Skip to content
This repository has been archived by the owner on Sep 14, 2024. It is now read-only.

Commit

Permalink
Initial commit
Browse files Browse the repository at this point in the history
  • Loading branch information
@IceCodeNew
IceCodeNew committed Jun 19, 2024
0 parents commit a68a44e
Show file tree
Hide file tree
Showing 8 changed files with 539 additions and 0 deletions.
16 changes: 16 additions & 0 deletions .github/dependabot.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,16 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates

version: 2
updates:
- package-ecosystem: "docker" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"

- package-ecosystem: "github-actions" # See documentation for possible values
directory: "/" # Location of package manifests
schedule:
interval: "weekly"
103 changes: 103 additions & 0 deletions .github/workflows/saveweb-go.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,103 @@
name: ko-built saveweb Images

on:
push:
branches:
- 'master'
paths:
- '.github/workflows/saveweb-go.yml'
schedule:
- cron: "20 * * * *"
workflow_dispatch:

env:
REGISTRY_IMAGE: ${{ secrets.DOCKERHUB_USERNAME }}/saveweb

jobs:
huashijie:
name: Build the huashijie image with ko
runs-on: ubuntu-24.04
steps:
- name: Fetch the latest tag
shell: bash
run: |
curl() { $(type -P curl) -LRq --retry 5 --retry-delay 10 --retry-max-time 60 --fail "$@"; }
huashijie_go_latest_tag=$(curl -L https://git.saveweb.org/saveweb/huashijie_go/tags/list \
| jq -r .results[] | sort -Vr | head -n 1)
if [[ -z "$huashijie_go_latest_tag" ]]; then
echo "FATAL: huashijie_go_latest_tag is empty!"
exit 1
fi
echo "huashijie_go_latest_tag=${huashijie_go_latest_tag}" >> "$GITHUB_ENV"
- name: Checkout git repo
shell: bash
run: |
git clone -j "$(nproc)" \
--no-tags --shallow-submodules --recurse-submodules --depth 1 --single-branch \
--branch "$huashijie_go_latest_tag" \
"https://git.saveweb.org/saveweb/huashijie_go.git" \
./
curl -o '.ko.yaml' -- \
https://raw.githubusercontent.com/saveweb/saveweb-images/master/default.ko.yaml
- uses: actions/setup-go@v5
with:
go-version: 'stable'
check-latest: true

- uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- uses: ko-build/[email protected]
env:
KO_DOCKER_REPO: docker.io/${{ env.REGISTRY_IMAGE }}
- run: ko build --platform=linux/amd64,linux/arm64 --bare --tags 'huashijie' ./cmd/...

acdanmaku:
name: Build the acdanmaku image with ko
runs-on: ubuntu-24.04
steps:
- name: Fetch the latest tag
shell: bash
run: |
curl() { $(type -P curl) -LRq --retry 5 --retry-delay 10 --retry-max-time 60 --fail "$@"; }
acdanmaku_go_latest_tag=$(curl -L https://git.saveweb.org/saveweb/acfunction_go/tags/list \
| jq -r .results[] | sort -Vr | head -n 1)
if [[ -z "$acdanmaku_go_latest_tag" ]]; then
echo "FATAL: acdanmaku_go_latest_tag is empty!"
exit 1
fi
echo "acdanmaku_go_latest_tag=${acdanmaku_go_latest_tag}" >> "$GITHUB_ENV"
- name: Checkout git repo
shell: bash
run: |
git clone -j "$(nproc)" \
--no-tags --shallow-submodules --recurse-submodules --depth 1 --single-branch \
--branch "$acdanmaku_go_latest_tag" \
"https://git.saveweb.org/saveweb/acfunction_go.git" \
./
curl -o '.ko.yaml' -- \
https://raw.githubusercontent.com/saveweb/saveweb-images/master/default.ko.yaml
- uses: actions/setup-go@v5
with:
go-version: 'stable'
check-latest: true

- uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- uses: ko-build/[email protected]
env:
KO_DOCKER_REPO: docker.io/${{ env.REGISTRY_IMAGE }}
- run: ko build --platform=linux/amd64,linux/arm64 --bare --tags 'acdanmaku' ./cmd/...
110 changes: 110 additions & 0 deletions .github/workflows/saveweb.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,110 @@
name: saveweb Images CI

on:
push:
branches:
- 'master'
paths:
- '.github/workflows/saveweb.yml'
- './lowapk-v2.Dockerfile'
schedule:
- cron: "30 1 * * *"
workflow_dispatch:

env:
REGISTRY_IMAGE: ${{ secrets.DOCKERHUB_USERNAME }}/saveweb

jobs:
lowapk-v2:
name: lowapk-v2
runs-on: ubuntu-24.04
strategy:
fail-fast: false
matrix:
include:
- tag: saveweb:lowapk-v2-amd
dockerfile: "./lowapk-v2.Dockerfile"
platforms: linux/amd64
- tag: saveweb:lowapk-v2-arm
dockerfile: "./lowapk-v2.Dockerfile"
platforms: linux/arm64
steps:
-
name: Set up QEMU
uses: docker/setup-qemu-action@v3
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Build and push by digest
id: build
uses: docker/build-push-action@v6
with:
push: true
file: ${{ matrix.dockerfile }}
platforms: ${{ matrix.platforms }}
cache-from: type=gha,scope=${{ matrix.platforms }}
cache-to: type=gha,mode=max,scope=${{ matrix.platforms }}
outputs: type=image,compression=estargz,force-compression=true,oci-mediatypes=true,name=${{ env.REGISTRY_IMAGE }},push-by-digest=true,name-canonical=true,push=true
-
name: Export digest
run: |
mkdir -p /tmp/lowapk-v2-digests/
digest="${{ steps.build.outputs.digest }}"
touch "/tmp/lowapk-v2-digests/${digest#sha256:}"
platform=${{ matrix.platforms }}
echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-
name: Upload digest
uses: actions/upload-artifact@v4
with:
name: lowapk-v2-digests-${{ env.PLATFORM_PAIR }}
path: /tmp/lowapk-v2-digests/*
if-no-files-found: error
retention-days: 1

lowapk-v2-multiarch:
runs-on: ubuntu-24.04
needs:
- lowapk-v2
steps:
-
name: Download digests
uses: actions/download-artifact@v4
with:
path: /tmp/lowapk-v2-digests/
pattern: lowapk-v2-digests-*
merge-multiple: true
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
-
name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Create manifest list and push
working-directory: /tmp/lowapk-v2-digests/
run: |
docker buildx imagetools create --tag ${{ env.REGISTRY_IMAGE }}:lowapk-v2 \
$(printf '${{ env.REGISTRY_IMAGE }}@sha256:%s ' *)
-
name: Inspect image
run: |
docker buildx imagetools inspect ${{ env.REGISTRY_IMAGE }}:lowapk-v2 \
| grep -Po '[^ \r\n\t\v]+@sha256:[a-z0-9]+' | xargs -r -t -n 1 docker buildx imagetools inspect --raw
-
name: Run Trivy vulnerability scanner
uses: aquasecurity/[email protected]
with:
image-ref: "${{ env.REGISTRY_IMAGE }}:lowapk-v2"
format: 'table'
22 changes: 22 additions & 0 deletions .gitignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,22 @@
# If you prefer the allow list template instead of the deny list, see community template:
# https://github.com/github/gitignore/blob/main/community/Golang/Go.AllowList.gitignore
#
# Binaries for programs and plugins
*.exe
*.exe~
*.dll
*.so
*.dylib

# Test binary, built with `go test -c`
*.test

# Output of the go coverage tool, specifically when used with LiteIDE
*.out

# Dependency directories (remove the comment below to include it)
# vendor/

# Go workspace file
go.work
go.work.sum
Loading

0 comments on commit a68a44e

Please sign in to comment.