add nightly build and push (#2297)

* add nightly build and push * add date based nightly build tags * only keep single multiarch image build and push * add changelog * add images to internal docs static files * add docu for nightly builds * remove unnecessary spaces * update nightly repository
2025-03-17 21:17:53 +02:00 · 2023-11-18 14:56:29 +01:00 · 2023-11-18 14:56:29 +01:00 · bee7879cb2
commit bee7879cb2
parent 53cd0b83d3
10 changed files with 101 additions and 31 deletions
--- a/.github/workflows/nightly.yml
+++ b/.github/workflows/nightly.yml
@ -0,0 +1,39 @@
+name: Nightly builds
+
+on:
+  schedule: # Run every day at 03:00 UTC
+    - cron: '0 3 * * *'
+  workflow_dispatch:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - name: Check out code
+      uses: actions/checkout@v3
+      with:
+        ref: master
+        fetch-depth: 0
+        fetch-tags: true
+
+    - name: Set up QEMU
+      uses: docker/setup-qemu-action@v2
+
+    - name: Set up Docker Buildx
+      id: buildx
+      uses: docker/setup-buildx-action@v2
+
+    - name: Login to quay.io
+      uses: docker/login-action@v2
+      with:
+        registry: quay.io/oauth2-proxy
+        username: ${{ secrets.REGISTRY_USERNAME_NIGHTLY }}
+        password: ${{ secrets.REGISTRY_PASSWORD_NIGHTLY }}
+
+    - name: Build images
+      run: |
+        make docker-nightly-build
+
+    - name: Push images
+      run: |
+        make docker-nightly-push
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -15,8 +15,9 @@
 - [#2274](https://github.com/oauth2-proxy/oauth2-proxy/pull/2274) Upgrade golang.org/x/net to v0.17.0 (@pierluigilenoci)
 - [#2278](https://github.com/oauth2-proxy/oauth2-proxy/pull/2278) Improve the Nginx auth_request example (@akunzai)
 - [#2282](https://github.com/oauth2-proxy/oauth2-proxy/pull/2282) Fixed checking Google Groups membership using Google Application Credentials (@kvanzuijlen)
- [#2183](https://github.com/oauth2-proxy/oauth2-proxy/pull/2183) Allowing relative redirect url though an option
+- [#2183](https://github.com/oauth2-proxy/oauth2-proxy/pull/2183) Allowing relative redirect url though an option (@axel7083)
 - [#1866](https://github.com/oauth2-proxy/oauth2-proxy/pull/1866) Add support for unix socker as upstream (@babs)
+- [#2297](https://github.com/oauth2-proxy/oauth2-proxy/pull/2297) Add nightly build and push (@tuunit)

 # V7.5.1

--- a/25
+++ b/25
@ -5,6 +5,7 @@ BINARY := oauth2-proxy
 VERSION ?= $(shell git describe --always --dirty --tags 2>/dev/null || echo "undefined")
 # Allow to override image registry.
 REGISTRY ?= quay.io/oauth2-proxy
+DATE := $(shell date +"%Y%m%d")
 .NOTPARALLEL:

 GO_MAJOR_VERSION = $(shell $(GO) version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f1)
@ -51,6 +52,10 @@ DOCKER_BUILDX_PUSH_X_PLATFORM := $(DOCKER_BUILDX_PUSH) --platform ${DOCKER_BUILD
 docker:
 	$(DOCKER_BUILDX_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:latest -t $(REGISTRY)/oauth2-proxy:${VERSION} .

+.PHONY: docker-push
+docker-push:
+	$(DOCKER_BUILDX_PUSH_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:latest -t $(REGISTRY)/oauth2-proxy:${VERSION} .
+
 .PHONY: docker-all
 docker-all: docker
 	$(DOCKER_BUILDX) --platform linux/amd64   -t $(REGISTRY)/oauth2-proxy:latest-amd64   -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 .
@ -59,10 +64,6 @@ docker-all: docker
 	$(DOCKER_BUILDX) --platform linux/arm/v6  -t $(REGISTRY)/oauth2-proxy:latest-armv6   -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 .
 	$(DOCKER_BUILDX) --platform linux/arm/v7  -t $(REGISTRY)/oauth2-proxy:latest-armv7   -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv7 .

