0ct0pu5/runtipi
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Improve CI workflows for releases

Browse source
This commit is contained in:
Nicolas Meienberger 2022-05-18 18:50:53 +02:00
parent 26279ab59d
commit 509ffb6ba2
12 changed files with 264 additions and 128 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

53
.github/workflows/build-images.yml vendored
View file

@ -1,53 +0,0 @@
name: Docker build
on:
push:
branches:
- 'master'
jobs:
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Get tag from VERSION file
id: meta
run: |
VERSION=$(cat VERSION)
TAG=${VERSION}
echo "::set-output name=tag::${TAG}"
-
name: Build and push dashboard
uses: docker/build-push-action@v2
with:
context: ./packages/dashboard
platforms: linux/amd64,linux/arm64
push: true
tags: meienberger/tipi-dashboard:latest,meienberger/tipi-dashboard:${{ steps.meta.outputs.TAG }}
cache-from: type=registry,ref=meienberger/tipi-dashboard:latest
cache-to: type=inline
-
name: Build and push api
uses: docker/build-push-action@v2
with:
context: ./packages/system-api
platforms: linux/amd64,linux/arm64
push: true
tags: meienberger/tipi-api:latest,meienberger/tipi-api:${{ steps.meta.outputs.TAG }}
cache-from: type=registry,ref=meienberger/tipi-api:latest
cache-to: type=inline

19
.github/workflows/ci.yml vendored
View file

@ -46,21 +46,4 @@ jobs:
run: pnpm -r lint
- name: Run tests
run: pnpm -r test
# Test installation script
test-install:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Check if user id 1000 exists
run: |
if [[ ! $(id -u 1000) -eq 1000 ]]; then
echo "Creating user 1000"
sudo useradd -u 1000 test
fi
id: check-user-id
- name: Run install script
run: sudo ./scripts/start.sh true
run: pnpm -r test

101
.github/workflows/release-candidate.yml vendored Normal file
View file

@ -0,0 +1,101 @@
name: Release candidate
on:
pull_request:
branches:
- master
jobs:
verify:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 2
- uses: technote-space/get-diff-action@v6
with:
FILES: |
VERSION
- name: Ensure env.MATCHED_FILES has VERSION in it
id: check-version
run: |
if [[ -z "${{ env.MATCHED_FILES }}" ]]; then
echo "::error::VERSION not modified"
exit 1
fi
if [[ ! "${{ env.MATCHED_FILES }}" =~ VERSION ]]; then
echo "::error::VERSION not modified"
exit 1
fi
- uses: vishnudxb/cancel-workflow@v1.2
if: failure()
with:
repo: meienberger/runtipi
workflow_id: ${{ github.run_id }}
access_token: ${{ github.token }}
# Build images and publish RCs to DockerHub
build-images:
runs-on: ubuntu-latest
steps:
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
- name: Get tag from VERSION file
id: meta
run: |
VERSION=$(cat VERSION)
TAG=${VERSION}
echo "::set-output name=tag::${TAG}"
- name: Build and push dashboard
uses: docker/build-push-action@v2
with:
context: ./packages/dashboard
platforms: linux/amd64,linux/arm64
push: true
tags: meienberger/tipi-dashboard:rc-${{ steps.meta.outputs.TAG }}
cache-from: type=registry,ref=meienberger/tipi-dashboard:latest
cache-to: type=inline
- name: Build and push api
uses: docker/build-push-action@v2
with:
context: ./packages/system-api
platforms: linux/amd64,linux/arm64
push: true
tags: meienberger/tipi-api:rc-${{ steps.meta.outputs.TAG }}
cache-from: type=registry,ref=meienberger/tipi-api:latest
cache-to: type=inline
# Test installation script
test-install:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Check if user id 1000 exists
run: |
if [[ ! $(id -u 1000) -eq 1000 ]]; then
echo "Creating user 1000"
sudo useradd -u 1000 test
fi
id: check-user-id
- name: Run install script
run: sudo ./scripts/start.sh --rc --ci

