3pp-mirror/neko
1
0
Fork 0
mirror of https://github.com/m1k1o/neko.git synced 2025-06-14 08:42:40 +02:00
Code Issues Projects Releases Packages Wiki Activity

update workflows.

Browse source
This commit is contained in:
Miroslav Šedivý 2025-03-29 22:24:06 +01:00
parent 88f52eae4d
commit f1c9810a76
9 changed files with 643 additions and 567 deletions
Download patch file Download diff file Expand all files Collapse all files

128
.github/workflows/ghcr-amd.yml vendored
View file

@ -1,128 +0,0 @@
name: "amd64 images"
on:
push:
tags:
- 'v*'
env:
REGISTRY: ghcr.io
IMAGE_NAME: m1k1o/neko
TAG_PREFIX: ""
RUNTIME_DOCKERFILE: Dockerfile
PLATFORMS: linux/amd64
jobs:
build-base:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Generate base Dockerfile
run: RUNTIME_DOCKERFILE=${{ env.RUNTIME_DOCKERFILE }} ./docker/main.go -i Dockerfile.tmpl -o Dockerfile
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: ./
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- tag: firefox
- tag: waterfox
- tag: chromium
- tag: google-chrome
- tag: ungoogled-chromium
- tag: microsoft-edge
- tag: brave
- tag: vivaldi
- tag: opera
- tag: tor-browser
- tag: remmina
- tag: vlc
- tag: xfce
- tag: kde
env:
TAG_NAME: ${{ matrix.tag }}
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}${{ env.TAG_NAME }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: apps/${{ env.TAG_NAME }}
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base:sha-${{ github.sha }}

163
.github/workflows/ghcr-arm.yml vendored
View file

@ -1,163 +0,0 @@
name: "arm64v8 and arm32v7 images"
on:
push:
tags:
- 'v*'
env:
REGISTRY: ghcr.io
IMAGE_NAME: m1k1o/neko
TAG_PREFIX: arm-
RUNTIME_DOCKERFILE: Dockerfile.arm
PLATFORMS: linux/arm64,linux/arm/v7
jobs:
build-client:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up node
uses: actions/setup-node@v3
with:
node-version: 18.x
-
name: Build client
run: |
cd client
npm install
npm run build
-
name: Upload client dist
uses: actions/upload-artifact@v3
with:
name: client-dist
path: client/dist
build-base:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
needs: [ build-client ]
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Download client dist
uses: actions/download-artifact@v3
with:
name: client-dist
path: client/dist
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Generate base Dockerfile
run: RUNTIME_DOCKERFILE=${{ env.RUNTIME_DOCKERFILE }} ./docker/main.go -i Dockerfile.tmpl -o Dockerfile
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: ./
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- tag: firefox
dockerfile: Dockerfile.arm
- tag: chromium
dockerfile: Dockerfile.arm
- tag: ungoogled-chromium
dockerfile: Dockerfile
- tag: tor-browser
dockerfile: Dockerfile
- tag: vlc
dockerfile: Dockerfile
- tag: xfce
dockerfile: Dockerfile
env:
TAG_NAME: ${{ matrix.tag }}
DOCKERFILE: ${{ matrix.dockerfile }}
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}${{ env.TAG_NAME }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: apps/${{ env.TAG_NAME }}
file: apps/${{ env.TAG_NAME }}/${{ env.DOCKERFILE }}
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base:sha-${{ github.sha }}

128
.github/workflows/ghcr-intel.yml vendored
View file

@ -1,128 +0,0 @@
name: "intel gpu supported images"
on:
push:
tags:
- 'v*'
env:
REGISTRY: ghcr.io
IMAGE_NAME: m1k1o/neko
TAG_PREFIX: intel-
RUNTIME_DOCKERFILE: Dockerfile.intel
PLATFORMS: linux/amd64
jobs:
build-base:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Generate base Dockerfile
run: RUNTIME_DOCKERFILE=${{ env.RUNTIME_DOCKERFILE }} ./docker/main.go -i Dockerfile.tmpl -o Dockerfile
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: ./
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- tag: firefox
- tag: chromium
- tag: google-chrome
- tag: ungoogled-chromium
- tag: microsoft-edge
- tag: brave
- tag: vivaldi
- tag: opera
- tag: tor-browser
- tag: remmina
- tag: vlc
- tag: xfce
- tag: kde
env:
TAG_NAME: ${{ matrix.tag }}
DOCKERFILE: ${{ matrix.dockerfile }}
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}${{ env.TAG_NAME }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: apps/${{ env.TAG_NAME }}
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base:sha-${{ github.sha }}

