Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/main' into merge-upstream
Browse files Browse the repository at this point in the history 
NOTE: Might need cgroupv2 apt package
  • Loading branch information
@07joshua03
07joshua03 committed Nov 15, 2024
2 parents 716caf8 + b291368 commit 1951d97
Show file tree
Hide file tree
Showing 29 changed files with 669 additions and 283 deletions.
55 changes: 55 additions & 0 deletions .github/workflows/build-contributor-container-PR.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,55 @@
name: 'Build Contributor container (PR)'
# For speedup to do this in parallel: https://docs.docker.com/build/ci/github-actions/multi-platform/
# Loosely based on: https://docs.docker.com/build/ci/github-actions/push-multi-registries/

on:
push:
paths:
- docker-contributor/**
- .github/workflows/build-contributor-container-PR.yml
pull_request:
branches:
- main
paths:
- docker-contributor/**
- .github/workflows/build-contributor-container-PR.yml

jobs:
pr-contributor:
# Stop processing if this is a merge-queue
# Stop processing if this is not against our repo
# Always run if this PR is not from our organization
# Or run if this PR is not `main` (So notQueue && ourRepo && (notPROurOrg || notMain))
if : ${{ !contains(github.ref, 'gh-readonly-queue') &&
github.repository == 'domjudge/domjudge-packaging' &&
!(github.event.pull_request.head.repo.full_name == 'domjudge/domjudge-packaging' && github.ref == 'main') }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to GitHub container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@9ec57ed1fcdbf14dcef7dfbe97b2010124a938b7
with:
images: ghcr.io/${{ github.repository }}

- name: Build and push
uses: docker/build-push-action@v5
with:
context: docker-contributor
platforms: linux/amd64,linux/arm64
push: false
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

37 changes: 37 additions & 0 deletions .github/workflows/build-contributor-container-release.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,37 @@
name: 'Build Contributor container (Release)'
# For speedup to do this in parallel: https://docs.docker.com/build/ci/github-actions/multi-platform/
# Loosely based on: https://docs.docker.com/build/ci/github-actions/push-multi-registries/

on:
schedule:
- cron: "5 4 * * 5"
push:
branches:
- main
workflow_dispatch:

jobs:
release-contributor:
if: ${{ github.repository == 'domjudge/domjudge-packaging' }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Build and push
uses: docker/build-push-action@v5
with:
context: docker-contributor
platforms: linux/amd64,linux/arm64
push: true
tags: domjudge/domjudge-contributor:latest

94 changes: 94 additions & 0 deletions .github/workflows/build-domjudge-container-PR.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,94 @@
name: 'Build domjudge container (PR)'

on:
push:
paths:
- .github/workflows/build-domjudge-container-PR.yml
- docker/**
pull_request:
branches:
- main
paths:
- .github/workflows/build-domjudge-container-PR.yml
- docker/**

env:
DOMJUDGE_VERSION: M.m.p

jobs:
pr-domjudge:
# Stop processing if this is a merge-queue
# Stop processing if this is not against our repo
# Always run if this PR is not from our organization
# Or run if this PR is not `main` (So notQueue && ourRepo && (notPROurOrg || notMain))
if : ${{ !contains(github.ref, 'gh-readonly-queue') &&
github.repository == 'domjudge/domjudge-packaging' &&
!(github.event.pull_request.head.repo.full_name == 'domjudge/domjudge-packaging' && github.ref == 'main') }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to GitHub container registry
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}

- run: docker system prune -a -f

- name: Get an unique tag for when people PR often
run: |
GHR=${{ github.ref }}
echo "PR_TAG=${GHR///}${{ github.actor }}" >> $GITHUB_ENV
- name: If needed overwrite the DOMJUDGE_VERSION for this run
run: |
if [ ${{ env.DOMJUDGE_VERSION }} != "M.m.p" ]; then
exit 0
fi
sudo apt-get update; sudo apt-get install -y jq curl
set -x
HUBURL="https://registry.hub.docker.com/v2/repositories/domjudge/domserver/tags"
TAG=$(curl $HUBURL|jq '.results | sort_by(.name) | .[-2].name')
DJ_TAG=${TAG//\"}
set +x
echo "DOMJUDGE_VERSION=$DJ_TAG" >> $GITHUB_ENV
- name: Build the container
run: |
cd docker
./build.sh "${{ env.DOMJUDGE_VERSION }}"
- name: Build and push
run: |
for IMG in domserver judgehost default-judgehost-chroot; do
echo "::group::$IMG"
IMAGE_NAME="${GITHUB_REPOSITORY_OWNER@L}/$IMG:${{ env.DOMJUDGE_VERSION }}"
docker image tag "$IMAGE_NAME" ghcr.io/${GITHUB_REPOSITORY_OWNER@L}/$IMG:${{ env.PR_TAG }}
docker image tag "$IMAGE_NAME" ${GITHUB_REPOSITORY_OWNER@L}/$IMG:${{ env.PR_TAG }}
echo "::endgroup::"
done
- run: docker image list