50
.github/workflows/release.yml vendored
View file

@ -1,5 +1,5 @@
name: Build & Deploy
name: Publish release
on:
push:
branches:
@ -29,4 +29,50 @@ jobs:
tag_name: ${{ steps.create_tag.outputs.version }}
release_name: ${{ steps.create_tag.outputs.version }}
draft: false
prerelease: false
prerelease: false
docker:
runs-on: ubuntu-latest
steps:
-
name: Checkout
uses: actions/checkout@v3
-
name: Set up QEMU
uses: docker/setup-qemu-action@v1
-
name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
-
name: Login to DockerHub
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}
-
name: Get tag from VERSION file
id: meta
run: |
VERSION=$(cat VERSION)
TAG=${VERSION}
echo "::set-output name=tag::${TAG}"
-
name: Build and push dashboard
uses: docker/build-push-action@v2
with:
context: ./packages/dashboard
platforms: linux/amd64,linux/arm64
push: true
tags: meienberger/tipi-dashboard:latest,meienberger/tipi-dashboard:${{ steps.meta.outputs.TAG }}
cache-from: type=registry,ref=meienberger/tipi-dashboard:latest
cache-to: type=inline
-
name: Build and push api
uses: docker/build-push-action@v2
with:
context: ./packages/system-api
platforms: linux/amd64,linux/arm64
push: true
tags: meienberger/tipi-api:latest,meienberger/tipi-api:${{ steps.meta.outputs.TAG }}
cache-from: type=registry,ref=meienberger/tipi-api:latest
cache-to: type=inline

34
.github/workflows/verify-release.yml vendored
View file

@ -1,34 +0,0 @@
name: Verify release
on:
pull_request:
branches:
- master
jobs:
verify:
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v3
with:
fetch-depth: 2
- uses: technote-space/get-diff-action@v6
with:
FILES: |
VERSION
- name: Ensure env.MATCHED_FILES has VERSION in it
id: check-version
run: |
if [[ -z "${{ env.MATCHED_FILES }}" ]]; then
echo "::error::VERSION not modified"
exit 1
fi
if [[ ! "${{ env.MATCHED_FILES }}" =~ VERSION ]]; then
echo "::error::VERSION not modified"
exit 1
fi

60
docker-compose.rc.yml Normal file
View file

@ -0,0 +1,60 @@
version: "3.7"
services:
reverse-proxy:
container_name: reverse-proxy
image: traefik:v2.6
restart: always
ports:
- 80:80
- 8080:8080
command: --api.insecure=true --providers.docker
volumes:
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${PWD}/traefik:/root/.config
networks:
- tipi_main_network
api:
image: meienberger/tipi-api:rc-${TIPI_VERSION}
container_name: api
ports:
- 3001:3001
volumes:
## Docker sock
- /var/run/docker.sock:/var/run/docker.sock:ro
- ${PWD}:/tipi
environment:
- INTERNAL_IP=${INTERNAL_IP}
- TIPI_VERSION=${TIPI_VERSION}
- JWT_SECRET=${JWT_SECRET}
- ROOT_FOLDER_HOST=${ROOT_FOLDER_HOST}
networks:
- tipi_main_network
dashboard:
image: meienberger/tipi-dashboard:rc-${TIPI_VERSION}
container_name: dashboard
ports:
- 3000:3000
networks:
- tipi_main_network
environment:
- INTERNAL_IP=${INTERNAL_IP}
labels:
traefik.enable: true
traefik.http.routers.dashboard.rule: PathPrefix("/") # Host(`tipi.local`) &&
traefik.http.routers.dashboard.entrypoints: webinsecure
traefik.http.routers.dashboard.service: dashboard
traefik.http.services.dashboard.loadbalancer.server.port: 3000
networks:
tipi_main_network:
driver: bridge
driver_opts:
com.docker.network.bridge.enable_ip_masquerade: "true"
com.docker.network.bridge.enable_icc: "true"
ipam:
driver: default
config:
- subnet: 10.21.21.0/24

1
package.json
View file

@ -7,6 +7,7 @@
"act:test-install": "act --container-architecture linux/amd64 -j test-install",
"act:docker": "act --container-architecture linux/amd64 --secret-file github.secrets -j docker",
"start:dev": "docker-compose -f docker-compose.dev.yml --env-file .env.dev up --build",
"start:rc": "docker-compose -f docker-compose.rc.yml --env-file .env up --build",
"start:prod": "docker-compose --env-file .env up --build"
},
"dependencies": {},

2
packages/dashboard/.prettierrc.js
View file

@ -1,6 +1,6 @@
module.exports = {
singleQuote: true,
semi: true,
trailingComma: "all",
trailingComma: 'all',
printWidth: 200,
};

