diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index 66f0f374cfb9f76cd2a613c2561290cc60ce67d0..dd51dc05bcf2b4eab69cfbe7f0958920a933ddbe 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -43,7 +43,7 @@ jobs:
steps:
# Checkout the repo
- name: "Checkout"
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+ uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
# End Checkout the repo
@@ -71,7 +71,7 @@ jobs:
# Only install the clippy and rustfmt components on the default rust-toolchain
- name: "Install rust-toolchain version"
- uses: dtolnay/rust-toolchain@e12eda571dc9a5ee5d58eecf4738ec291c66f295 # master @ 2023-02-19 - 02:23 GMT+1
+ uses: dtolnay/rust-toolchain@fc3253060d0c959bea12a59f10f8391454a0b02d # master @ 2023-03-21 - 06:36 GMT+1
if: ${{ matrix.channel == 'rust-toolchain' }}
with:
toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}"
@@ -81,7 +81,7 @@ jobs:
# Install the any other channel to be used for which we do not execute clippy and rustfmt
- name: "Install MSRV version"
- uses: dtolnay/rust-toolchain@e12eda571dc9a5ee5d58eecf4738ec291c66f295 # master @ 2023-02-19 - 02:23 GMT+1
+ uses: dtolnay/rust-toolchain@fc3253060d0c959bea12a59f10f8391454a0b02d # master @ 2023-03-21 - 06:36 GMT+1
if: ${{ matrix.channel != 'rust-toolchain' }}
with:
toolchain: "${{steps.toolchain.outputs.RUST_TOOLCHAIN}}"
diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml
index e0620bf87dfe3fbf8e52750d44ba7508d370ffb6..5ac3503215744970a04988a6a3343b88d237fca1 100644
--- a/.github/workflows/hadolint.yml
+++ b/.github/workflows/hadolint.yml
@@ -13,7 +13,7 @@ jobs:
steps:
# Checkout the repo
- name: Checkout
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+ uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
# End Checkout the repo
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index d01c3cd35785d4a88000c57baca67c502c7da257..01e966d76b4c6a4a562fb04763351308b25fdd5e 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -52,10 +52,19 @@ jobs:
# build performance and the ability to copy extended file attributes
# (e.g., for executable capabilities) across build phases.
DOCKER_BUILDKIT: 1
- # DOCKER_REPO/secrets.DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>'
- DOCKER_REPO: ${{ secrets.DOCKERHUB_REPO }}
SOURCE_COMMIT: ${{ github.sha }}
SOURCE_REPOSITORY_URL: "https://github.com/${{ github.repository }}"
+ # The *_REPO variables need to be configured as repository variables
+ # Append `/settings/variables/actions` to your repo url
+ # DOCKERHUB_REPO needs to be 'index.docker.io/<user>/<repo>'
+ # Check for Docker hub credentials in secrets
+ HAVE_DOCKERHUB_LOGIN: ${{ vars.DOCKERHUB_REPO != '' && secrets.DOCKERHUB_USERNAME != '' && secrets.DOCKERHUB_TOKEN != '' }}
+ # GHCR_REPO needs to be 'ghcr.io/<user>/<repo>'
+ # Check for Github credentials in secrets
+ HAVE_GHCR_LOGIN: ${{ vars.GHCR_REPO != '' && github.repository_owner != '' && secrets.GITHUB_TOKEN != '' }}
+ # QUAY_REPO needs to be 'quay.io/<user>/<repo>'
+ # Check for Quay.io credentials in secrets
+ HAVE_QUAY_LOGIN: ${{ vars.QUAY_REPO != '' && secrets.QUAY_USERNAME != '' && secrets.QUAY_TOKEN != '' }}
if: ${{ needs.skip_check.outputs.should_skip != 'true' && github.repository == 'dani-garcia/vaultwarden' }}
strategy:
matrix:
@@ -64,17 +73,10 @@ jobs:
steps:
# Checkout the repo
- name: Checkout
- uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+ uses: actions/checkout@24cb9080177205b6e8c946b17badbe402adc938f # v3.4.0
with:
fetch-depth: 0
- # Login to Docker Hub
- - name: Login to Docker Hub
- uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
- with:
- username: ${{ secrets.DOCKERHUB_USERNAME }}
- password: ${{ secrets.DOCKERHUB_TOKEN }}
-
# Determine Docker Tag
- name: Init Variables
id: vars
@@ -88,34 +90,146 @@ jobs:
fi
# End Determine Docker Tag
- - name: Build Debian based images
+ # Login to Docker Hub
+ - name: Login to Docker Hub
+ uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
+ with:
+ username: ${{ secrets.DOCKERHUB_USERNAME }}