126
.github/workflows/ghcr-nvidia.yml vendored
View file

@ -1,126 +0,0 @@
name: "nvidia gpu supported images"
on:
push:
tags:
- 'v*'
env:
REGISTRY: ghcr.io
IMAGE_NAME: m1k1o/neko
TAG_PREFIX: nvidia-
RUNTIME_DOCKERFILE: Dockerfile.nvidia
PLATFORMS: linux/amd64
jobs:
build-base:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Generate base Dockerfile
run: RUNTIME_DOCKERFILE=${{ env.RUNTIME_DOCKERFILE }} ./docker/main.go -i Dockerfile.tmpl -o Dockerfile
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: ./
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build:
runs-on: ubuntu-latest
#
# do not run on forks
#
if: github.repository_owner == 'm1k1o'
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- tag: firefox
dockerfile: Dockerfile.nvidia
- tag: brave
dockerfile: Dockerfile.nvidia
- tag: chromium
dockerfile: Dockerfile.nvidia
- tag: google-chrome
dockerfile: Dockerfile.nvidia
- tag: microsoft-edge
dockerfile: Dockerfile.nvidia
env:
TAG_NAME: ${{ matrix.tag }}
DOCKERFILE: ${{ matrix.dockerfile }}
steps:
-
name: Checkout
uses: actions/checkout@v2
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v3
id: meta
with:
images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}${{ env.TAG_NAME }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
-
name: Log in to the Container registry
uses: docker/login-action@v1
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GHCR_ACCESS_TOKEN }}
-
name: Build and push
uses: docker/build-push-action@v2
with:
context: apps/${{ env.TAG_NAME }}
file: apps/${{ env.TAG_NAME }}/${{ env.DOCKERFILE }}
platforms: ${{ env.PLATFORMS }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}/${{ env.TAG_PREFIX }}base:sha-${{ github.sha }}

130
.github/workflows/ghcr_amd64.yml vendored Normal file
View file

@ -0,0 +1,130 @@
name: "amd64 images"
on:
push:
tags:
- 'v*'
env:
# Prefix for the image name.
FLAVOR_PREFIX: ""
# Will be used in the Dockerfile generation script.
RUNTIME_DOCKERFILE: Dockerfile
# The platforms to build for.
PLATFORMS: linux/amd64
jobs:
build-base:
name: Build base image
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate base Dockerfile
run: ./docker/main.go -i Dockerfile.tmpl -o Dockerfile
- name: Build and push
uses: docker/build-push-action@v6
with:
context: ./
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ env.PLATFORMS }}
build-apps:
name: Build application images
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- name: firefox
- name: waterfox
- name: chromium
- name: google-chrome
- name: ungoogled-chromium
- name: microsoft-edge
- name: brave
- name: vivaldi
- name: opera
- name: tor-browser
- name: remmina
- name: vlc
- name: xfce
- name: kde
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}${{ matrix.name }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: apps/${{ matrix.name }}
file: apps/${{ matrix.name }}/${ matrix.dockerfile || 'Dockerfile' }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}base:sha-${{ github.sha }}
platforms: ${{ env.PLATFORMS }}

158
.github/workflows/ghcr_arm.yml vendored Normal file
View file

@ -0,0 +1,158 @@
name: "arm64v8 and arm32v7 images"
on:
push:
tags:
- 'v*'
env:
# Prefix for the image name.
FLAVOR_PREFIX: "arm-"
# Will be used in the Dockerfile generation script.
RUNTIME_DOCKERFILE: Dockerfile.arm
# The platforms to build for.
PLATFORMS: linux/arm64,linux/arm/v7
jobs:
build-client:
name: Build client artifacts
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
with:
fetch-depth: 0
- uses: actions/setup-node@v4
with:
node-version: 18
cache: npm
cache-dependency-path: client/package-lock.json
- name: Install dependencies
working-directory: ./client
run: npm ci
- name: Build client
working-directory: ./client
run: npm run build
- name: Upload artifacts
uses: actions/upload-artifact@v4
with:
name: client
path: client/dist
build-base:
name: Build base image
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Download client dist
uses: actions/download-artifact@v4
with:
name: client
path: client/dist
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate base Dockerfile
run: ./docker/main.go -i Dockerfile.tmpl -o Dockerfile -client client/dist
- name: Build and push
uses: docker/build-push-action@v6
with:
context: ./
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ env.PLATFORMS }}
build-apps:
name: Build application images
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- name: firefox
dockerfile: Dockerfile.arm
- name: chromium
dockerfile: Dockerfile.arm
- name: ungoogled-chromium
- name: tor-browser
- name: vlc
- name: xfce
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}${{ matrix.name }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: apps/${{ matrix.name }}
file: apps/${{ matrix.name }}/${ matrix.dockerfile || 'Dockerfile' }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}base:sha-${{ github.sha }}
platforms: ${{ env.PLATFORMS }}