8
packages/dashboard/Dockerfile
View file

@ -1,13 +1,13 @@
FROM node:18
FROM node:18-buster-slim
WORKDIR /app
COPY ./package.json ./
RUN yarn
RUN npm install
COPY ./ ./
RUN yarn build
RUN npm run build
CMD ["yarn", "start"]
CMD ["npm", "run", "start"]

2
packages/dashboard/Dockerfile.dev
View file

@ -1,4 +1,4 @@
FROM node:latest
FROM node:18-buster-slim
WORKDIR /app

4
packages/system-api/src/modules/system/system.controller.ts
View file

@ -75,7 +75,9 @@ const getVersion = async (_: Request, res: Response<{ current: string; latest: s
version = json.name.replace('v', '');
}
res.status(200).send({ current: config.VERSION, latest: version });
TipiCache.set('latestVersion', version.replace('v', ''));
res.status(200).send({ current: config.VERSION, latest: version.replace('v', '') });
};
export default { getCpuInfo, getDiskInfo, getMemoryInfo, getVersion };

58
scripts/start.sh
View file

@ -8,19 +8,34 @@ else
readlink=readlink
fi
config_only="$1"
while [ -n "$1" ]; do # while loop starts
case "$1" in
--rc) rc="true" ;;
--ci) ci="true" ;;
--)
shift # The double dash makes them parameters
break
;;
*) echo "Option $1 not recognized" && exit 1 ;;
esac
shift
done
# Check we are on linux
if [[ "$(uname)" != "Linux" ]]; then
echo "Tipi only works on Linux"
exit 1
fi
ROOT_FOLDER="$($readlink -f $(dirname "${BASH_SOURCE[0]}")/..)"
STATE_FOLDER="${ROOT_FOLDER}/state"
SED_ROOT_FOLDER="$(echo $ROOT_FOLDER | sed 's/\//\\\//g')"
INTERNAL_IP="$(hostname -I | awk '{print $1}')"
DNS_IP=9.9.9.9 # Default to Quad9 DNS
USERNAME="$(id -nu 1000)"
ARCHITECTURE="$(uname -m)"
if [[ "$architecture" == "aarch64" ]]; then
if [[ "$ARCHITECTURE" == "aarch64" ]]; then
ARCHITECTURE="arm64"
fi
@ -48,7 +63,7 @@ function get_json_field() {
function derive_entropy() {
SEED_FILE="${STATE_FOLDER}/seed"
identifier="${1}"
tipi_seed=$(cat "${SEED_FILE}") || true
tipi_seed=$(cat "${SEED_FILE}") || true
if [[ -z "$tipi_seed" ]] || [[ -z "$identifier" ]]; then
>&2 echo "Missing derivation parameter, this is unsafe, exiting."
@ -76,6 +91,11 @@ fi
chown -R 1000:1000 "${STATE_FOLDER}/apps.json"
chown -R 1000:1000 "${STATE_FOLDER}/users.json"
# Get current dns from host
if [[ -f "/etc/resolv.conf" ]]; then
TEMP=$(cat /etc/resolv.conf | grep -E -o '[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}' | head -n 1)
fi
# Get dns ip if pihole is installed
str=$(get_json_field ${STATE_FOLDER}/apps.json installed)
@ -126,16 +146,26 @@ echo "Running system-info.sh..."
bash "${ROOT_FOLDER}/scripts/system-info.sh"
# Give permissions 1000:1000 to app data
chown -R 1000:1000 "${ROOT_FOLDER}/app-data"
# chown -R 1000:1000 "${ROOT_FOLDER}/app-data"
## Don't run if config-only
if [[ ! $config_only == "true" ]]; then
docker-compose --env-file "${ROOT_FOLDER}/.env" pull
# Run docker-compose
docker-compose --env-file "${ROOT_FOLDER}/.env" up --detach --remove-orphans --build || {
echo "Failed to start containers"
exit 1
}
if [[ ! $ci == "true" ]]; then
if [[ $rc == "true" ]]; then
docker-compose -f docker-compose.rc.yml --env-file "${ROOT_FOLDER}/.env" pull
# Run docker-compose
docker-compose -f docker-compose.rc.yml --env-file "${ROOT_FOLDER}/.env" up --detach --remove-orphans --build || {
echo "Failed to start containers"
exit 1
}
else
docker-compose --env-file "${ROOT_FOLDER}/.env" pull
# Run docker-compose
docker-compose --env-file "${ROOT_FOLDER}/.env" up --detach --remove-orphans --build || {
echo "Failed to start containers"
exit 1
}
fi
fi
echo "Tipi is now running"