+ password: ${{ secrets.DOCKERHUB_TOKEN }}
+ if: ${{ env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ # Login to GitHub Container Registry
+ - name: Login to GitHub Container Registry
+ uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
+ with:
+ registry: ghcr.io
+ username: ${{ github.repository_owner }}
+ password: ${{ secrets.GITHUB_TOKEN }}
+ if: ${{ env.HAVE_GHCR_LOGIN == 'true' }}
+
+ # Login to Quay.io
+ - name: Login to Quay.io
+ uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a # v2.1.0
+ with:
+ registry: quay.io
+ username: ${{ secrets.QUAY_USERNAME }}
+ password: ${{ secrets.QUAY_TOKEN }}
+ if: ${{ env.HAVE_QUAY_LOGIN == 'true' }}
+
+ # Debian
+
+ # Docker Hub
+ - name: Build Debian based images (docker.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
+ run: |
+ ./hooks/build
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ - name: Push Debian based images (docker.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
+ run: |
+ ./hooks/push
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ # GitHub Container Registry
+ - name: Build Debian based images (ghcr.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.GHCR_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
+ run: |
+ ./hooks/build
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }}
+
+ - name: Push Debian based images (ghcr.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.GHCR_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
+ run: |
+ ./hooks/push
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_GHCR_LOGIN == 'true' }}
+
+ # Quay.io
+ - name: Build Debian based images (quay.io)
shell: bash
env:
+ DOCKER_REPO: "${{ vars.QUAY_REPO }}"
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
run: |
./hooks/build
- if: ${{ matrix.base_image == 'debian' }}
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }}
- - name: Push Debian based images
+ - name: Push Debian based images (quay.io)
shell: bash
env:
+ DOCKER_REPO: "${{ vars.QUAY_REPO }}"
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}"
run: |
./hooks/push
- if: ${{ matrix.base_image == 'debian' }}
+ if: ${{ matrix.base_image == 'debian' && env.HAVE_QUAY_LOGIN == 'true' }}
+
+ # Alpine
+
+ # Docker Hub
+ - name: Build Alpine based images (docker.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+ run: |
+ ./hooks/build
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ - name: Push Alpine based images (docker.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.DOCKERHUB_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+ run: |
+ ./hooks/push
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_DOCKERHUB_LOGIN == 'true' }}
+
+ # GitHub Container Registry
+ - name: Build Alpine based images (ghcr.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.GHCR_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+ run: |
+ ./hooks/build
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }}
+
+ - name: Push Alpine based images (ghcr.io)
+ shell: bash
+ env:
+ DOCKER_REPO: "${{ vars.GHCR_REPO }}"
+ DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
+ run: |
+ ./hooks/push
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_GHCR_LOGIN == 'true' }}
- - name: Build Alpine based images
+ # Quay.io
+ - name: Build Alpine based images (quay.io)
shell: bash
env:
+ DOCKER_REPO: "${{ vars.QUAY_REPO }}"
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
run: |
./hooks/build
- if: ${{ matrix.base_image == 'alpine' }}
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }}
- - name: Push Alpine based images
+ - name: Push Alpine based images (quay.io)
shell: bash
env:
+ DOCKER_REPO: "${{ vars.QUAY_REPO }}"
DOCKER_TAG: "${{steps.vars.outputs.DOCKER_TAG}}-alpine"
run: |
./hooks/push
- if: ${{ matrix.base_image == 'alpine' }}
+ if: ${{ matrix.base_image == 'alpine' && env.HAVE_QUAY_LOGIN == 'true' }}
diff --git a/docker/Dockerfile.j2 b/docker/Dockerfile.j2
index d4182ddbc7a4c5829dae4fb6532532752ef00a6d..3d356c6c8dd0952ab32a0a4f91c54fca2e539183 100644