130
.github/workflows/ghcr_intel.yml vendored Normal file
View file

@ -0,0 +1,130 @@
name: "intel gpu supported images"
on:
push:
tags:
- 'v*'
env:
# Prefix for the image name.
FLAVOR_PREFIX: "intel-"
# Will be used in the Dockerfile generation script.
RUNTIME_DOCKERFILE: Dockerfile.intel
# The platforms to build for.
PLATFORMS: linux/amd64
jobs:
build-base:
name: Build base image
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate base Dockerfile
run: ./docker/main.go -i Dockerfile.tmpl -o Dockerfile
- name: Build and push
uses: docker/build-push-action@v6
with:
context: ./
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ env.PLATFORMS }}
build-apps:
name: Build application images
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- name: firefox
- name: waterfox
- name: chromium
- name: google-chrome
- name: ungoogled-chromium
- name: microsoft-edge
- name: brave
- name: vivaldi
- name: opera
- name: tor-browser
- name: remmina
- name: vlc
- name: xfce
- name: kde
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}${{ matrix.name }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: apps/${{ matrix.name }}
file: apps/${{ matrix.name }}/${ matrix.dockerfile || 'Dockerfile' }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}base:sha-${{ github.sha }}
platforms: ${{ env.PLATFORMS }}

126
.github/workflows/ghcr_nvidia.yml vendored Normal file
View file

@ -0,0 +1,126 @@
name: "nvidia gpu supported images"
on:
push:
tags:
- 'v*'
env:
# Prefix for the image name.
FLAVOR_PREFIX: "nvidia-"
# Will be used in the Dockerfile generation script.
RUNTIME_DOCKERFILE: Dockerfile.nvidia
# The platforms to build for.
PLATFORMS: linux/amd64
jobs:
build-base:
name: Build base image
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}base
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Generate base Dockerfile
run: ./docker/main.go -i Dockerfile.tmpl -o Dockerfile
- name: Build and push
uses: docker/build-push-action@v6
with:
context: ./
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
platforms: ${{ env.PLATFORMS }}
build-apps:
name: Build application images
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
needs: [ build-base ]
strategy:
# Will build all images even if some fail.
matrix:
include:
- name: firefox
dockerfile: Dockerfile.nvidia
- name: brave
dockerfile: Dockerfile.nvidia
- name: chromium
dockerfile: Dockerfile.nvidia
- name: google-chrome
dockerfile: Dockerfile.nvidia
- name: microsoft-edge
dockerfile: Dockerfile.nvidia
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 0
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Extract metadata (tags, labels) for Docker
uses: docker/metadata-action@v5
id: meta
with:
images: ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}${{ matrix.name }}
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=sha,format=long
- name: Log in to the Container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Build and push
uses: docker/build-push-action@v6
with:
context: apps/${{ matrix.name }}
file: apps/${{ matrix.name }}/${ matrix.dockerfile || 'Dockerfile' }}
push: true
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
build-args: |
BASE_IMAGE=ghcr.io/${{ github.repository }}/${{ env.FLAVOR_PREFIX }}base:sha-${{ github.sha }}
platforms: ${{ env.PLATFORMS }}