- name: Check for wrong permisions
run: |
docker image list
set -x
for IMG in domserver judgehost; do
files=$(docker run --rm --pull=never "domjudge/$IMG:${{ env.PR_TAG }}" find / -xdev -perm -o+w ! -type l ! \( -type d -a -perm -+t \) ! -type c)
if [ -n "$files" ]; then
echo "error: image domjudge/$IMG:${{ env.PR_TAG }} contains world-writable files:" >&2
printf "%s\n" "$files" >&2
exit 1
fi
done
79 changes: 79 additions & 0 deletions .github/workflows/build-domjudge-container-release.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,79 @@
name: 'Build domjudge container (Release)'

on:
push:
branches:
- main
workflow_dispatch:
inputs:
DOMJUDGE_VERSION:
description: 'Version of DOMjudge to build'
required: true
default: 'M.m.p'
DOMJUDGE_LATEST:
description: 'Overwrite the latest tag'
required: true
default: 'true'

env:
DOMJUDGE_VERSION: M.m.p
DOMJUDGE_LATEST: true

jobs:
release-domjudge:
if: ${{ github.repository == 'domjudge/domjudge-packaging' }}
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Set up QEMU
uses: docker/setup-qemu-action@v3

- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3

- name: Login to Docker Hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: If manually dispatched use input variables
if: ${{ github.event_name == 'workflow_dispatch' }}
run: |
echo "DOMJUDGE_VERSION=${{ inputs.DOMJUDGE_VERSION }}" >> $GITHUB_ENV
echo "DOMJUDGE_LATEST=${{ inputs.DOMJUDGE_LATEST }}" >> $GITHUB_ENV
- name: If needed overwrite the DOMJUDGE_VERSION for this run
run: |
if [ ${{ env.DOMJUDGE_VERSION }} != "M.m.p" ]; then
exit 0
fi
if [ ${{ env.DOMJUDGE_LATEST }} == "false" ]; then
echo "I don't know which version to pick!"
exit 1
fi
sudo apt-get update; sudo apt-get install jq curl -y
set -x
HUBURL="https://registry.hub.docker.com/v2/repositories/domjudge/domserver/tags"
TAG=$(curl $HUBURL|jq '.results | sort_by(.name) | .[-2].name')
DJ_TAG=${TAG//\"}
set +x
echo "DOMJUDGE_VERSION=$DJ_TAG" >> $GITHUB_ENV
- name: Build the container
run: |
cd docker
./build.sh "${{ env.DOMJUDGE_VERSION }}"
- name: Build and push
run: |
for IMG in domserver judgehost default-judgehost-chroot; do
docker push domjudge/$IMG:${{ env.DOMJUDGE_VERSION }}
if [ ${{ env.DOMJUDGE_LATEST }} = "true" ]; then
docker tag domjudge/$IMG:${{ env.DOMJUDGE_VERSION }} domjudge/$IMG:latest
docker push domjudge/$IMG
fi
done
58 changes: 58 additions & 0 deletions .github/workflows/build-gitlab-container-PR.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,58 @@
name: 'Build GitLab CI container (PR)'

on:
push:
paths:
- docker-contributor/php-config
- docker-gitlabci/**
- .github/workflows/build-gitlab-container-PR.yml
pull_request:
branches:
- main
paths:
- docker-contributor/php-config
- docker-gitlabci/**
- .github/workflows/build-gitlab-container-PR.yml

jobs:
pr-gitlab:
# Stop processing if this is a merge-queue
# Stop processing if this is not against our repo
# Always run if this PR is not from our organization
# Or run if this PR is not `main` (So notQueue && ourRepo && (notPROurOrg || notMain))
if : ${{ !contains(github.ref, 'gh-readonly-queue') &&
github.repository == 'domjudge/domjudge-packaging' &&
!(github.event.pull_request.head.repo.full_name == 'domjudge/domjudge-packaging' && github.ref == 'main') }}
name: PR GitLab image
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Use the same PHP config as the contributor containers
run: cp -r docker-{contributor,gitlabci}/php-config

- name: Log in to GitHub Container registry (possibly at fork)
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: ghcr.io/${{ github.repository }}

- name: Build and push Docker images
uses: docker/build-push-action@v5
with:
context: "./docker-gitlabci"
push: false
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}

45 changes: 45 additions & 0 deletions .github/workflows/build-gitlab-container-release.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,45 @@
name: 'Build GitLab CI container (Release)'

on:
schedule:
- cron: "4 3 * * 5"
push:
branches:
- main
workflow_dispatch:

jobs:
build-gitlab:
if: ${{ github.repository == 'domjudge/domjudge-packaging' }}
name: Build GitLab image
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Checkout
uses: actions/checkout@v4

- name: Use the same PHP config as the contributor containers
run: cp -r docker-{contributor,gitlabci}/php-config

- name: Log in to Docker Container registry
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKERHUB_USERNAME }}
password: ${{ secrets.DOCKERHUB_TOKEN }}

- name: Extract metadata (tags, labels) for Docker
id: meta
uses: docker/metadata-action@v5
with:
images: domjudge/gitlabci

- name: Build and push Docker images
uses: docker/build-push-action@v5
with:
context: "./docker-gitlabci"
push: true
tags: "domjudge/gitlabci:24.04"
labels: ${{ steps.meta.outputs.labels }}

3 changes: 0 additions & 3 deletions .github/workflows/shellcheck.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,6 @@ on:
pull_request:
branches:
- main
pull_request_target:
branches:
- main

jobs:
shellcheck:
Expand Down
Loading

0 comments on commit 1951d97

Please sign in to comment.