--- a/docker/Dockerfile.j2
+++ b/docker/Dockerfile.j2
@@ -3,22 +3,22 @@
# This file was generated using a Jinja2 template.
# Please make your changes in `Dockerfile.j2` and then `make` the individual Dockerfiles.
-{% set build_stage_base_image = "rust:1.67.1-bullseye" %}
+{% set build_stage_base_image = "rust:1.68.1-bullseye" %}
{% if "alpine" in target_file %}
{% if "amd64" in target_file %}
-{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-1.67.1" %}
+{% set build_stage_base_image = "blackdex/rust-musl:x86_64-musl-stable-1.68.1" %}
{% set runtime_stage_base_image = "alpine:3.17" %}
{% set package_arch_target = "x86_64-unknown-linux-musl" %}
{% elif "armv7" in target_file %}
-{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-1.67.1" %}
+{% set build_stage_base_image = "blackdex/rust-musl:armv7-musleabihf-stable-1.68.1" %}
{% set runtime_stage_base_image = "balenalib/armv7hf-alpine:3.17" %}
{% set package_arch_target = "armv7-unknown-linux-musleabihf" %}
{% elif "armv6" in target_file %}
-{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-1.67.1" %}
+{% set build_stage_base_image = "blackdex/rust-musl:arm-musleabi-stable-1.68.1" %}
{% set runtime_stage_base_image = "balenalib/rpi-alpine:3.17" %}
{% set package_arch_target = "arm-unknown-linux-musleabi" %}
{% elif "arm64" in target_file %}
-{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-1.67.1" %}
+{% set build_stage_base_image = "blackdex/rust-musl:aarch64-musl-stable-1.68.1" %}
{% set runtime_stage_base_image = "balenalib/aarch64-alpine:3.17" %}
{% set package_arch_target = "aarch64-unknown-linux-musl" %}
{% endif %}
diff --git a/docker/amd64/Dockerfile b/docker/amd64/Dockerfile
index abddea8633713603f20a9081a90a03d620da5706..f6a60f6dc6ec16f8623eb9f42b87c091f103e0e7 100644
--- a/docker/amd64/Dockerfile
+++ b/docker/amd64/Dockerfile
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM rust:1.67.1-bullseye as build
+FROM rust:1.68.1-bullseye as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/amd64/Dockerfile.alpine b/docker/amd64/Dockerfile.alpine
index e5f666796407b582959eb5426b58c1b3f48b0b87..ca901b7c0ce9865a0cb5d2317269834d8b6c4e18 100644
--- a/docker/amd64/Dockerfile.alpine
+++ b/docker/amd64/Dockerfile.alpine
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM blackdex/rust-musl:x86_64-musl-stable-1.67.1 as build
+FROM blackdex/rust-musl:x86_64-musl-stable-1.68.1 as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/amd64/Dockerfile.buildkit b/docker/amd64/Dockerfile.buildkit
index 5d846cc484e0bf53bbab1bb111773eb30f9eb70e..25ece07010caacca160bef2861533cc1d66bb055 100644
--- a/docker/amd64/Dockerfile.buildkit
+++ b/docker/amd64/Dockerfile.buildkit
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM rust:1.67.1-bullseye as build
+FROM rust:1.68.1-bullseye as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/amd64/Dockerfile.buildkit.alpine b/docker/amd64/Dockerfile.buildkit.alpine
index 9542e7bb4d82141e6489f64b04fb1c4aca0b1c0a..9ac187a2b96d2ad55ff6df4ac3756106b0a60470 100644
--- a/docker/amd64/Dockerfile.buildkit.alpine
+++ b/docker/amd64/Dockerfile.buildkit.alpine
