit; canceling the faulty build: ${WRONG_PERM}" - exit 1 - else - echo "S6 service file perms look good." - fi ''' - } - } - } - /* ####################### - GitLab Mirroring and Quay.io Repo Visibility - ####################### */ - // Ping into Gitlab to mirror this repo and have a registry endpoint & mark this repo on Quay.io as public - stage("GitLab Mirror and Quay.io Visibility"){ - when { - environment name: 'EXIT_STATUS', value: '' - } - steps{ - sh '''curl -H "Content-Type: application/json" -H "Private-Token: ${GITLAB_TOKEN}" -X POST https://gitlab.com/api/v4/projects \ - -d '{"namespace_id":'${GITLAB_NAMESPACE}',\ - "name":"'${LS_REPO}'", - "mirror":true,\ - "import_url":"https://github.com/linuxserver/'${LS_REPO}'.git",\ - "issues_access_level":"disabled",\ - "merge_requests_access_level":"disabled",\ - "repository_access_level":"enabled",\ - "visibility":"public"}' ''' - sh '''curl -H "Private-Token: ${GITLAB_TOKEN}" -X PUT "https://gitlab.com/api/v4/projects/Linuxserver.io%2F${LS_REPO}" \ - -d "mirror=true&import_url=https://github.com/linuxserver/${LS_REPO}.git" ''' - sh '''curl -H "Content-Type: application/json" -H "Authorization: Bearer ${QUAYIO_API_TOKEN}" -X POST "https://quay.io/api/v1/repository${QUAYIMAGE/quay.io/}/changevisibility" \ - -d '{"visibility":"public"}' ||: ''' - } - } - /* ############### - Build Container - ############### */ - // Build Docker container for push to LS Repo - stage('Build-Single') { - when { - expression { - env.MULTIARCH == 'false' || params.PACKAGE_CHECK == 'true' - } - environment name: 'EXIT_STATUS', value: '' - } - steps { - echo "Running on node: ${NODE_NAME}" - sh "docker buildx build \ - --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ - --label \"org.opencontainers.image.authors=linuxserver.io\" \ - --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-baseimage-alpine/packages\" \ - --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-baseimage-alpine\" \ - --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-baseimage-alpine\" \ - --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ - --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.vendor=linuxserver.io\" \ - --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ - --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.title=Baseimage-alpine\" \ - --label \"org.opencontainers.image.description=baseimage-alpine image by linuxserver.io\" \ - --no-cache --pull -t ${IMAGE}:${META_TAG} --platform=linux/amd64 \ - --provenance=true --sbom=true --builder=container --load \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh '''#! /bin/bash - set -e - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker tag ${IMAGE}:${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} - done - ''' - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: 'Quay.io-Robot', - usernameVariable: 'QUAYUSER', - passwordVariable: 'QUAYPASS' - ] - ]) { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin - - if [[ "${PACKAGE_CHECK}" != "true" ]]; then - declare -A pids - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} & - pids[$!]="$i" - done - for p in "${!pids[@]}"; do - wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; } - done - fi - ''' - } - } - } - } - // Build MultiArch Docker containers for push to LS Repo - stage('Build-Multi') { - when { - allOf { - environment name: 'MULTIARCH', value: 'true' - expression { params.PACKAGE_CHECK == 'false' } - } - environment name: 'EXIT_STATUS', value: '' - } - parallel { - stage('Build X86') { - steps { - echo "Running on node: ${NODE_NAME}" - sh "docker buildx build \ - --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ - --label \"org.opencontainers.image.authors=linuxserver.io\" \ - --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-baseimage-alpine/packages\" \ - --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-baseimage-alpine\" \ - --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-baseimage-alpine\" \ - --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ - --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.vendor=linuxserver.io\" \ - --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ - --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.title=Baseimage-alpine\" \ - --label \"org.opencontainers.image.description=baseimage-alpine image by linuxserver.io\" \ - --no-cache --pull -t ${IMAGE}:amd64-${META_TAG} --platform=linux/amd64 \ - --provenance=true --sbom=true --builder=container --load \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh '''#! /bin/bash - set -e - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker tag ${IMAGE}:amd64-${META_TAG} ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} - done - ''' - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: 'Quay.io-Robot', - usernameVariable: 'QUAYUSER', - passwordVariable: 'QUAYPASS' - ] - ]) { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin - - if [[ "${PACKAGE_CHECK}" != "true" ]]; then - declare -A pids - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker push ${i}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} & - pids[$!]="$i" - done - for p in "${!pids[@]}"; do - wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; } - done - fi - ''' - } - } - } - } - stage('Build ARM64') { - agent { - label 'ARM64' - } - steps { - echo "Running on node: ${NODE_NAME}" - sh "docker buildx build \ - --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ - --label \"org.opencontainers.image.authors=linuxserver.io\" \ - --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-baseimage-alpine/packages\" \ - --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-baseimage-alpine\" \ - --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-baseimage-alpine\" \ - --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ - --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.vendor=linuxserver.io\" \ - --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ - --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.title=Baseimage-alpine\" \ - --label \"org.opencontainers.image.description=baseimage-alpine image by linuxserver.io\" \ - --no-cache --pull -f Dockerfile.aarch64 -t ${IMAGE}:arm64v8-${META_TAG} --platform=linux/arm64 \ - --provenance=true --sbom=true --builder=container --load \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh '''#! /bin/bash - set -e - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker tag ${IMAGE}:arm64v8-${META_TAG} ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} - done - ''' - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: 'Quay.io-Robot', - usernameVariable: 'QUAYUSER', - passwordVariable: 'QUAYPASS' - ] - ]) { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin - if [[ "${PACKAGE_CHECK}" != "true" ]]; then - declare -A pids - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker push ${i}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} & - pids[$!]="$i" - done - for p in "${!pids[@]}"; do - wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; } - done - fi - ''' - } - } - sh '''#! /bin/bash - containers=$(docker ps -aq) - if [[ -n "${containers}" ]]; then - docker stop ${containers} - fi - docker system prune -f --volumes || : - docker image prune -af || : - ''' - } - } - stage('Build RISCV64') { - agent { - label 'RISCV64' - } - steps { - echo "Running on node: ${NODE_NAME}" - sh "docker buildx build \ - --label \"org.opencontainers.image.created=${GITHUB_DATE}\" \ - --label \"org.opencontainers.image.authors=linuxserver.io\" \ - --label \"org.opencontainers.image.url=https://github.com/linuxserver/docker-baseimage-alpine/packages\" \ - --label \"org.opencontainers.image.documentation=https://docs.linuxserver.io/images/docker-baseimage-alpine\" \ - --label \"org.opencontainers.image.source=https://github.com/linuxserver/docker-baseimage-alpine\" \ - --label \"org.opencontainers.image.version=${EXT_RELEASE_CLEAN}-ls${LS_TAG_NUMBER}\" \ - --label \"org.opencontainers.image.revision=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.vendor=linuxserver.io\" \ - --label \"org.opencontainers.image.licenses=GPL-3.0-only\" \ - --label \"org.opencontainers.image.ref.name=${COMMIT_SHA}\" \ - --label \"org.opencontainers.image.title=Baseimage-alpine\" \ - --label \"org.opencontainers.image.description=baseimage-alpine image by linuxserver.io\" \ - --no-cache --pull -f Dockerfile.riscv64 -t ${IMAGE}:riscv64-${META_TAG} --platform=linux/riscv64 \ - --provenance=true --sbom=true --builder=container --load \ - --build-arg ${BUILD_VERSION_ARG}=${EXT_RELEASE} --build-arg VERSION=\"${VERSION_TAG}\" --build-arg BUILD_DATE=${GITHUB_DATE} ." - sh '''#! /bin/bash - set -e - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker tag ${IMAGE}:riscv64-${META_TAG} ${i}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} - done - ''' - withCredentials([ - [ - $class: 'UsernamePasswordMultiBinding', - credentialsId: 'Quay.io-Robot', - usernameVariable: 'QUAYUSER', - passwordVariable: 'QUAYPASS' - ] - ]) { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - echo $DOCKERHUB_TOKEN | docker login -u linuxserverci --password-stdin - echo $GITHUB_TOKEN | docker login ghcr.io -u LinuxServer-CI --password-stdin - echo $GITLAB_TOKEN | docker login registry.gitlab.com -u LinuxServer.io --password-stdin - echo $QUAYPASS | docker login quay.io -u $QUAYUSER --password-stdin - - if [[ "${PACKAGE_CHECK}" != "true" ]]; then - declare -A pids - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - docker push ${i}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} & - pids[$!]="$i" - done - for p in "${!pids[@]}"; do - wait "$p" || { [[ "${pids[$p]}" != *"quay.io"* ]] && exit 1; } - done - fi - ''' - } - } - sh '''#! /bin/bash - containers=$(docker ps -aq) - if [[ -n "${containers}" ]]; then - docker stop ${containers} - fi - docker system prune -f --volumes || : - docker image prune -af || : - ''' - } - } - } - } - // Take the image we just built and dump package versions for comparison - stage('Update-packages') { - when { - branch "3.22" - environment name: 'CHANGE_ID', value: '' - environment name: 'EXIT_STATUS', value: '' - } - steps { - sh '''#! /bin/bash - set -e - TEMPDIR=$(mktemp -d) - if [ "${MULTIARCH}" == "true" ] && [ "${PACKAGE_CHECK}" != "true" ]; then - LOCAL_CONTAINER=${IMAGE}:amd64-${META_TAG} - else - LOCAL_CONTAINER=${IMAGE}:${META_TAG} - fi - touch ${TEMPDIR}/package_versions.txt - docker run --rm \ - -v /var/run/docker.sock:/var/run/docker.sock:ro \ - -v ${TEMPDIR}:/tmp \ - ghcr.io/anchore/syft:${SYFT_IMAGE_TAG} \ - ${LOCAL_CONTAINER} -o table=/tmp/package_versions.txt - NEW_PACKAGE_TAG=$(md5sum ${TEMPDIR}/package_versions.txt | cut -c1-8 ) - echo "Package tag sha from current packages in buit container is ${NEW_PACKAGE_TAG} comparing to old ${PACKAGE_TAG} from github" - if [ "${NEW_PACKAGE_TAG}" != "${PACKAGE_TAG}" ]; then - git clone https://github.com/${LS_USER}/${LS_REPO}.git ${TEMPDIR}/${LS_REPO} - git --git-dir ${TEMPDIR}/${LS_REPO}/.git checkout -f 3.22 - cp ${TEMPDIR}/package_versions.txt ${TEMPDIR}/${LS_REPO}/ - cd ${TEMPDIR}/${LS_REPO}/ - wait - git add package_versions.txt - git commit -m 'Bot Updating Package Versions' - git pull https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git 3.22 - git push https://LinuxServer-CI:${GITHUB_TOKEN}@github.com/${LS_USER}/${LS_REPO}.git 3.22 - echo "true" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER} - echo "Package tag updated, stopping build process" - else - echo "false" > /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER} - echo "Package tag is same as previous continue with build process" - fi - rm -Rf ${TEMPDIR}''' - script{ - env.PACKAGE_UPDATED = sh( - script: '''cat /tmp/packages-${COMMIT_SHA}-${BUILD_NUMBER}''', - returnStdout: true).trim() - } - } - } - // Exit the build if the package file was just updated - stage('PACKAGE-exit') { - when { - branch "3.22" - environment name: 'CHANGE_ID', value: '' - environment name: 'PACKAGE_UPDATED', value: 'true' - environment name: 'EXIT_STATUS', value: '' - } - steps { - script{ - env.EXIT_STATUS = 'ABORTED' - } - } - } - // Exit the build if this is just a package check and there are no changes to push - stage('PACKAGECHECK-exit') { - when { - branch "3.22" - environment name: 'CHANGE_ID', value: '' - environment name: 'PACKAGE_UPDATED', value: 'false' - environment name: 'EXIT_STATUS', value: '' - expression { - params.PACKAGE_CHECK == 'true' - } - } - steps { - script{ - env.EXIT_STATUS = 'ABORTED' - } - } - } - /* ####### - Testing - ####### */ - // Run Container tests - stage('Test') { - when { - environment name: 'CI', value: 'true' - environment name: 'EXIT_STATUS', value: '' - } - steps { - withCredentials([ - string(credentialsId: 'ci-tests-s3-key-id', variable: 'S3_KEY'), - string(credentialsId: 'ci-tests-s3-secret-access-key ', variable: 'S3_SECRET') - ]) { - script{ - env.CI_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/index.html' - env.CI_JSON_URL = 'https://ci-tests.linuxserver.io/' + env.IMAGE + '/' + env.META_TAG + '/report.json' - } - sh '''#! /bin/bash - set -e - if grep -q 'docker-baseimage' <<< "${LS_REPO}"; then - echo "Detected baseimage, setting LSIO_FIRST_PARTY=true" - if [ -n "${CI_DOCKERENV}" ]; then - CI_DOCKERENV="LSIO_FIRST_PARTY=true|${CI_DOCKERENV}" - else - CI_DOCKERENV="LSIO_FIRST_PARTY=true" - fi - fi - docker pull ghcr.io/linuxserver/ci:${CITEST_IMAGETAG} - if [ "${MULTIARCH}" == "true" ]; then - docker pull ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} --platform=arm64 - docker tag ghcr.io/linuxserver/lsiodev-buildcache:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:arm64v8-${META_TAG} - docker pull ghcr.io/linuxserver/lsiodev-buildcache:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} --platform=riscv64 - docker tag ghcr.io/linuxserver/lsiodev-buildcache:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} ${IMAGE}:riscv64-${META_TAG} - fi - docker run --rm \ - --shm-size=1gb \ - -v /var/run/docker.sock:/var/run/docker.sock \ - -e IMAGE=\"${IMAGE}\" \ - -e DOCKER_LOGS_TIMEOUT=\"${CI_DELAY}\" \ - -e TAGS=\"${CI_TAGS}\" \ - -e META_TAG=\"${META_TAG}\" \ - -e RELEASE_TAG=\"3.22\" \ - -e PORT=\"${CI_PORT}\" \ - -e SSL=\"${CI_SSL}\" \ - -e BASE=\"${DIST_IMAGE}\" \ - -e SECRET_KEY=\"${S3_SECRET}\" \ - -e ACCESS_KEY=\"${S3_KEY}\" \ - -e DOCKER_ENV=\"${CI_DOCKERENV}\" \ - -e WEB_SCREENSHOT=\"${CI_WEB}\" \ - -e WEB_AUTH=\"${CI_AUTH}\" \ - -e WEB_PATH=\"${CI_WEBPATH}\" \ - -e NODE_NAME=\"${NODE_NAME}\" \ - -e SYFT_IMAGE_TAG=\"${CI_SYFT_IMAGE_TAG:-${SYFT_IMAGE_TAG}}\" \ - -e COMMIT_SHA=\"${COMMIT_SHA}\" \ - -e BUILD_NUMBER=\"${BUILD_NUMBER}\" \ - -t ghcr.io/linuxserver/ci:${CITEST_IMAGETAG} \ - python3 test_build.py''' - } - } - } - /* ################## - Release Logic - ################## */ - // If this is an amd64 only image only push a single image - stage('Docker-Push-Single') { - when { - environment name: 'MULTIARCH', value: 'false' - environment name: 'EXIT_STATUS', value: '' - } - steps { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - for PUSHIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do - [[ ${PUSHIMAGE%%/*} =~ \\. ]] && PUSHIMAGEPLUS="${PUSHIMAGE}" || PUSHIMAGEPLUS="docker.io/${PUSHIMAGE}" - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - if [[ "${PUSHIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then - CACHEIMAGE=${i} - fi - done - docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${META_TAG} -t ${PUSHIMAGE}:3.22 -t ${PUSHIMAGE}:${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \ - { if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - if [ -n "${SEMVER}" ]; then - docker buildx imagetools create --prefer-index=false -t ${PUSHIMAGE}:${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \ - { if [[ "${PUSHIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - fi - done - ''' - } - } - } - // If this is a multi arch release push all images and define the manifest - stage('Docker-Push-Multi') { - when { - environment name: 'MULTIARCH', value: 'true' - environment name: 'EXIT_STATUS', value: '' - } - steps { - retry_backoff(5,5) { - sh '''#! /bin/bash - set -e - for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do - [[ ${MANIFESTIMAGE%%/*} =~ \\. ]] && MANIFESTIMAGEPLUS="${MANIFESTIMAGE}" || MANIFESTIMAGEPLUS="docker.io/${MANIFESTIMAGE}" - IFS=',' read -ra CACHE <<< "$BUILDCACHE" - for i in "${CACHE[@]}"; do - if [[ "${MANIFESTIMAGEPLUS}" == "$(cut -d "/" -f1 <<< ${i})"* ]]; then - CACHEIMAGE=${i} - fi - done - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${META_TAG} -t ${MANIFESTIMAGE}:amd64-3.22 -t ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${META_TAG} -t ${MANIFESTIMAGE}:arm64v8-3.22 -t ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:riscv64-${META_TAG} -t ${MANIFESTIMAGE}:riscv64-3.22 -t ${MANIFESTIMAGE}:riscv64-${EXT_RELEASE_TAG} ${CACHEIMAGE}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - if [ -n "${SEMVER}" ]; then - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:amd64-${SEMVER} ${CACHEIMAGE}:amd64-${COMMIT_SHA}-${BUILD_NUMBER} || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:arm64v8-${SEMVER} ${CACHEIMAGE}:arm64v8-${COMMIT_SHA}-${BUILD_NUMBER} || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - docker buildx imagetools create --prefer-index=false -t ${MANIFESTIMAGE}:riscv64-${SEMVER} ${CACHEIMAGE}:riscv64-${COMMIT_SHA}-${BUILD_NUMBER} || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - fi - done - for MANIFESTIMAGE in "${IMAGE}" "${GITLABIMAGE}" "${GITHUBIMAGE}" "${QUAYIMAGE}"; do - docker buildx imagetools create -t ${MANIFESTIMAGE}:3.22 ${MANIFESTIMAGE}:amd64-3.22 ${MANIFESTIMAGE}:riscv64-3.22 ${MANIFESTIMAGE}:arm64v8-3.22 || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - docker buildx imagetools create -t ${MANIFESTIMAGE}:${META_TAG} ${MANIFESTIMAGE}:amd64-${META_TAG} ${MANIFESTIMAGE}:riscv64-${META_TAG} ${MANIFESTIMAGE}:arm64v8-${META_TAG} || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - docker buildx imagetools create -t ${MANIFESTIMAGE}:${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:amd64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:riscv64-${EXT_RELEASE_TAG} ${MANIFESTIMAGE}:arm64v8-${EXT_RELEASE_TAG} || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - if [ -n "${SEMVER}" ]; then - docker buildx imagetools create -t ${MANIFESTIMAGE}:${SEMVER} ${MANIFESTIMAGE}:amd64-${SEMVER} ${MANIFESTIMAGE}:riscv64-${SEMVER} ${MANIFESTIMAGE}:arm64v8-${SEMVER} || \ - { if [[ "${MANIFESTIMAGE}" != "${QUAYIMAGE}" ]]; then exit 1; fi; } - fi - done - ''' - } - } - } - // If this is a public release tag it in the LS Github - stage('Github-Tag-Push-Release') { - when { - branch "3.22" - expression { - env.LS_RELEASE != env.EXT_RELEASE_CLEAN + '-ls' + env.LS_TAG_NUMBER - } - environment name: 'CHANGE_ID', value: '' - environment name: 'EXIT_STATUS', value: '' - } - steps { - sh '''#! /bin/bash - echo "Auto-generating release notes" - if [ "$(git tag --points-at HEAD)" != "" ]; then - echo "Existing tag points to current commit, suggesting no new LS changes" - AUTO_RELEASE_NOTES="No changes" - else - AUTO_RELEASE_NOTES=$(curl -fsL -H "Authorization: token ${GITHUB_TOKEN}" -H "Accept: application/vnd.github+json" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases/generate-notes \ - -d '{"tag_name":"'${META_TAG}'",\ - "target_commitish": "3.22"}' \ - | jq -r '.body' | sed 's|## What.s Changed||') - fi - echo "Pushing New tag for current commit ${META_TAG}" - curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/git/tags \ - -d '{"tag":"'${META_TAG}'",\ - "object": "'${COMMIT_SHA}'",\ - "message": "Tagging Release '${EXT_RELEASE_CLEAN}'-ls'${LS_TAG_NUMBER}' to 3.22",\ - "type": "commit",\ - "tagger": {"name": "LinuxServer-CI","email": "ci@linuxserver.io","date": "'${GITHUB_DATE}'"}}' - echo "Pushing New release for Tag" - echo "Updating base packages to ${PACKAGE_TAG}" > releasebody.json - jq -n \ - --arg tag_name "$META_TAG" \ - --arg target_commitish "3.22" \ - --arg ci_url "${CI_URL:-N/A}" \ - --arg ls_notes "$AUTO_RELEASE_NOTES" \ - --arg remote_notes "$(cat