From f48663a39c4c99dcc5f05cae4489b6ef60df725d Mon Sep 17 00:00:00 2001 From: Jens L Date: Sat, 24 Jun 2023 00:10:27 +0200 Subject: [PATCH] root: add version and commit to container labels (#6054) Signed-off-by: Jens Langhammer --- .github/workflows/ci-main.yml | 2 ++ .github/workflows/ci-outpost.yml | 1 + .github/workflows/release-publish.yml | 2 ++ Dockerfile | 9 ++++++--- ldap.Dockerfile | 8 +++++--- proxy.Dockerfile | 8 +++++--- radius.Dockerfile | 8 +++++--- 7 files changed, 26 insertions(+), 12 deletions(-) diff --git a/.github/workflows/ci-main.yml b/.github/workflows/ci-main.yml index 017257a02..48aa266b5 100644 --- a/.github/workflows/ci-main.yml +++ b/.github/workflows/ci-main.yml @@ -218,6 +218,7 @@ jobs: ghcr.io/goauthentik/dev-server:gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}-${{ steps.ev.outputs.shortHash }} build-args: | GIT_BUILD_HASH=${{ steps.ev.outputs.sha }} + VERSION=${{ steps.ev.outputs.version }} VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }} - name: Comment on PR if: github.event_name == 'pull_request' @@ -262,5 +263,6 @@ jobs: ghcr.io/goauthentik/dev-server:gh-${{ steps.ev.outputs.branchNameContainer }}-${{ steps.ev.outputs.timestamp }}-${{ steps.ev.outputs.shortHash }}-arm64 build-args: | GIT_BUILD_HASH=${{ steps.ev.outputs.sha }} + VERSION=${{ steps.ev.outputs.version }} VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }} platforms: linux/arm64 diff --git a/.github/workflows/ci-outpost.yml b/.github/workflows/ci-outpost.yml index 17d823021..d6ed65932 100644 --- a/.github/workflows/ci-outpost.yml +++ b/.github/workflows/ci-outpost.yml @@ -95,6 +95,7 @@ jobs: file: ${{ matrix.type }}.Dockerfile build-args: | GIT_BUILD_HASH=${{ steps.ev.outputs.sha }} + VERSION=${{ steps.ev.outputs.version }} VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }} platforms: linux/amd64,linux/arm64 context: . diff --git a/.github/workflows/release-publish.yml b/.github/workflows/release-publish.yml index acb4f3895..1600dcbeb 100644 --- a/.github/workflows/release-publish.yml +++ b/.github/workflows/release-publish.yml @@ -43,6 +43,7 @@ jobs: ghcr.io/goauthentik/server:latest platforms: linux/amd64,linux/arm64 build-args: | + VERSION=${{ steps.ev.outputs.version }} VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }} build-outpost: runs-on: ubuntu-latest @@ -90,6 +91,7 @@ jobs: file: ${{ matrix.type }}.Dockerfile platforms: linux/amd64,linux/arm64 build-args: | + VERSION=${{ steps.ev.outputs.version }} VERSION_FAMILY=${{ steps.ev.outputs.versionFamily }} build-outpost-binary: timeout-minutes: 120 diff --git a/Dockerfile b/Dockerfile index 93ab222da..db085ed46 100644 --- a/Dockerfile +++ b/Dockerfile @@ -65,15 +65,18 @@ RUN --mount=type=secret,id=GEOIPUPDATE_ACCOUNT_ID \ # Stage 6: Run FROM docker.io/python:3.11.4-slim-bullseye AS final-image +ARG GIT_BUILD_HASH +ARG VERSION +ENV GIT_BUILD_HASH=$GIT_BUILD_HASH + LABEL org.opencontainers.image.url https://goauthentik.io LABEL org.opencontainers.image.description goauthentik.io Main server image, see https://goauthentik.io for more info. LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik +LABEL org.opencontainers.image.version ${VERSION} +LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH} WORKDIR / -ARG GIT_BUILD_HASH -ENV GIT_BUILD_HASH=$GIT_BUILD_HASH - COPY --from=poetry-locker /work/requirements.txt / COPY --from=poetry-locker /work/requirements-dev.txt / COPY --from=geoip /usr/share/GeoIP /geoip diff --git a/ldap.Dockerfile b/ldap.Dockerfile index 700085957..938069246 100644 --- a/ldap.Dockerfile +++ b/ldap.Dockerfile @@ -10,12 +10,14 @@ RUN go build -o /go/ldap ./cmd/ldap # Stage 2: Run FROM gcr.io/distroless/static-debian11:debug +ARG GIT_BUILD_HASH +ENV GIT_BUILD_HASH=$GIT_BUILD_HASH + LABEL org.opencontainers.image.url https://goauthentik.io LABEL org.opencontainers.image.description goauthentik.io LDAP outpost, see https://goauthentik.io for more info. LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik - -ARG GIT_BUILD_HASH -ENV GIT_BUILD_HASH=$GIT_BUILD_HASH +LABEL org.opencontainers.image.version ${VERSION} +LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH} COPY --from=builder /go/ldap / diff --git a/proxy.Dockerfile b/proxy.Dockerfile index 995c34d69..5a844297f 100644 --- a/proxy.Dockerfile +++ b/proxy.Dockerfile @@ -20,12 +20,14 @@ RUN go build -o /go/proxy ./cmd/proxy # Stage 3: Run FROM gcr.io/distroless/static-debian11:debug +ARG GIT_BUILD_HASH +ENV GIT_BUILD_HASH=$GIT_BUILD_HASH + LABEL org.opencontainers.image.url https://goauthentik.io LABEL org.opencontainers.image.description goauthentik.io Proxy outpost image, see https://goauthentik.io for more info. LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik - -ARG GIT_BUILD_HASH -ENV GIT_BUILD_HASH=$GIT_BUILD_HASH +LABEL org.opencontainers.image.version ${VERSION} +LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH} COPY --from=builder /go/proxy / COPY --from=web-builder /static/robots.txt /web/robots.txt diff --git a/radius.Dockerfile b/radius.Dockerfile index 5c06f72de..e6722e6f1 100644 --- a/radius.Dockerfile +++ b/radius.Dockerfile @@ -10,12 +10,14 @@ RUN go build -o /go/radius ./cmd/radius # Stage 2: Run FROM gcr.io/distroless/static-debian11:debug +ARG GIT_BUILD_HASH +ENV GIT_BUILD_HASH=$GIT_BUILD_HASH + LABEL org.opencontainers.image.url https://goauthentik.io LABEL org.opencontainers.image.description goauthentik.io Radius outpost, see https://goauthentik.io for more info. LABEL org.opencontainers.image.source https://github.com/goauthentik/authentik - -ARG GIT_BUILD_HASH -ENV GIT_BUILD_HASH=$GIT_BUILD_HASH +LABEL org.opencontainers.image.version ${VERSION} +LABEL org.opencontainers.image.revision ${GIT_BUILD_HASH} COPY --from=builder /go/radius /