Github Action with Docker

1 2	DOCKERHUB_USERNAME DOCKERHUB_TOKEN

Lite version

Canvas_Docker_Build.yml

name: Canvas Docker Build

on:
  push:
    branches:
      - main
  schedule:
    - cron:  '0 0 * * MON'

jobs:
  Canvas_Docker_Build:
    name: Canvas Docker Build
    runs-on: ubuntu-latest
    steps:
      -
        name: Private Actions Checkout
        uses: actions/checkout@v2.3.4
      -
        name: Docker Setup QEMU
        uses: docker/setup-qemu-action@v1.2.0
      -
        name: Docker Setup Buildx
        uses: docker/setup-buildx-action@v1.6.0
      -
        name: Docker Login
        uses: docker/login-action@v1.10.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push Docker images
        uses: docker/build-push-action@v2.7.0
        with:
          context: .
          platforms: linux/amd64,linux/arm64
          push: true
          tags: |
            xrsec/canvas:latest
            xrsec/canvas:7.2
          cache-from: type=gha
          cache-to: type=gha,mode=max

Auto-update version

name: Docker Code Server Build

on:
  push:
    branches:
      - main
  schedule:
    - cron:  '0 0 * * MON'

jobs:
  Build_For_Code_Server:
    name: Docker Code Server Build
    runs-on: ubuntu-latest
    steps:
      -
        name: Private Actions Checkout
        uses: actions/checkout@v2.3.4
      -
        name: Docker Setup QEMU
        uses: docker/setup-qemu-action@v1.2.0
      -
        name: Docker Setup Buildx
        uses: docker/setup-buildx-action@v1.6.0
      -
        name: Code Server Download
        run: |
          mkdir -p linux/arm64 linux/amd64
          wget -O linux/amd64/code-server.rpm `curl https://api.github.com/repos/cdr/code-server/releases/latest | grep "browser_download_url"  | cut -d '"' -f 4 | grep amd64.rpm` --no-cookie --no-check-certificate
          wget -O linux/arm64/code-server.rpm `curl https://api.github.com/repos/cdr/code-server/releases/latest | grep "browser_download_url"  | cut -d '"' -f 4 | grep arm64.rpm` --no-cookie --no-check-certificate

      -
        name: Docker Login
        uses: docker/login-action@v1.10.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push Docker images
        uses: docker/build-push-action@v2.7.0
        with:
          context: .
          platforms: linux/arm64,linux/amd64
          push: true
          tags: |
            xrsec/code-server:latest
          cache-from: type=gha
          cache-to: type=gha,mode=max

version_checking.py

#!/usr/bin/env python
# _*_ coding: utf-8 _*_
import os, re, requests, platform
code_server_version =  requests.get("https://api.github.com/repos/cdr/code-server/releases/latest").json()["tag_name"]
if code_server_version == open(".github/code-server_version/code-server_version").read():
    print("It's the latest edition! version: " + code_server_version)
    os._exit("It's the latest edition!")
else:
    open(".github/code-server_version/code-server_version", "w").write(code_server_version)

Dockerfile

1
2

RUN if test `uname -p` = "x86_64"; then wget -O /www/bak/code-server.rpm `curl https://api.github.com/repos/cdr/code-server/releases/latest | grep "browser_download_url"  | cut -d '"' -f 4 | grep amd64.rpm` --no-cookie --no-check-certificate; fi \
    && if test `uname -p` = "aarch64"; then wget -O /www/bak/code-server.rpm `curl https://api.github.com/repos/cdr/code-server/releases/latest | grep "browser_download_url"  | cut -d '"' -f 4 | grep arm64.rpm` --no-cookie --no-check-certificate; fi

