diff --git a/.buildkite/pipeline.yml b/.buildkite/pipeline.yml index 56a252f5..4a799fb8 100644 --- a/.buildkite/pipeline.yml +++ b/.buildkite/pipeline.yml @@ -24,28 +24,28 @@ steps: - "build" key: "build-docker" -# - wait: -# if: build.branch == "master" || build.branch =~ /^v/ -# -# - label: ":docker: Image Deployments" -# command: ".buildkite/steps/deployimages.sh | buildkite-agent pipeline upload" -# branches: "master v*" -# depends_on: -# - "test" -# - "build-docker" -# -# - wait: -# if: build.branch == "master" || build.branch =~ /^v/ -# -# - label: ":docker: Deploy Manifests" -# command: "authelia-scripts docker push-manifest" -# branches: "master v*" -# env: -# DOCKER_CLI_EXPERIMENTAL: "enabled" -# -# - label: ":github: Deploy Artifacts" -# command: ".buildkite/steps/ghartifacts.sh" -# agents: -# upload: "fast" -# depends_on: "build-docker" -# if: build.tag != null \ No newline at end of file + - wait: + if: build.branch == "master" || build.branch =~ /^v/ + + - label: ":docker: Image Deployments" + command: ".buildkite/steps/deployimages.sh | buildkite-agent pipeline upload" + branches: "master v*" + depends_on: + - "test" + - "build-docker" + + - wait: + if: build.branch == "master" || build.branch =~ /^v/ + + - label: ":docker: Deploy Manifests" + command: "authelia-scripts docker push-manifest" + branches: "master v*" + env: + DOCKER_CLI_EXPERIMENTAL: "enabled" + + - label: ":github: Deploy Artifacts" + command: ".buildkite/steps/ghartifacts.sh" + agents: + upload: "fast" + depends_on: "build-docker" + if: build.tag != null \ No newline at end of file diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 211b4745..00000000 --- a/.travis.yml +++ /dev/null @@ -1,133 +0,0 @@ -language: go - -required: sudo - -go: - - "1.13" - -services: - - docker - -addons: - chrome: stable - apt: - sources: - - google-chrome - packages: - - google-chrome-stable - -install: - - export PATH=$PATH:./cmd/authelia-scripts/:/tmp - - source bootstrap.sh - -jobs: - include: - - stage: build & test - before_script: - - curl -o- https://raw.githubusercontent.com/creationix/nvm/v0.33.11/install.sh | bash - - nvm install v12 && nvm use v12 - - go mod download - script: - - authelia-scripts --log-level debug ci - - # Run all suites in a dedicated container - - &e2e-test - stage: end-to-end suite tests - env: - - SUITE_NAME=BypassAll - before_script: - # Install chrome driver - # TODO(c.michaud): this could be done in authelia-scripts instead for devs to not do the install themselves. - # or even provide a docker image with a selenium server. - - wget -N https://chromedriver.storage.googleapis.com/78.0.3904.70/chromedriver_linux64.zip -P ~/ - - unzip ~/chromedriver_linux64.zip -d ~/ - - rm ~/chromedriver_linux64.zip - - sudo mv -f ~/chromedriver /usr/bin/chromedriver - - sudo chmod +x /usr/bin/chromedriver - - sudo ln -s /usr/bin/google-chrome-stable /usr/bin/chromium-browser - - go mod download - script: - # Run the suite - - authelia-scripts --log-level debug suites test $SUITE_NAME --headless - # TODO(c.michaud): check if all suites are listed based on `authelia-scripts suites list` command. - - <<: *e2e-test - env: - - SUITE_NAME=Docker - - <<: *e2e-test - env: - - SUITE_NAME=DuoPush - - <<: *e2e-test - env: - - SUITE_NAME=HAProxy - - <<: *e2e-test - env: - - SUITE_NAME=HighAvailability - - <<: *e2e-test - env: - - SUITE_NAME=Kubernetes - - <<: *e2e-test - env: - - SUITE_NAME=LDAP - - <<: *e2e-test - env: - - SUITE_NAME=Mariadb - - <<: *e2e-test - env: - - SUITE_NAME=NetworkACL - - <<: *e2e-test - env: - - SUITE_NAME=Postgres - - <<: *e2e-test - env: - - SUITE_NAME=ShortTimeouts - - <<: *e2e-test - env: - - SUITE_NAME=Standalone - - <<: *e2e-test - env: - - SUITE_NAME=Traefik - - - &build-images - stage: build images - if: branch = "master" && type != "pull_request" || branch =~ /^v/ - env: - - ARCH=amd64 - script: - - while sleep 9m; do echo '===== Prevent build from terminating ====='; done & - - authelia-scripts docker build --arch=$ARCH - - kill %1 - after_success: - - authelia-scripts docker push-image --arch=$ARCH - before_deploy: - - docker create --name authelia-binary authelia/authelia:${TRAVIS_TAG:1}-$ARCH - - docker cp authelia-binary:/usr/app/authelia ./authelia-linux-$ARCH - - docker cp authelia-binary:/usr/app/public_html ./ - - tar -I 'zstdmt -T0 -12' -cf authelia-linux-$ARCH.tar.zst authelia-linux-$ARCH public_html - - sha256sum authelia-linux-$ARCH.tar.zst > authelia-linux-$ARCH.tar.zst.sha256 - deploy: - provider: releases - api_key: "$GITHUB_API_KEY" - file_glob: true - file: "authelia-linux-$ARCH.tar.zst*" - skip_cleanup: true - on: - tags: true - - <<: *build-images - env: - - ARCH=arm32v7 - - <<: *build-images - env: - - ARCH=arm64v8 - - stage: deploy manifests - if: branch = "master" && type != "pull_request" || branch =~ /^v/ - env: - - DOCKER_CLI_EXPERIMENTAL=enabled - script: - - authelia-scripts docker push-manifest - -notifications: - email: - recipients: - - clement.michaud34@gmail.com - on_success: change - on_failure: always diff --git a/README.md b/README.md index 099c0097..c7e488ed 100644 --- a/README.md +++ b/README.md @@ -2,9 +2,12 @@

- [![license](https://img.shields.io/badge/license-Apache%202.0-green.svg)][Apache 2.0] - [![Build](https://travis-ci.org/authelia/authelia.svg?branch=master)](https://travis-ci.org/authelia/authelia) - [![Gitter](https://img.shields.io/gitter/room/badges/shields.svg)](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link) + [![Docker Tag](https://images.microbadger.com/badges/version/authelia/authelia.svg)](https://microbadger.com/images/authelia/authelia) + [![Docker Size](https://img.shields.io/microbadger/image-size/authelia/authelia?style=flat-square&=blue&logo=docker)](https://microbadger.com/images/authelia/authelia) + [![GitHub Release](https://img.shields.io/github/release/authelia/authelia.svg?style=flat-square&color=blue&logo=github&logoColor=FFFFFF)](https://github.com/authelia/authelia/releases) + [![License](https://img.shields.io/badge/license-Apache%202.0-blue.svg?style=flat-square)][Apache 2.0] + [![Build](https://img.shields.io/buildkite/d6543d3ece3433f46dbe5fd9fcfaf1f68a6dbc48eb1048bc22/master?style=flat-square&color=brightgreen)](https://buildkite.com/authelia/authelia) + [![Gitter](https://img.shields.io/gitter/room/badges/shields.svg?style=flat-square&color=brightgreen)](https://gitter.im/authelia/general?utm_source=share-link&utm_medium=link&utm_campaign=share-link) **Authelia** is an open-source authentication and authorization server providing 2-factor authentication and single sign-on (SSO) for your @@ -56,7 +59,7 @@ For more details about the features, follow [Features](./docs/features.md). ## Proxy support -Authelia works in combination with [nginx] or [Traefik] and [HAProxy]. It can be deployed on bare metal with +Authelia works in combination with [nginx], [Traefik] or [HAProxy]. It can be deployed on bare metal with Docker or directly in [Kubernetes].

