Skip to content

Commit f81fc8a

Browse files
IllusoryKitsuneIllusoryKitsune
authored
Merge pull request #1 from IllusoryKitsune/claude/cleanup-and-credits-oP1qw
Cleanup: credit prior contributors, publish to GHCR, drop stale files
2 parents e02b51a + 866db97 commit f81fc8a

8 files changed

Lines changed: 95 additions & 144 deletions

File tree

.github/FUNDING.yml

Lines changed: 0 additions & 12 deletions
This file was deleted.

.github/workflows/build.yaml

Lines changed: 20 additions & 30 deletions
Original file line numberDiff line numberDiff line change
@@ -13,15 +13,17 @@ on:
1313
workflow_dispatch:
1414

1515
env:
16-
GHCR_REPO: shenxn/protonmail-bridge-docker
17-
DOCKERHUB_REPO: shenxn/protonmail-bridge
18-
DOCKER_REPO_DEV: ghcr.io/shenxn/protonmail-bridge
16+
GHCR_REPO: ghcr.io/illusorykitsune/protonmail-bridge-docker
1917
PLATFORMS: linux/amd64,linux/arm64/v8,linux/arm/v7,linux/riscv64
2018

2119
jobs:
2220
test:
2321
runs-on: ubuntu-latest
2422
if: github.ref != 'refs/heads/master'
23+
permissions:
24+
contents: read
25+
packages: write
26+
security-events: write
2527
steps:
2628
- name: Checkout
2729
uses: actions/checkout@master
@@ -35,7 +37,7 @@ jobs:
3537
uses: docker/metadata-action@v5
3638
with:
3739
images: |
38-
${{ env.DOCKER_REPO_DEV }}
40+
${{ env.GHCR_REPO }}
3941
4042
- name: Login to GHCR
4143
uses: docker/login-action@v3
@@ -54,17 +56,17 @@ jobs:
5456
uses: docker/build-push-action@v6
5557
with:
5658
labels: ${{ steps.meta.outputs.labels }}
57-
outputs: type=image,"name=${{ env.DOCKER_REPO_DEV }}",push-by-digest=false,name-canonical=true,push=true
59+
outputs: type=image,"name=${{ env.GHCR_REPO }}",push-by-digest=false,name-canonical=true,push=true
5860
context: ./build
5961
file: ./build/Dockerfile
60-
tags: "${{ env.DOCKER_REPO_DEV }}:dev-${{ github.ref_name }}"
62+
tags: "${{ env.GHCR_REPO }}:dev-${{ github.run_id }}"
6163
build-args: |
6264
version=${{ env.version }}
6365
6466
- name: Run Trivy vulnerability scan
65-
uses: aquasecurity/trivy-action@0.30.0
67+
uses: aquasecurity/trivy-action@v0.35.0
6668
with:
67-
image-ref: "${{ env.DOCKER_REPO_DEV }}:dev-${{ github.ref_name }}"
69+
image-ref: "${{ env.GHCR_REPO }}:dev-${{ github.run_id }}"
6870
format: 'sarif'
6971
exit-code: 0
7072
severity: 'CRITICAL,HIGH'
@@ -78,6 +80,9 @@ jobs:
7880
build:
7981
runs-on: ubuntu-latest
8082
if: github.event_name == 'push' && github.ref == 'refs/heads/master'
83+
permissions:
84+
contents: read
85+
packages: write
8186
strategy:
8287
fail-fast: false
8388
matrix:
@@ -104,15 +109,8 @@ jobs:
104109
uses: docker/metadata-action@v5
105110
with:
106111
images: |
107-
${{ env.DOCKERHUB_REPO }}
108112
${{ env.GHCR_REPO }}
109113
110-
- name: Login to Docker Hub
111-
uses: docker/login-action@v3
112-
with:
113-
username: ${{ secrets.REGISTRY_USERNAME }}
114-
password: ${{ secrets.REGISTRY_PASSWORD }}
115-
116114
- name: Login to GHCR
117115
uses: docker/login-action@v3
118116
with:
@@ -132,12 +130,10 @@ jobs:
132130
with:
133131
platforms: ${{ matrix.platform }}
134132
labels: ${{ steps.meta.outputs.labels }}
135-
outputs: type=image,"name=name=${{ env.DOCKERHUB_REPO }},${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=false
133+
outputs: type=image,"name=${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=true
136134
context: ./build
137135
file: ./build/Dockerfile
138136
tags: |
139-
"${{ env.DOCKERHUB_REPO }}:build"
140-
"${{ env.DOCKERHUB_REPO }}:${{ env.version }}-build"
141137
"${{ env.GHCR_REPO }}:build"
142138
"${{ env.GHCR_REPO }}:${{ env.version }}-build"
143139
provenance: false
@@ -164,6 +160,10 @@ jobs:
164160
runs-on: ubuntu-latest
165161
needs:
166162
- build
163+
permissions:
164+
contents: read
165+
packages: write
166+
security-events: write
167167
steps:
168168
- name: Download digests
169169
uses: actions/download-artifact@v4
@@ -176,12 +176,6 @@ jobs:
176176
id: version
177177
run: echo "version=`cat VERSION`" >> $GITHUB_ENV
178178