121
docker/main.go
View file

@ -6,6 +6,8 @@ it pastes the content of the referenced Dockerfile into the current Dockerfile w
- It takes the ARG variables defined before the FROM command and prepends them with the alias of the
FROM command. It also replaces any occurrences of the ARG variables in the Dockerfile with the new prefixed
variables. Then it writes them to the beginning of the new Dockerfile.
- It allows user to specify -client flag to just include already built client directory in the Dockerfile.
If no client path is specified, it will build the client from the Dockerfile.
It allows to split large multi-stage Dockerfiles into own directories where they can be built independently. It also
allows to dynamically join these Dockerfiles into a single Dockerfile based on various conditions.
@ -26,6 +28,7 @@ import (
func main() {
inputPath := flag.String("i", "", "Path to the input Dockerfile")
outputPath := flag.String("o", "", "Path to the output Dockerfile")
clientPath := flag.String("client", "", "Path to the client directory, if not set, the client will be built")
flag.Parse()
if *inputPath == "" {
@ -39,7 +42,7 @@ func main() {
os.Exit(1)
}
err = processDockerfile(buildcontext, *outputPath)
err = processDockerfile(buildcontext, *outputPath, *clientPath)
if err != nil {
log.Printf("Error: %v\n", err)
os.Exit(1)
@ -112,28 +115,17 @@ func relativeDockerFile(buf *bytes.Buffer, ctx BuildContext, newContextPath, ali
// modify COPY and ADD lines
if strings.HasPrefix(line, "COPY") || strings.HasPrefix(line, "ADD") {
parts := strings.Fields(line)
containsFrom := false
localPathIndex := 0
for i, part := range parts {
if strings.HasPrefix(part, "--from=") {
containsFrom = true
continue
}
if strings.HasPrefix(part, "--") {
continue
}
if localPathIndex == 0 && i > 0 {
localPathIndex = i
}
// parse the COPY/ADD command
cmd, err := ParseCopyAddCommand(line)
if err != nil {
return nil, fmt.Errorf("failed to parse COPY/ADD command: %w", err)
}
if !containsFrom {
// only replace if not using --from
if _, ok := cmd.Args["from"]; !ok {
// replace the local part with the new context path
parts[localPathIndex] = filepath.Join(newContextPath, parts[localPathIndex])
newLine := strings.Join(parts, " ")
buf.WriteString(newLine + "\n")
cmd.From = filepath.Join(newContextPath, cmd.From)
buf.WriteString(cmd.String() + "\n")
continue
}
}
@ -153,7 +145,7 @@ func relativeDockerFile(buf *bytes.Buffer, ctx BuildContext, newContextPath, ali
}
// processDockerfile processes the Dockerfile and resolves sub-Dockerfiles in it
func processDockerfile(ctx BuildContext, outputPath string) error {
func processDockerfile(ctx BuildContext, outputPath, clientPath string) error {
// read the Dockerfile
file, err := os.Open(ctx.DockerfilePath())
if err != nil {
@ -177,6 +169,11 @@ func processDockerfile(ctx BuildContext, outputPath string) error {
return fmt.Errorf("failed to parse FROM command: %w", err)
}
// if we are not building the client, skip this line
if clientPath != "" && cmd.Alias == "client" {
continue
}
// resolve environment variables in the image name
cmd.Image = os.ExpandEnv(cmd.Image)
@ -196,6 +193,25 @@ func processDockerfile(ctx BuildContext, outputPath string) error {
continue
}
// modify COPY and ADD lines
if strings.HasPrefix(line, "COPY") || strings.HasPrefix(line, "ADD") {
// parse the COPY/ADD command
cmd, err := ParseCopyAddCommand(line)
if err != nil {
return fmt.Errorf("failed to parse COPY/ADD command: %w", err)
}
fmt.Fprintln(os.Stderr, "COPY/ADD command:", cmd)
// if we are not building the client, take if from the client path
if clientPath != "" && cmd.Args["from"] == "client" {
delete(cmd.Args, "from")
cmd.From = clientPath
newDockerfile.WriteString(cmd.String() + "\n")
continue
}
}
// copy all other lines as is
newDockerfile.WriteString(line + "\n")
}
@ -206,7 +222,8 @@ func processDockerfile(ctx BuildContext, outputPath string) error {
}
// add the global ARGs to the beginning of the new Dockerfile
outBytes := append([]byte(globalArgs.MultiLineString()), newDockerfile.Bytes()...)
prefix := "# THIS FILE IS GENERATED, DO NOT EDIT\n"
outBytes := append([]byte(prefix+globalArgs.MultiLineString()), newDockerfile.Bytes()...)
if outputPath != "" {
// write the new Dockerfile to the output path
@ -354,3 +371,63 @@ func (ac ArgCommand) ReplaceArgPrefix(prefix string, val string) string {
}
return val
}
// CopyAddCommand represents the COPY and ADD commands in a Dockerfile
type CopyAddCommand struct {
Command string
Args map[string]string
From string
To string
}
func ParseCopyAddCommand(line string) (ca CopyAddCommand, err error) {
parts := strings.Fields(line)
if len(parts) < 2 || (strings.ToLower(parts[0]) != "copy" && strings.ToLower(parts[0]) != "add") {
err = fmt.Errorf("invalid COPY/ADD line: %s", line)
return
}
ca.Command = parts[0]
ca.Args = make(map[string]string)
for i := 1; i < len(parts); i++ {
if strings.HasPrefix(parts[i], "--") {
kv := strings.SplitN(parts[i][2:], "=", 2)
if len(kv) == 2 {
ca.Args[kv[0]] = kv[1]
} else {
ca.Args[kv[0]] = ""
}
continue
}
if ca.From == "" {
ca.From = parts[i]
continue
}
if ca.To == "" {
ca.To = parts[i]
continue
}
}
return
}
func (ca *CopyAddCommand) String() string {
var sb strings.Builder
sb.WriteString(ca.Command + " ")
for k, v := range ca.Args {
sb.WriteString("--" + k)
if v != "" {
sb.WriteString("=" + v)
}
sb.WriteString(" ")
}
if ca.From != "" {
sb.WriteString(ca.From + " ")
}
if ca.To != "" {
sb.WriteString(ca.To)
}
return sb.String()
}