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM blackdex/rust-musl:x86_64-musl-stable-1.67.1 as build
+FROM blackdex/rust-musl:x86_64-musl-stable-1.68.1 as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/arm64/Dockerfile b/docker/arm64/Dockerfile
index 7214ed9b98ac8c4d9b965521b399f89929d58edf..ea95cee0d1b96cce02dd82383696453a67b665e2 100644
--- a/docker/arm64/Dockerfile
+++ b/docker/arm64/Dockerfile
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM rust:1.67.1-bullseye as build
+FROM rust:1.68.1-bullseye as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/arm64/Dockerfile.alpine b/docker/arm64/Dockerfile.alpine
index a5e3215df32afac35a8e8abe507946cf1927e982..2dc1594dab8082a1d499ad5e0290f4b5b4855ce0 100644
--- a/docker/arm64/Dockerfile.alpine
+++ b/docker/arm64/Dockerfile.alpine
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM blackdex/rust-musl:aarch64-musl-stable-1.67.1 as build
+FROM blackdex/rust-musl:aarch64-musl-stable-1.68.1 as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/arm64/Dockerfile.buildkit b/docker/arm64/Dockerfile.buildkit
index a429051a640c761389b48288887d1a9df4f2ecf5..19921807cd737ff935555a9af2cd33b1fe13465b 100644
--- a/docker/arm64/Dockerfile.buildkit
+++ b/docker/arm64/Dockerfile.buildkit
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM rust:1.67.1-bullseye as build
+FROM rust:1.68.1-bullseye as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/arm64/Dockerfile.buildkit.alpine b/docker/arm64/Dockerfile.buildkit.alpine
index 0ec202e55b7bb35f333bcaa20c472cf0345848df..73dff9e8551a4bb3b04ce92c47c0904c07991f53 100644
--- a/docker/arm64/Dockerfile.buildkit.alpine
+++ b/docker/arm64/Dockerfile.buildkit.alpine
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM blackdex/rust-musl:aarch64-musl-stable-1.67.1 as build
+FROM blackdex/rust-musl:aarch64-musl-stable-1.68.1 as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/armv6/Dockerfile b/docker/armv6/Dockerfile
index 64165193786f98602c6b874d6a9cf66fdb4151e2..31aa82f99047cc29b1010f0be392992a7e40800f 100644
--- a/docker/armv6/Dockerfile
+++ b/docker/armv6/Dockerfile
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM rust:1.67.1-bullseye as build
+FROM rust:1.68.1-bullseye as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/armv6/Dockerfile.alpine b/docker/armv6/Dockerfile.alpine
index 6eb386f267995a7ca1b4ce75dd36f1efac35dfd6..3bd45884853316a31a6cc5aed710adbc7273a761 100644
--- a/docker/armv6/Dockerfile.alpine
+++ b/docker/armv6/Dockerfile.alpine
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM blackdex/rust-musl:arm-musleabi-stable-1.67.1 as build
+FROM blackdex/rust-musl:arm-musleabi-stable-1.68.1 as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/armv6/Dockerfile.buildkit b/docker/armv6/Dockerfile.buildkit
index acf3fb23e1e6d0b8333b967bd2aa3e7c68fa5d6c..214a88a29f840fde56da95f1569a319c531f39c6 100644
--- a/docker/armv6/Dockerfile.buildkit
+++ b/docker/armv6/Dockerfile.buildkit
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM rust:1.67.1-bullseye as build
+FROM rust:1.68.1-bullseye as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/armv6/Dockerfile.buildkit.alpine b/docker/armv6/Dockerfile.buildkit.alpine