Multi-system Deployment

Docker-CobaltStrike.yml

name: Docker Code Server Build

on:
  push:
    branches:
      - main
  schedule:
    - cron:  '0 0 * * MON'

jobs:
  Build_For_Code_Server:
    name: Docker Code Server Build
    runs-on: ubuntu-latest
    steps:
      -
        name: Private Actions Checkout
        uses: actions/checkout@v2.3.4
      -
        name: Docker Setup QEMU
        uses: docker/setup-qemu-action@v1.2.0
      -
        name: Docker Setup Buildx
        uses: docker/setup-buildx-action@v1.6.0
      -
        name: Code Server Download
        run: |
          mkdir -p linux/arm64 linux/amd64
          wget -O linux/amd64/code-server.rpm `curl https://api.github.com/repos/cdr/code-server/releases/latest | grep "browser_download_url"  | cut -d '"' -f 4 | grep amd64.rpm` --no-cookie --no-check-certificate
          wget -O linux/arm64/code-server.rpm `curl https://api.github.com/repos/cdr/code-server/releases/latest | grep "browser_download_url"  | cut -d '"' -f 4 | grep amd64.rpm` --no-cookie --no-check-certificate

      -
        name: Docker Login
        uses: docker/login-action@v1.10.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push Docker images
        uses: docker/build-push-action@v2.7.0
        with:
          context: .
          platforms: linux/arm64,linux/amd64
          push: true
          tags: |
            xrsec/code-server:latest
          cache-from: type=gha
          cache-to: type=gha,mode=max

Manual

Docker_Oracle_Java_Build.yml

name: Docker Oracle Java Build

on:
  push

jobs:
  Build_For_Java8:
    name: Docker Oracle Java Build Java8
    runs-on: ubuntu-latest
    steps:
      -
        name: Private Actions Checkout
        uses: actions/checkout@v2.3.4
      -
        name: Docker Setup QEMU
        uses: docker/setup-qemu-action@v1.2.0
      -
        name: Docker Setup Buildx
        uses: docker/setup-buildx-action@v1.6.0
      -
        name: Docker Login
        uses: docker/login-action@v1.10.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push Docker images
        uses: docker/build-push-action@v2.7.0
        with:
          context: .
          platforms: linux/arm64,linux/amd64
          file: Dockerfiles/Dockerfile.8
          push: true
          tags: |
            xrsec/java:8
          cache-from: type=gha
          cache-to: type=gha,mode=max

  Build_For_Java11:
    name: Docker Oracle Java Build Java11
    runs-on: ubuntu-latest
    steps:
      -
        name: Private Actions Checkout
        uses: actions/checkout@v2.3.4
      -
        name: Docker Setup QEMU
        uses: docker/setup-qemu-action@v1.2.0
      -
        name: Docker Setup Buildx
        uses: docker/setup-buildx-action@v1.6.0
      -
        name: Docker Login
        uses: docker/login-action@v1.10.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push Docker images
        uses: docker/build-push-action@v2.7.0
        with:
          context: .
          platforms: linux/arm64,linux/amd64
          file: Dockerfiles/Dockerfile.11
          push: true
          tags: |
            xrsec/java:11
          cache-from: type=gha
          cache-to: type=gha,mode=max

  Build_For_Java16:
    name: Docker Oracle Java Build Java16
    runs-on: ubuntu-latest
    steps:
      -
        name: Private Actions Checkout
        uses: actions/checkout@v2.3.4
      -
        name: Docker Setup QEMU
        uses: docker/setup-qemu-action@v1.2.0
      -
        name: Docker Setup Buildx
        uses: docker/setup-buildx-action@v1.6.0
      -
        name: Docker Login
        uses: docker/login-action@v1.10.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push Docker images
        uses: docker/build-push-action@v2.7.0
        with:
          context: .
          platforms: linux/arm64,linux/amd64
          file: Dockerfiles/Dockerfile.16
          push: true
          tags: |
            xrsec/java:16
          cache-from: type=gha
          cache-to: type=gha,mode=max