releasebody.json)" \ - '{ - "tag_name": $tag_name, - "target_commitish": $target_commitish, - "name": $tag_name, - "body": ("**CI Report:**\\n\\n" + $ci_url + "\\n\\n**LinuxServer Changes:**\\n\\n" + $ls_notes + "\\n\\n**Remote Changes:**\\n\\n" + $remote_notes), - "draft": false, - "prerelease": true }' > releasebody.json.done - curl -H "Authorization: token ${GITHUB_TOKEN}" -X POST https://api.github.com/repos/${LS_USER}/${LS_REPO}/releases -d @releasebody.json.done - ''' - } - } - // Add protection to the release branch - stage('Github-Release-Branch-Protection') { - when { - branch "3.22" - environment name: 'CHANGE_ID', value: '' - environment name: 'EXIT_STATUS', value: '' - } - steps { - echo "Setting up protection for release branch 3.22" - sh '''#! /bin/bash - curl -H "Authorization: token ${GITHUB_TOKEN}" -X PUT https://api.github.com/repos/${LS_USER}/${LS_REPO}/branches/3.22/protection \ - -d $(jq -c . << EOF - { - "required_status_checks": null, - "enforce_admins": false, - "required_pull_request_reviews": { - "dismiss_stale_reviews": false, - "require_code_owner_reviews": false, - "require_last_push_approval": false, - "required_approving_review_count": 1 - }, - "restrictions": null, - "required_linear_history": false, - "allow_force_pushes": false, - "allow_deletions": false, - "block_creations": false, - "required_conversation_resolution": true, - "lock_branch": false, - "allow_fork_syncing": false, - "required_signatures": false - } -EOF - ) ''' - } - } - // If this is a Pull request send the CI link as a comment on it - stage('Pull Request Comment') { - when { - not {environment name: 'CHANGE_ID', value: ''} - environment name: 'EXIT_STATUS', value: '' - } - steps { - sh '''#! /bin/bash - # Function to retrieve JSON data from URL - get_json() { - local url="$1" - local response=$(curl -s "$url") - if [ $? -ne 0 ]; then - echo "Failed to retrieve JSON data from $url" - return 1 - fi - local json=$(echo "$response" | jq .) - if [ $? -ne 0 ]; then - echo "Failed to parse JSON data from $url" - return 1 - fi - echo "$json" - } - - build_table() { - local data="$1" - - # Get the keys in the JSON data - local keys=$(echo "$data" | jq -r 'to_entries | map(.key) | .[]') - - # Check if keys are empty - if [ -z "$keys" ]; then - echo "JSON report data does not contain any keys or the report does not exist." - return 1 - fi - - # Build table header - local header="| Tag | Passed |\\n| --- | --- |\\n" - - # Loop through the JSON data to build the table rows - local rows="" - for build in $keys; do - local status=$(echo "$data" | jq -r ".[\\"$build\\"].test_success") - if [ "$status" = "true" ]; then - status="✅" - else - status="❌" - fi - local row="| "$build" | "$status" |\\n" - rows="${rows}${row}" - done - - local table="${header}${rows}" - local escaped_table=$(echo "$table" | sed 's/\"/\\\\"/g') - echo "$escaped_table" - } - - if [[ "${CI}" = "true" ]]; then - # Retrieve JSON data from URL - data=$(get_json "$CI_JSON_URL") - # Create table from JSON data - table=$(build_table "$data") - echo -e "$table" - - curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ - -H "Accept: application/vnd.github.v3+json" \ - "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ - -d "{\\"body\\": \\"I am a bot, here are the test results for this PR: \\n${CI_URL}\\n${SHELLCHECK_URL}\\n${table}\\"}" - else - curl -X POST -H "Authorization: token $GITHUB_TOKEN" \ - -H "Accept: application/vnd.github.v3+json" \ - "https://api.github.com/repos/$LS_USER/$LS_REPO/issues/$PULL_REQUEST/comments" \ - -d "{\\"body\\": \\"I am a bot, here is the pushed image/manifest for this PR: \\n\\n\\`${GITHUBIMAGE}:${META_TAG}\\`\\"}" - fi - ''' - - } - } - } - /* ###################### - Send status to Discord - ###################### */ - post { - always { - sh '''#!