index c6a8a90f313a0073623ae4997adf97ddbba5fdc4..820d4a427691ade68581928b1ea86a76ec10c9c3 100644
--- a/docker/armv6/Dockerfile.buildkit.alpine
+++ b/docker/armv6/Dockerfile.buildkit.alpine
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM blackdex/rust-musl:arm-musleabi-stable-1.67.1 as build
+FROM blackdex/rust-musl:arm-musleabi-stable-1.68.1 as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/armv7/Dockerfile b/docker/armv7/Dockerfile
index cc76a3b9d68af2a3c42e1ab59209f22d058117c0..3f653313e9a23cab158e63a70be7b7727a13b25f 100644
--- a/docker/armv7/Dockerfile
+++ b/docker/armv7/Dockerfile
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM rust:1.67.1-bullseye as build
+FROM rust:1.68.1-bullseye as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/armv7/Dockerfile.alpine b/docker/armv7/Dockerfile.alpine
index d0f4adb85530cad9ec09ec1baa65c92a39f3ad0b..6dfb830047100fd90251620282083630cc79cb3a 100644
--- a/docker/armv7/Dockerfile.alpine
+++ b/docker/armv7/Dockerfile.alpine
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM blackdex/rust-musl:armv7-musleabihf-stable-1.67.1 as build
+FROM blackdex/rust-musl:armv7-musleabihf-stable-1.68.1 as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/armv7/Dockerfile.buildkit b/docker/armv7/Dockerfile.buildkit
index b575c5abc1f0f763c9547d03c7a57124d42125c4..cdd049dbc69d4e4bcacdfb3179450c8332f7b184 100644
--- a/docker/armv7/Dockerfile.buildkit
+++ b/docker/armv7/Dockerfile.buildkit
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM rust:1.67.1-bullseye as build
+FROM rust:1.68.1-bullseye as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/docker/armv7/Dockerfile.buildkit.alpine b/docker/armv7/Dockerfile.buildkit.alpine
index 0361051afa2b774723f384d0f998870579c7524a..db8947c50971b580b2033c1f0ff4a98dcb39c454 100644
--- a/docker/armv7/Dockerfile.buildkit.alpine
+++ b/docker/armv7/Dockerfile.buildkit.alpine
@@ -27,7 +27,7 @@
FROM vaultwarden/web-vault@sha256:8b658e46339dde404b6370b381422e3522a133560264266e285acdd9adf807fe as vault
########################## BUILD IMAGE ##########################
-FROM blackdex/rust-musl:armv7-musleabihf-stable-1.67.1 as build
+FROM blackdex/rust-musl:armv7-musleabihf-stable-1.68.1 as build
# Build time options to avoid dpkg warnings and help with reproducible builds.
ENV DEBIAN_FRONTEND=noninteractive \
diff --git a/hooks/arches.sh b/hooks/arches.sh
index c27adf31adaaaa3af0d4ac965e93579665abfbd3..96114fae484fd9c55bb8e8bbee3ad2101f22d3df 100644
--- a/hooks/arches.sh
+++ b/hooks/arches.sh
@@ -1,3 +1,5 @@
+#!/usr/bin/env bash
+
# The default Debian-based images support these arches for all database backends.
arches=(
amd64
@@ -5,7 +7,9 @@ arches=(
armv7
arm64
)
+export arches
if [[ "${DOCKER_TAG}" == *alpine ]]; then
distro_suffix=.alpine
fi
+export distro_suffix
diff --git a/hooks/build b/hooks/build
index f0dd249ee700a7f7e48b1cd7faadbfe6926889e9..b89a56610b14cc217bc678c937675a798057e9d7 100755
--- a/hooks/build
+++ b/hooks/build
@@ -1,7 +1,8 @@
-#!/bin/bash
+#!/usr/bin/env bash
echo ">>> Building images..."