  Build_For_Java17:
    name: Docker Oracle Java Build Java17
    runs-on: ubuntu-latest
    steps:
      -
        name: Private Actions Checkout
        uses: actions/checkout@v2.3.4
      -
        name: Docker Setup QEMU
        uses: docker/setup-qemu-action@v1.2.0
      -
        name: Docker Setup Buildx
        uses: docker/setup-buildx-action@v1.6.0
      -
        name: Docker Login
        uses: docker/login-action@v1.10.0
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      -
        name: Build and push Docker images
        uses: docker/build-push-action@v2.7.0
        with:
          context: .
          platforms: linux/arm64,linux/amd64
          file: Dockerfiles/Dockerfile.17
          push: true
          tags: |
            xrsec/java:17
            xrsec/java:latest
          cache-from: type=gha
          cache-to: type=gha,mode=max

Run action on event in another repository

jobs:
  build:
    # Main workflow job that builds, tests, etc.

  dispatch:
    needs: build
    strategy:
      matrix:
        repo: ['my-org/repo1', 'my-org/repo2', 'my-org/repo3']
    runs-on: ubuntu-latest
    steps:
      - name: Repository Dispatch
        uses: peter-evans/repository-dispatch@v1
        with:
          token: ${{ secrets.REPO_ACCESS_TOKEN }}
          repository: ${{ matrix.repo }}
          event-type: my-event

name: Repository Dispatch
on:
  repository_dispatch:
    types: [my-event]
jobs:
  myEvent:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          ref: ${{ github.event.client_payload.ref }}
      - run: echo ${{ github.event.client_payload.sha }}

Manifest

docker manifest create xrsec/java:latest xrsec/java:arm64-17 xrsec/java:amd64-17
docker manifest create xrsec/java:8 xrsec/java:arm64-8 xrsec/java:amd64-8
docker manifest create xrsec/java:11 xrsec/java:arm64-11 xrsec/java:amd64-11
docker manifest create xrsec/java:16 xrsec/java:arm64-16 xrsec/java:amd64-16
docker manifest create xrsec/java:17 xrsec/java:arm64-17 xrsec/java:amd64-17
docker manifest push xrsec/java:latest
docker manifest push xrsec/java:8
docker manifest push xrsec/java:11
docker manifest push xrsec/java:16
docker manifest push xrsec/java:17

Docker buildx env

Dockerfile 支持如下架构相关的变量

TARGETPLATFORM

构建镜像的目标平台，例如 linux/amd64, linux/arm/v7, windows/amd64。

TARGETOS

1	TARGETPLATFORM` 的 OS 类型，例如 `linux`, `windows`

TARGETARCH

1	TARGETPLATFORM` 的架构类型，例如 `amd64`, `arm`

TARGETVARIANT

1	TARGETPLATFORM` 的变种，该变量可能为空，例如 `v7`

BUILDPLATFORM

构建镜像主机平台，例如 linux/amd64

BUILDOS

1	BUILDPLATFORM` 的 OS 类型，例如 `linux`

BUILDARCH

1	BUILDPLATFORM` 的架构类型，例如 `amd64`

BUILDVARIANT

1	BUILDPLATFORM` 的变种，该变量可能为空，例如 `v7`

Use

例如我们要构建支持 linux/arm/v7 和 linux/amd64 两种架构的镜像。假设已经生成了两个平台对应的二进制文件：

bin/dist-linux-arm
bin/dist-linux-amd64

那么 Dockerfile 可以这样书写：

FROM scratch
# 使用变量必须申明
ARG TARGETOS

ARG TARGETARCH

COPY bin/dist-${TARGETOS}-${TARGETARCH} /dist

ENTRYPOINT ["dist"]

XRSec has the right to modify and interpret this article. If you want to reprint or disseminate this article, you must ensure the integrity of this article, including all contents such as copyright notice. Without the permission of the author, the content of this article shall not be modified or increased or decreased arbitrarily, and it shall not be used for commercial purposes in any way