/bin/bash - rm -rf /config/.ssh/id_sign - rm -rf /config/.ssh/id_sign.pub - git config --global --unset gpg.format - git config --global --unset user.signingkey - git config --global --unset commit.gpgsign - ''' - script{ - env.JOB_DATE = sh( - script: '''date '+%Y-%m-%dT%H:%M:%S%:z' ''', - returnStdout: true).trim() - if (env.EXIT_STATUS == "ABORTED"){ - sh 'echo "build aborted"' - }else{ - if (currentBuild.currentResult == "SUCCESS"){ - if (env.GITHUBIMAGE =~ /lspipepr/){ - env.JOB_WEBHOOK_STATUS='Success' - env.JOB_WEBHOOK_COLOUR=3957028 - env.JOB_WEBHOOK_FOOTER='PR Build' - }else if (env.GITHUBIMAGE =~ /lsiodev/){ - env.JOB_WEBHOOK_STATUS='Success' - env.JOB_WEBHOOK_COLOUR=3957028 - env.JOB_WEBHOOK_FOOTER='Dev Build' - }else{ - env.JOB_WEBHOOK_STATUS='Success' - env.JOB_WEBHOOK_COLOUR=1681177 - env.JOB_WEBHOOK_FOOTER='Live Build' - } - }else{ - if (env.GITHUBIMAGE =~ /lspipepr/){ - env.JOB_WEBHOOK_STATUS='Failure' - env.JOB_WEBHOOK_COLOUR=12669523 - env.JOB_WEBHOOK_FOOTER='PR Build' - }else if (env.GITHUBIMAGE =~ /lsiodev/){ - env.JOB_WEBHOOK_STATUS='Failure' - env.JOB_WEBHOOK_COLOUR=12669523 - env.JOB_WEBHOOK_FOOTER='Dev Build' - }else{ - env.JOB_WEBHOOK_STATUS='Failure' - env.JOB_WEBHOOK_COLOUR=16711680 - env.JOB_WEBHOOK_FOOTER='Live Build' - } - } - sh ''' curl -X POST -H "Content-Type: application/json" --data '{"avatar_url": "https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/jenkins-avatar.png","embeds": [{"'color'": '${JOB_WEBHOOK_COLOUR}',\ - "footer": {"text" : "'"${JOB_WEBHOOK_FOOTER}"'"},\ - "timestamp": "'${JOB_DATE}'",\ - "description": "**Build:** '${BUILD_NUMBER}'\\n**CI Results:** '${CI_URL}'\\n**ShellCheck Results:** '${SHELLCHECK_URL}'\\n**Status:** '${JOB_WEBHOOK_STATUS}'\\n**Job:** '${RUN_DISPLAY_URL}'\\n**Change:** '${CODE_URL}'\\n**External Release:**: '${RELEASE_LINK}'\\n**DockerHub:** '${DOCKERHUB_LINK}'\\n"}],\ - "username": "Jenkins"}' ${BUILDS_DISCORD} ''' - } - } - } - cleanup { - sh '''#! /bin/bash - echo "Pruning builder!!" - docker builder prune -f --builder container || : - containers=$(docker ps -q) - if [[ -n "${containers}" ]]; then - BUILDX_CONTAINER_ID=$(docker ps -qf 'name=buildx_buildkit') - for container in ${containers}; do - if [[ "${container}" == "${BUILDX_CONTAINER_ID}" ]]; then - echo "skipping buildx container in docker stop" - else - echo "Stopping container ${container}" - docker stop ${container} - fi - done - fi - docker system prune -f --volumes || : - docker image prune -af || : - ''' - cleanWs() - } - } -} - -def retry_backoff(int max_attempts, int power_base, Closure c) { - int n = 0 - while (n < max_attempts) { - try { - c() - return - } catch (err) { - if ((n + 1) >= max_attempts) { - throw err - } - sleep(power_base ** n) - n++ - } - } - return -} diff --git a/README.md b/README.md index 655b2089..a4ef23d9 100644 --- a/README.md +++ b/README.md @@ -1,22 +1 @@ -<!-- DO NOT EDIT THIS FILE MANUALLY --> -<!-- Please read https://github.com/linuxserver/docker-baseimage-alpine/blob/3.22/.github/CONTRIBUTING.md --> -[![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io) - -## Contact information:- - -| Type | Address/Details | -| :---: | --- | -| Discord | [Discord](https://linuxserver.io/discord) | -| IRC | `#linuxserver.io` on irc.libera.chat | -| Forum | [Discourse](https://discourse.linuxserver.io/) | - -A custom base image built with [Alpine Linux](https://alpinelinux.org) and [s6-overlay](https://github.com/just-containers/s6-overlay). - -- Support for using our base images in your own projects is provided on a Reasonable Endeavours basis, please see our [Support Policy](https://www.linuxserver.io/supportpolicy) for details. -- There is no `latest` tag for any of our base images, by design. We often make breaking changes between versions, and we don't publish release notes like we do for the downstream images. -- If you're intending to distribute an image using one of our bases, please read our [docs on container branding](https://docs.linuxserver.io/general/container-branding/) first. -- Alpine releases are supported for 2 years, after which we will stop building new base images for that version. - -The following line is only in this repo for loop testing: - -- { date: "01.01.50:", desc: "I am the release message for this internal repo." } +Docker 基础镜像 \ No newline at end of file diff --git a/jenkins-vars.yml b/jenkins-vars.yml deleted file mode 100644 index 311280d7..00000000 --- a/jenkins-vars.