diff --git a/.github/container/Dockerfile b/.github/container/Dockerfile index 3260e0253..aec81764a 100644 --- a/.github/container/Dockerfile +++ b/.github/container/Dockerfile @@ -1,7 +1,7 @@ #' Define default build variables ## source ARGs ARG OTP_VSN='27' -ARG ELIXIR_VSN='1.16.3' +ARG ELIXIR_VSN='1.17.2' ## general ARGs ARG UID='9000' ARG USER='ejabberd' @@ -102,14 +102,28 @@ RUN home_root_dir=$(echo $HOME | sed 's|\(.*\)/.*|\1 |') \ && ARCH=$(uname -m | sed -e 's/x86_64/x64/;s/aarch64/arm64/') \ && tar -xzf /tmp/ejabberd-*-linux-musl-$ARCH.tar.gz -C $home_root_dir +################################################################################ +#' OpenSSL - Create server certificate for localhost, +# because wolfi misses openssl config file +FROM docker.io/library/alpine AS servercert +RUN apk -U add --no-cache openssl +RUN export PEM=/tmp/server.pem \ + && openssl req -x509 \ + -batch \ + -nodes \ + -newkey rsa:4096 \ + -keyout $PEM \ + -out $PEM \ + -days 3650 \ + -subj "/CN=localhost" + ################################################################################ #' Prepare ejabberd for runtime FROM ${METHOD} AS ejabberd RUN apk -U add --no-cache \ git \ libcap-utils \ - pax-utils \ - openssl + pax-utils WORKDIR /rootfs ARG HOME @@ -125,17 +139,7 @@ RUN if [ ! -d $HOME/.ejabberd-modules ]; \ fi \ fi -RUN export PEM=$HOME/conf/server.pem \ - && wget -O /etc/ssl/openssl.cnf \ - https://raw.githubusercontent.com/openssl/openssl/openssl-3.3/apps/openssl.cnf \ - && openssl req -x509 \ - -batch \ - -nodes \ - -newkey rsa:4096 \ - -keyout $PEM \ - -out $PEM \ - -days 3650 \ - -subj "/CN=localhost" +COPY --from=servercert /tmp/server.pem $HOME/conf/server.pem RUN home_root_dir=$(echo $HOME | sed 's|\(.*\)/.*|\1 |') \ && setcap 'cap_net_bind_service=+ep' $(find $home_root_dir -name beam.smp) \ diff --git a/.github/workflows/container.yml b/.github/workflows/container.yml index 8b9c420d2..c077db356 100644 --- a/.github/workflows/container.yml +++ b/.github/workflows/container.yml @@ -1,16 +1,10 @@ name: Container on: - schedule: - - cron: '22 2 */6 * *' # every 6 days to avoid gha cache being evicted - push: - paths-ignore: - - '.devcontainer/**' - - 'examples/**' - - 'lib/**' - - 'man/**' - - 'priv/**' - - '**.md' + workflow_run: + workflows: [Installers] + types: + - completed env: REGISTRY: ghcr.io @@ -27,52 +21,13 @@ jobs: uses: actions/checkout@v4 with: fetch-depth: 0 - - # - name: Cache build directory - # uses: actions/cache@v4 - # with: - # path: ~/build/ - # key: ${{runner.os}}-ctr-ct-ng-1.26.0 - - # - name: Get erlang/OTP version for bootstrapping - # run: | - # echo "OTP_VSN=$(awk '/^otp_vsn=/ {{gsub(/[^0-9.rc-]/, ""); print}}' tools/make-binaries)" >> $GITHUB_ENV - # echo "ELIXIR_VSN=$(awk '/^elixir_vsn=/ {{gsub(/[^0-9.]/, ""); print}}' tools/make-binaries)" >> $GITHUB_ENV - - # - name: Install prerequisites - # run: | - # sudo apt-get -qq update - # sudo apt-get -qq install makeself - # # https://github.com/crosstool-ng/crosstool-ng/blob/master/testing/docker/ubuntu21.10/Dockerfile - # sudo apt-get -qq install build-essential autoconf bison flex gawk - # sudo apt-get -qq install help2man libncurses5-dev libtool libtool-bin - # sudo apt-get -qq install python3-dev texinfo unzip - - # - name: Install erlang/OTP - # uses: erlef/setup-beam@v1 - # with: - # otp-version: ${{ env.OTP_VSN }} - # elixir-version: ${{ env.ELIXIR_VSN }} - # version-type: strict - - # - name: Remove Elixir Matchers - # run: | - # echo "::remove-matcher owner=elixir-mixCompileWarning::" - # echo "::remove-matcher owner=elixir-credoOutputDefault::" - # echo "::remove-matcher owner=elixir-mixCompileError::" - # echo "::remove-matcher owner=elixir-mixTestFailure::" - # echo "::remove-matcher owner=elixir-dialyzerOutputDefault::" - - # - name: Build musl-libc based binary archives - # run: | - # sed -i "s|targets='.*'|targets='x86_64-linux-musl aarch64-linux-musl'|" tools/make-binaries - # mv .github/container/ejabberdctl.template . - # CHECK_DEPS=false tools/make-binaries - - # - name: Collect packages - # run: | - # mkdir tarballs - # mv ejabberd-*.tar.gz tarballs + - + name: Download digests + uses: actions/download-artifact@v4 + with: + path: tarballs + pattern: tarballs + merge-multiple: true - name: Checkout ejabberd-contrib uses: actions/checkout@v4 @@ -111,13 +66,13 @@ jobs: uses: docker/build-push-action@v6 with: build-args: | - METHOD=direct + METHOD=package VERSION=${{ steps.gitdescribe.outputs.ver }} cache-from: type=gha cache-to: type=gha,mode=max context: . file: .github/container/Dockerfile labels: ${{ steps.meta.outputs.labels }} - platforms: linux/amd64 # ,linux/arm64 + platforms: linux/amd64,linux/arm64 push: true tags: ${{ steps.meta.outputs.tags }} diff --git a/.github/workflows/installers.yml b/.github/workflows/installers.yml index b820dd6d9..8891d08ff 100644 --- a/.github/workflows/installers.yml +++ b/.github/workflows/installers.yml @@ -66,6 +66,22 @@ jobs: # path: ejabberd-packages* retention-days: 14 + - name: Collect binary tarballs + run: | + mkdir tarballs + mv ejabberd-*.tar.gz tarballs + - name: Upload binary tarballs + uses: actions/upload-artifact@v4 + with: + name: ejabberd-tarballs + # + # Appending the wildcard character ("*") is a trick to make + # "ejabberd-packages" the root directory of the uploaded ZIP file: + # + # https://github.com/actions/upload-artifact#upload-using-multiple-paths-and-exclusions + # + path: tarballs* + retention-days: 14 release: name: Release