+# shellcheck source=arches.sh
source ./hooks/arches.sh
if [[ -z "${SOURCE_COMMIT}" ]]; then
@@ -26,7 +27,7 @@ LABELS=(
org.opencontainers.image.licenses="AGPL-3.0-only"
org.opencontainers.image.revision="${SOURCE_COMMIT}"
org.opencontainers.image.source="${SOURCE_REPOSITORY_URL}"
- org.opencontainers.image.url="https://hub.docker.com/r/${DOCKER_REPO#*/}"
+ org.opencontainers.image.url="https://github.com/dani-garcia/vaultwarden"
org.opencontainers.image.version="${SOURCE_VERSION}"
)
LABEL_ARGS=()
@@ -45,6 +46,6 @@ for arch in "${arches[@]}"; do
docker build \
"${LABEL_ARGS[@]}" \
-t "${DOCKER_REPO}:${DOCKER_TAG}-${arch}" \
- -f docker/${arch}/Dockerfile${buildkit_suffix}${distro_suffix} \
+ -f "docker/${arch}/Dockerfile${buildkit_suffix}${distro_suffix}" \
.
done
diff --git a/hooks/pre_build b/hooks/pre_build
index 6cb50ab1e5fed103555dd2386084c5bdb1c2abf1..9829bb5d8eaf350664b42cf13cb0396d0322a279 100755
--- a/hooks/pre_build
+++ b/hooks/pre_build
@@ -1,4 +1,4 @@
-#!/bin/bash
+#!/usr/bin/env bash
set -ex
diff --git a/hooks/push b/hooks/push
index 75d3d0390a2eb92281d793050e70fbc37af0f414..f2a3267f215d2869e6716ebfa483270dc11a171d 100755
--- a/hooks/push
+++ b/hooks/push
@@ -1,5 +1,6 @@
-#!/bin/bash
+#!/usr/bin/env bash
+# shellcheck source=arches.sh
source ./hooks/arches.sh
export DOCKER_CLI_EXPERIMENTAL=enabled
@@ -41,7 +42,7 @@ LOCAL_REPO="${LOCAL_REGISTRY}/${REPO}"
echo ">>> Pushing images to local registry..."
-for arch in ${arches[@]}; do
+for arch in "${arches[@]}"; do
docker_image="${DOCKER_REPO}:${DOCKER_TAG}-${arch}"
local_image="${LOCAL_REPO}:${DOCKER_TAG}-${arch}"
docker tag "${docker_image}" "${local_image}"
@@ -71,9 +72,9 @@ tags=("${DOCKER_REPO}:${DOCKER_TAG}")
# to make it easier for users to track the latest release.
if [[ "${DOCKER_TAG}" =~ ^[0-9]+\.[0-9]+\.[0-9]+ ]]; then
if [[ "${DOCKER_TAG}" == *alpine ]]; then
- tags+=(${DOCKER_REPO}:alpine)
+ tags+=("${DOCKER_REPO}:alpine")
else
- tags+=(${DOCKER_REPO}:latest)
+ tags+=("${DOCKER_REPO}:latest")
fi
fi
@@ -91,10 +92,10 @@ declare -A arch_to_platform=(
[arm64]="linux/arm64"
)
platforms=()
-for arch in ${arches[@]}; do
+for arch in "${arches[@]}"; do
platforms+=("${arch_to_platform[$arch]}")
done
-platforms="$(join "," "${platforms[@]}")"
+platform="$(join "," "${platforms[@]}")"
# Run the build, pushing the resulting images and multi-arch manifest list to
# Docker Hub. The Dockerfile is read from stdin to avoid sending any build
@@ -104,7 +105,7 @@ docker buildx build \
--network host \
--build-arg LOCAL_REPO="${LOCAL_REPO}" \
--build-arg DOCKER_TAG="${DOCKER_TAG}" \
- --platform "${platforms}" \
+ --platform "${platform}" \
"${tag_args[@]}" \
--push \
- < ./docker/Dockerfile.buildx
diff --git a/rust-toolchain b/rust-toolchain
index ee2f4ca913048744aab4763a96594995e832c29a..0944cc489c25b66cfb75e162d6e2c983529ab43e 100644
--- a/rust-toolchain
+++ b/rust-toolchain
@@ -1 +1 @@
-1.68.0
+1.68.1