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -# jenkins variables -project_name: docker-baseimage-alpine -external_type: os -release_type: prerelease -release_tag: "3.22" -ls_branch: "3.22" -build_riscv64: true -repo_vars: - - BUILD_VERSION_ARG = 'OS' - - LS_USER = 'linuxserver' - - LS_REPO = 'docker-baseimage-alpine' - - CONTAINER_NAME = 'baseimage-alpine' - - DOCKERHUB_IMAGE = 'lsiobase/alpine' - - DEV_DOCKERHUB_IMAGE = 'lsiodev/alpine' - - PR_DOCKERHUB_IMAGE = 'lspipepr/alpine' - - DIST_IMAGE = 'alpine' - - MULTIARCH='true' - - CI='true' - - CI_WEB='false' - - CI_PORT='80' - - CI_SSL='true' - - CI_DELAY='30' - - CI_DOCKERENV='LSIO_FIRST_PARTY=true' - - CI_AUTH='' - - CI_WEBPATH='' diff --git a/package_versions.txt b/package_versions.txt deleted file mode 100755 index bd67780a..00000000 --- a/package_versions.txt +++ /dev/null @@ -1,52 +0,0 @@ -NAME VERSION TYPE -acl-libs 2.3.2-r1 apk -alpine-baselayout 3.7.0-r0 apk -alpine-baselayout-data 3.7.0-r0 apk -alpine-keys 2.5-r0 apk -alpine-release 3.22.3-r0 apk -apk-tools 2.14.9-r3 apk -bash 5.2.37-r0 apk -brotli-libs 1.1.0-r2 apk -busybox 1.37.0-r20 apk -busybox-binsh 1.37.0-r20 apk -c-ares 1.34.6-r0 apk -ca-certificates 20250911-r0 apk -ca-certificates-bundle 20250911-r0 apk -catatonit 0.2.1-r0 apk -coreutils 9.7-r1 apk -coreutils-env 9.7-r1 apk -coreutils-fmt 9.7-r1 apk -coreutils-sha512sum 9.7-r1 apk -curl 8.14.1-r2 apk -findutils 4.10.0-r0 apk -jq 1.8.1-r0 apk -libapk2 2.14.9-r3 apk -libattr 2.5.2-r2 apk -libbsd 0.12.2-r0 apk -libcrypto3 3.5.5-r0 apk -libcurl 8.14.1-r2 apk -libidn2 2.3.7-r0 apk -libintl 0.24.1-r0 apk -libmd 1.1.0-r0 apk -libncursesw 6.5_p20250503-r0 apk -libproc2 4.0.4-r3 apk -libpsl 0.21.5-r3 apk -libssl3 3.5.5-r0 apk -libunistring 1.3-r0 apk -linux-pam 1.7.0-r4 apk -musl 1.2.5-r10 apk -musl-utils 1.2.5-r10 apk -ncurses-terminfo-base 6.5_p20250503-r0 apk -netcat-openbsd 1.229.1-r0 apk -nghttp2-libs 1.65.0-r0 apk -oniguruma 6.9.10-r0 apk -procps-ng 4.0.4-r3 apk -readline 8.2.13-r1 apk -scanelf 1.3.8-r1 apk -shadow 4.17.3-r0 apk -skalibs-libs 2.14.4.0-r0 apk -ssl_client 1.37.0-r20 apk -tzdata 2026a-r0 apk -utmps-libs 0.1.3.1-r0 apk -zlib 1.3.1-r2 apk -zstd-libs 1.5.7-r0 apk diff --git a/readme-vars.yml b/readme-vars.yml deleted file mode 100644 index c24f57b5..00000000 --- a/readme-vars.yml +++ /dev/null @@ -1,27 +0,0 @@ ---- - -# project information -project_name: baseimage-alpine -full_custom_readme: | - {% raw -%} - [![linuxserver.io](https://raw.githubusercontent.com/linuxserver/docker-templates/master/linuxserver.io/img/linuxserver_medium.png)](https://linuxserver.io) - - ## Contact information:- - - | Type | Address/Details | - | :---: | --- | - | Discord | [Discord](https://linuxserver.io/discord) | - | IRC | `#linuxserver.io` on irc.libera.chat | - | Forum | [Discourse](https://discourse.linuxserver.io/) | - - A custom base image built with [Alpine Linux](https://alpinelinux.org) and [s6-overlay](https://github.com/just-containers/s6-overlay). - - - Support for using our base images in your own projects is provided on a Reasonable Endeavours basis, please see our [Support Policy](https://www.linuxserver.io/supportpolicy) for details. - - There is no `latest` tag for any of our base images, by design. We often make breaking changes between versions, and we don't publish release notes like we do for the downstream images. - - If you're intending to distribute an image using one of our bases, please read our [docs on container branding](https://docs.linuxserver.io/general/container-branding/) first. - - Alpine releases are supported for 2 years, after which we will stop building new base images for that version. - - The following line is only in this repo for loop testing: - - - { date: "01.01.50:", desc: "I am the release message for this internal repo." } - {%- endraw %}