diff --git a/cmd/authelia-scripts/cmd_docker.go b/cmd/authelia-scripts/cmd_docker.go index d01b14ae..cb12ce9e 100644 --- a/cmd/authelia-scripts/cmd_docker.go +++ b/cmd/authelia-scripts/cmd_docker.go @@ -18,16 +18,12 @@ var supportedArch = []string{"amd64", "arm32v7", "arm64v8", "CI"} var defaultArch = "amd64" var buildkite = os.Getenv("BUILDKITE") var buildkiteQEMU = os.Getenv("BUILDKITE_AGENT_META_DATA_QEMU") - -//TODO(nightah): Uncomment when turning off Travis -//var ciBranch = os.Getenv("BUILDKITE_BRANCH") -//var ciPullRequest = os.Getenv("BUILDKITE_PULL_REQUEST") -//var ciTag = os.Getenv("BUILDKITE_TAG") +var ciBranch = os.Getenv("BUILDKITE_BRANCH") +var ciPullRequest = os.Getenv("BUILDKITE_PULL_REQUEST") +var ciTag = os.Getenv("BUILDKITE_TAG") var dockerTags = regexp.MustCompile(`v(?P(?P(?P\d+)\.\d+)\.\d+.*)`) var ignoredSuffixes = regexp.MustCompile("alpha|beta") - -//var tags = dockerTags.FindStringSubmatch(ciTag) -//TODO(nightah): Uncomment when turning off Travis +var tags = dockerTags.FindStringSubmatch(ciTag) func init() { DockerBuildCmd.PersistentFlags().StringVar(&arch, "arch", defaultArch, "target architecture among: "+strings.Join(supportedArch, ", ")) @@ -50,15 +46,6 @@ func dockerBuildOfficialImage(arch string) error { // Set version of QEMU qemuversion := "v4.2.0-2" - //TODO(nightah): Remove when turning off Travis - ciTag := "" - if os.Getenv("TRAVIS_TAG") != "" { - ciTag = os.Getenv("TRAVIS_TAG") - } else { - ciTag = os.Getenv("BUILDKITE_TAG") - } - //TODO(nightah): Remove when turning off Travis - // If not the default value if arch != defaultArch { dockerfile = fmt.Sprintf("%s.%s", dockerfile, arch) @@ -132,23 +119,23 @@ var DockerBuildCmd = &cobra.Command{ }, } -// DockerPushCmd Command for pushing Authelia docker image to Dockerhub +// DockerPushCmd Command for pushing Authelia docker image to Docker Hub var DockerPushCmd = &cobra.Command{ Use: "push-image", - Short: "Publish Authelia docker image to Dockerhub", + Short: "Publish Authelia docker image to Docker Hub", Run: func(cmd *cobra.Command, args []string) { - log.Infof("Pushing Docker image %s to dockerhub...", DockerImageName) + log.Infof("Pushing Docker image %s to Docker Hub...", DockerImageName) checkArchIsSupported(arch) publishDockerImage(arch) }, } -// DockerManifestCmd Command for pushing Authelia docker manifest to Dockerhub +// DockerManifestCmd Command for pushing Authelia docker manifest to Docker Hub var DockerManifestCmd = &cobra.Command{ Use: "push-manifest", - Short: "Publish Authelia docker manifest to Dockerhub", + Short: "Publish Authelia docker manifest to Docker Hub", Run: func(cmd *cobra.Command, args []string) { - log.Infof("Pushing Docker manifest of %s to dockerhub...", DockerImageName) + log.Infof("Pushing Docker manifest of %s to Docker Hub...", DockerImageName) publishDockerManifest() }, } @@ -169,18 +156,18 @@ func login(docker *Docker) { log.Fatal(errors.New("DOCKER_PASSWORD is empty")) } - log.Infof("Login to dockerhub as %s", username) + log.Infof("Login to Docker Hub as %s", username) err := docker.Login(username, password) if err != nil { - log.Fatal("Login to dockerhub failed", err) + log.Fatal("Login to Docker Hub failed", err) } } func deploy(docker *Docker, tag string) { imageWithTag := DockerImageName + ":" + tag - log.Infof("Docker image %s will be deployed on Dockerhub", imageWithTag) + log.Infof("Docker image %s will be deployed on Docker Hub", imageWithTag) if err := docker.Tag(DockerImageName, imageWithTag); err != nil { log.Fatal(err) @@ -194,7 +181,7 @@ func deploy(docker *Docker, tag string) { func deployManifest(docker *Docker, tag string, amd64tag string, arm32v7tag string, arm64v8tag string) { dockerImagePrefix := DockerImageName + ":" - log.Infof("Docker manifest %s%s will be deployed on Dockerhub", dockerImagePrefix, tag) + log.Infof("Docker manifest %s%s will be deployed on Docker Hub", dockerImagePrefix, tag) err := docker.Manifest(dockerImagePrefix+tag, dockerImagePrefix+amd64tag, dockerImagePrefix+arm32v7tag, dockerImagePrefix+arm64v8tag) @@ -204,45 +191,17 @@ func deployManifest(docker *Docker, tag string, amd64tag string, arm32v7tag stri tags := []string{amd64tag, arm32v7tag, arm64v8tag} for _, t := range tags { - log.Infof("Docker removing tag for %s%s on Dockerhub", dockerImagePrefix, t) + log.Infof("Docker removing tag for %s%s on Docker Hub", dockerImagePrefix, t) if err := docker.CleanTag(t); err != nil { panic(err) } } - - log.Info("Docker pushing README.md to Dockerhub") - - if err := docker.PublishReadme(); err != nil { - log.Fatal(err) - } } func publishDockerImage(arch string) { docker := &Docker{} - //TODO(nightah): Remove when turning off Travis - ciBranch := "" - if os.Getenv("TRAVIS_BRANCH") != "" { - ciBranch = os.Getenv("TRAVIS_BRANCH") - } else { - ciBranch = os.Getenv("BUILDKITE_BRANCH") - } - ciPullRequest := "" - if os.Getenv("TRAVIS_PULL_REQUEST") != "" { - ciPullRequest = os.Getenv("TRAVIS_PULL_REQUEST") - } else { - ciPullRequest = os.Getenv("BUILDKITE_PULL_REQUEST") - } - ciTag := "" - if os.Getenv("TRAVIS_TAG") != "" { - ciTag = os.Getenv("TRAVIS_TAG") - } else { - ciTag = os.Getenv("BUILDKITE_TAG") - } - tags := dockerTags.FindStringSubmatch(ciTag) - //TODO(nightah): Remove when turning off Travis - if ciBranch == "master" && ciPullRequest == "false" { login(docker) deploy(docker, "master-"+arch) @@ -268,42 +227,24 @@ func publishDockerImage(arch string) { func publishDockerManifest() { docker := &Docker{} - //TODO(nightah): Remove when turning off Travis - ciBranch := "" - if os.Getenv("TRAVIS_BRANCH") != "" { - ciBranch = os.Getenv("TRAVIS_BRANCH") - } else { - ciBranch = os.Getenv("BUILDKITE_BRANCH") - } - ciPullRequest := "" - if os.Getenv("TRAVIS_PULL_REQUEST") != "" { - ciPullRequest = os.Getenv("TRAVIS_PULL_REQUEST") - } else { - ciPullRequest = os.Getenv("BUILDKITE_PULL_REQUEST") - } - ciTag := "" - if os.Getenv("TRAVIS_TAG") != "" { - ciTag = os.Getenv("TRAVIS_TAG") - } else { - ciTag = os.Getenv("BUILDKITE_TAG") - } - tags := dockerTags.FindStringSubmatch(ciTag) - //TODO(nightah): Remove when turning off Travis - if ciBranch == "master" && ciPullRequest == "false" { login(docker) deployManifest(docker, "master", "master-amd64", "master-arm32v7", "master-arm64v8") + publishDockerReadme(docker) } else if ciTag != "" { if len(tags) == 4 { log.Infof("Detected tags: '%s' | '%s' | '%s'", tags[1], tags[2], tags[3]) login(docker) deployManifest(docker, tags[1], tags[1]+"-amd64", tags[1]+"-arm32v7", tags[1]+"-arm64v8") + publishDockerReadme(docker) if !ignoredSuffixes.MatchString(ciTag) { deployManifest(docker, tags[2], tags[2]+"-amd64", tags[2]+"-arm32v7", tags[2]+"-arm64v8") deployManifest(docker, tags[3], tags[3]+"-amd64", tags[3]+"-arm32v7", tags[3]+"-arm64v8") deployManifest(docker, "latest", "latest-amd64", "latest-arm32v7", "latest-arm64v8") + publishDockerReadme(docker) + updateMicroBadger(docker) } } else { log.Fatal("Docker manifest will not be published, the specified tag does not conform to the standard") @@ -312,3 +253,18 @@ func publishDockerManifest() { log.Info("Docker manifest will not be published") } } + +func publishDockerReadme(docker *Docker) { + log.Info("Docker pushing README.md to Docker Hub") + + if err := docker.PublishReadme(); err != nil { + log.Fatal(err) + } +} +func updateMicroBadger(docker *Docker) { + log.Info("Updating MicroBadger metadata from Docker Hub") + + if err := docker.UpdateMicroBadger(); err != nil { + log.Fatal(err) + } +} diff --git a/cmd/authelia-scripts/docker.go b/cmd/authelia-scripts/docker.go index 66129d54..95e985f5 100644 --- a/cmd/authelia-scripts/docker.go +++ b/cmd/authelia-scripts/docker.go @@ -61,3 +61,8 @@ func (d *Docker) CleanTag(tag string) error { func (d *Docker) PublishReadme() error { return utils.CommandWithStdout("bash", "-c", `token=$(curl -fs --retry 3 -H "Content-Type: application/json" -X "POST" -d '{"username": "'$DOCKER_USERNAME'", "password": "'$DOCKER_PASSWORD'"}' https://hub.docker.com/v2/users/login/ | jq -r .token) && jq -n --arg msg "$(cat README.md | sed -r 's/(\