95bce9c9e7
* outposts/proxy: always embed static assets, still check local Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: add initial ci to build outpost as binary Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: fix typo, build web Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: upload to release on publish, only run linux on ci Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: ensure latest go is used Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> * ci: split e2e tests into two halves Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
182 lines
6.3 KiB
YAML
182 lines
6.3 KiB
YAML
name: authentik-on-release
|
|
|
|
on:
|
|
release:
|
|
types: [published, created]
|
|
|
|
jobs:
|
|
# Build
|
|
build-server:
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v1.2.0
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
- name: Docker Login Registry
|
|
uses: docker/login-action@v1
|
|
with:
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
- name: Login to GitHub Container Registry
|
|
uses: docker/login-action@v1
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Building Docker Image
|
|
uses: docker/build-push-action@v2
|
|
with:
|
|
push: ${{ github.event_name == 'release' }}
|
|
tags: |
|
|
beryju/authentik:2021.12.1,
|
|
beryju/authentik:latest,
|
|
ghcr.io/goauthentik/server:2021.12.1,
|
|
ghcr.io/goauthentik/server:latest
|
|
platforms: linux/amd64,linux/arm64
|
|
context: .
|
|
- name: Building Docker Image (stable)
|
|
if: ${{ github.event_name == 'release' && !contains('2021.12.1', 'rc') }}
|
|
run: |
|
|
docker pull beryju/authentik:latest
|
|
docker tag beryju/authentik:latest beryju/authentik:stable
|
|
docker push beryju/authentik:stable
|
|
docker pull ghcr.io/goauthentik/server:latest
|
|
docker tag ghcr.io/goauthentik/server:latest ghcr.io/goauthentik/server:stable
|
|
docker push ghcr.io/goauthentik/server:stable
|
|
build-outpost:
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
type:
|
|
- proxy
|
|
- ldap
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: "^1.17"
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v1.2.0
|
|
- name: Set up Docker Buildx
|
|
uses: docker/setup-buildx-action@v1
|
|
- name: Docker Login Registry
|
|
uses: docker/login-action@v1
|
|
with:
|
|
username: ${{ secrets.DOCKER_USERNAME }}
|
|
password: ${{ secrets.DOCKER_PASSWORD }}
|
|
- name: Login to GitHub Container Registry
|
|
uses: docker/login-action@v1
|
|
with:
|
|
registry: ghcr.io
|
|
username: ${{ github.repository_owner }}
|
|
password: ${{ secrets.GITHUB_TOKEN }}
|
|
- name: Building Docker Image
|
|
uses: docker/build-push-action@v2
|
|
with:
|
|
push: ${{ github.event_name == 'release' }}
|
|
tags: |
|
|
beryju/authentik-${{ matrix.type }}:2021.12.1,
|
|
beryju/authentik-${{ matrix.type }}:latest,
|
|
ghcr.io/goauthentik/${{ matrix.type }}:2021.12.1,
|
|
ghcr.io/goauthentik/${{ matrix.type }}:latest
|
|
file: ${{ matrix.type }}.Dockerfile
|
|
platforms: linux/amd64,linux/arm64
|
|
- name: Building Docker Image (stable)
|
|
if: ${{ github.event_name == 'release' && !contains('2021.12.1', 'rc') }}
|
|
run: |
|
|
docker pull beryju/authentik-${{ matrix.type }}:latest
|
|
docker tag beryju/authentik-${{ matrix.type }}:latest beryju/authentik-${{ matrix.type }}:stable
|
|
docker push beryju/authentik-${{ matrix.type }}:stable
|
|
docker pull ghcr.io/goauthentik/${{ matrix.type }}:latest
|
|
docker tag ghcr.io/goauthentik/${{ matrix.type }}:latest ghcr.io/goauthentik/${{ matrix.type }}:stable
|
|
docker push ghcr.io/goauthentik/${{ matrix.type }}:stable
|
|
build-outpost-binary:
|
|
timeout-minutes: 120
|
|
needs:
|
|
- ci-outpost-mark
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
type:
|
|
- proxy
|
|
- ldap
|
|
goos: [linux, windows, darwin]
|
|
goarch: ["386", amd64, arm64]
|
|
exclude:
|
|
- goarch: "386"
|
|
goos: darwin
|
|
- goarch: arm64
|
|
goos: windows
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- uses: actions/setup-go@v2
|
|
with:
|
|
go-version: "^1.17"
|
|
- uses: actions/setup-node@v2
|
|
with:
|
|
node-version: '16'
|
|
cache: 'npm'
|
|
cache-dependency-path: web/package-lock.json
|
|
- name: Build web
|
|
run: |
|
|
cd web
|
|
npm install
|
|
npm run build-proxy
|
|
- name: Build outpost
|
|
run: |
|
|
set -x
|
|
export GOOS=${{ matrix.goos }}
|
|
export GOARCH=${{ matrix.goarch }}
|
|
go build -tags=outpost_static_embed -v -o ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }} ./cmd/${{ matrix.type }}
|
|
- name: Upload binaries to release
|
|
uses: svenstaro/upload-release-action@v2
|
|
with:
|
|
repo_token: ${{ secrets.GITHUB_TOKEN }}
|
|
file: ./authentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
|
|
asset_name: hentik-outpost-${{ matrix.type }}_${{ matrix.goos }}_${{ matrix.goarch }}
|
|
tag: ${{ github.ref }}
|
|
test-release:
|
|
needs:
|
|
- build-server
|
|
- build-outpost
|
|
- build-outpost-binary
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- name: Run test suite in final docker images
|
|
run: |
|
|
echo "PG_PASS=$(openssl rand -base64 32)" >> .env
|
|
echo "AUTHENTIK_SECRET_KEY=$(openssl rand -base64 32)" >> .env
|
|
docker-compose pull -q
|
|
docker-compose up --no-start
|
|
docker-compose start postgresql redis
|
|
docker-compose run -u root server test
|
|
sentry-release:
|
|
needs:
|
|
- test-release
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- uses: actions/checkout@v2
|
|
- name: Get static files from docker image
|
|
run: |
|
|
docker pull ghcr.io/goauthentik/server:latest
|
|
container=$(docker container create ghcr.io/goauthentik/server:latest)
|
|
docker cp ${container}:web/ .
|
|
- name: Create a Sentry.io release
|
|
uses: getsentry/action-release@v1
|
|
if: ${{ github.event_name == 'release' }}
|
|
env:
|
|
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
|
|
SENTRY_ORG: beryjuorg
|
|
SENTRY_PROJECT: authentik
|
|
SENTRY_URL: https://sentry.beryju.org
|
|
with:
|
|
version: authentik@2021.12.1
|
|
environment: beryjuorg-prod
|
|
sourcemaps: './web/dist'
|
|
url_prefix: '~/static/dist'
|