179-
- name: Login to Docker Hub
180-
uses: docker/login-action@v3
181-
with:
182-
username: ${{ secrets.REGISTRY_USERNAME }}
183-
password: ${{ secrets.REGISTRY_PASSWORD }}
184-
185179
- name: Login to GHCR
186180
uses: docker/login-action@v3
187181
with:
@@ -199,7 +193,6 @@ jobs:
199193
uses: docker/metadata-action@v5
200194
with:
201195
images: |
202-
${{ env.DOCKERHUB_REPO }}
203196
${{ env.GHCR_REPO }}
204197
tags: |
205198
type=raw,enable=true,value=${{ env.version }}-build
@@ -208,15 +201,13 @@ jobs:
208201
- name: Create manifest list and push
209202
working-directory: ${{ runner.temp }}/digests
210203
run: |
211-
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
212-
$(printf '${{ env.DOCKERHUB_REPO }}@sha256:%s ' *)
213204
docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
214205
$(printf '${{ env.GHCR_REPO }}@sha256:%s ' *)
215206
216207
- name: Run Trivy vulnerability scan
217-
uses: aquasecurity/trivy-action@0.30.0
208+
uses: aquasecurity/trivy-action@v0.35.0
218209
with:
219-
image-ref: "${{ env.DOCKERHUB_REPO }}:${{ env.version }}-build"
210+
image-ref: "${{ env.GHCR_REPO }}:${{ env.version }}-build"
220211
format: 'sarif'
221212
exit-code: 0
222213
severity: 'CRITICAL,HIGH'
@@ -228,5 +219,4 @@ jobs:
228219

229220
- name: Inspect image
230221
run: |
231-
docker buildx imagetools inspect ${{ env.DOCKERHUB_REPO }}:${{ steps.meta.outputs.version }}
232222
docker buildx imagetools inspect ${{ env.GHCR_REPO }}:${{ steps.meta.outputs.version }}

.github/workflows/deb.yaml

Lines changed: 18 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -13,12 +13,16 @@ on:
1313
workflow_dispatch:
1414

1515
env:
16-
DOCKER_REPO: shenxn/protonmail-bridge
17-
DOCKER_REPO_DEV: ghcr.io/shenxn/protonmail-bridge-dev
16+
DOCKER_REPO: ghcr.io/illusorykitsune/protonmail-bridge-docker
17+
DOCKER_REPO_DEV: ghcr.io/illusorykitsune/protonmail-bridge-docker-dev
1818

1919
jobs:
2020
deb:
2121
runs-on: ubuntu-latest
22+
permissions:
23+
contents: read
24+
packages: write
25+
security-events: write
2226
steps:
2327
- name: Checkout
2428
uses: actions/checkout@master
@@ -27,16 +31,21 @@ jobs:
2731
run: echo "version=`cat VERSION`" >> $GITHUB_ENV
2832
- name: Set repo
2933
id: repo
30-
run: if [[ $GITHUB_REF == "refs/heads/master" ]]; then echo "::set-output name=repo::${DOCKER_REPO}"; else echo "::set-output name=repo::${DOCKER_REPO_DEV}"; fi
34+
run: |
35+
if [[ "$GITHUB_REF" == "refs/heads/master" ]]; then
36+
echo "repo=${DOCKER_REPO}" >> "$GITHUB_OUTPUT"
37+
else
38+
echo "repo=${DOCKER_REPO_DEV}" >> "$GITHUB_OUTPUT"
39+
fi
3140
- name: Docker meta
3241
id: docker_meta
33-
uses: crazy-max/ghaction-docker-meta@v1
42+
uses: docker/metadata-action@v5
3443
with:
3544
images: ${{ steps.repo.outputs.repo }}
3645
- name: Set up Docker Buildx
37-
uses: docker/setup-buildx-action@v1
46+
uses: docker/setup-buildx-action@v3
3847
- name: Build image without push
39-
uses: docker/build-push-action@v2
48+
uses: docker/build-push-action@v6
4049
with:
4150
context: ./deb
4251
file: ./deb/Dockerfile
@@ -54,21 +63,15 @@ jobs:
5463
uses: github/codeql-action/upload-sarif@v3
5564
with:
5665
sarif_file: ${{ steps.scan.outputs.sarif }}
57-
- name: Login to DockerHub
58-
uses: docker/login-action@v1
59-
if: ${{ github.event_name != 'pull_request' }}
60-
with:
61-
username: ${{ secrets.REGISTRY_USERNAME }}
62-
password: ${{ secrets.REGISTRY_PASSWORD }}
6366
- name: Login to GitHub Container Registry
64-
uses: docker/login-action@v1
67+
uses: docker/login-action@v3
6568
if: ${{ github.event_name != 'pull_request' }}
6669
with:
6770
registry: ghcr.io
6871
username: ${{ github.repository_owner }}
69-
password: ${{ secrets.CR_PAT }}
72+
password: ${{ secrets.GITHUB_TOKEN }}
7073
- name: Push image
71-
uses: docker/build-push-action@v2
74+
uses: docker/build-push-action@v6
7275
with:
7376
context: ./deb
7477
file: ./deb/Dockerfile

.github/workflows/mirror.yaml

Lines changed: 0 additions & 27 deletions
This file was deleted.

0 commit comments

Comments
 (0)