-.PHONY: docker-push
-docker-push:
-	$(DOCKER_BUILDX_PUSH_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:latest -t $(REGISTRY)/oauth2-proxy:${VERSION} .
-
 .PHONY: docker-push-all
 docker-push-all: docker-push
 	$(DOCKER_BUILDX_PUSH) --platform linux/amd64   -t $(REGISTRY)/oauth2-proxy:latest-amd64   -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 .
@ -71,6 +72,14 @@ docker-push-all: docker-push
 	$(DOCKER_BUILDX_PUSH) --platform linux/arm/v6  -t $(REGISTRY)/oauth2-proxy:latest-armv6   -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 .
 	$(DOCKER_BUILDX_PUSH) --platform linux/arm/v7  -t $(REGISTRY)/oauth2-proxy:latest-armv7   -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv7 .

+.PHONY: docker-nightly-build
+docker-nightly-build:
+	$(DOCKER_BUILDX_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy-nightly:latest -t $(REGISTRY)/oauth2-proxy-nightly-${DATE} .
+
+.PHONY: docker-nightly-push
+docker-nightly-push:
+	$(DOCKER_BUILDX_PUSH_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy-nightly:latest -t $(REGISTRY)/oauth2-proxy-nightly-${DATE} .
+
 .PHONY: generate
 generate:
 	go generate ./pkg/...
@ -101,10 +110,10 @@ validate-go-version:

 # local-env can be used to interact with the local development environment
 # eg:
-#    make local-env-up 					# Bring up a basic test environment
-#    make local-env-down 				# Tear down the basic test environment
-#    make local-env-nginx-up 		# Bring up an nginx based test environment
-#    make local-env-nginx-down 	# Tead down the nginx based test environment
+#    make local-env-up          # Bring up a basic test environment
+#    make local-env-down        # Tear down the basic test environment
+#    make local-env-nginx-up    # Bring up an nginx based test environment
+#    make local-env-nginx-down  # Tead down the nginx based test environment
 .PHONY: local-env-%
 local-env-%:
 	make -C contrib/local-environment $*
--- a/README.md
+++ b/README.md
@ -1,4 +1,4 @@
-![OAuth2 Proxy](/docs/static/img/logos/OAuth2_Proxy_horizontal.svg)
+![OAuth2 Proxy](docs/static/img/logos/OAuth2_Proxy_horizontal.svg)

 [![Continuous Integration](https://github.com/oauth2-proxy/oauth2-proxy/actions/workflows/ci.yaml/badge.svg)](https://github.com/oauth2-proxy/oauth2-proxy/actions/workflows/ci.yaml)
 [![Go Report Card](https://goreportcard.com/badge/github.com/oauth2-proxy/oauth2-proxy)](https://goreportcard.com/report/github.com/oauth2-proxy/oauth2-proxy)
@ -7,7 +7,7 @@
 [![Maintainability](https://api.codeclimate.com/v1/badges/a58ff79407212e2beacb/maintainability)](https://codeclimate.com/github/oauth2-proxy/oauth2-proxy/maintainability)
 [![Test Coverage](https://api.codeclimate.com/v1/badges/a58ff79407212e2beacb/test_coverage)](https://codeclimate.com/github/oauth2-proxy/oauth2-proxy/test_coverage)

-A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others)
+A reverse proxy and static file server that provides authentication using Providers (Google, Keycloak, GitHub and others)
 to validate accounts by email, domain or group.

 **Note:** This repository was forked from [bitly/OAuth2_Proxy](https://github.com/bitly/oauth2_proxy) on 27/11/2018.
@ -17,17 +17,24 @@ A list of changes can be seen in the [CHANGELOG](CHANGELOG.md).
 **Note:** This project was formerly hosted as `pusher/oauth2_proxy` but has been renamed as of 29/03/2020 to `oauth2-proxy/oauth2-proxy`.
 Going forward, all images shall be available at `quay.io/oauth2-proxy/oauth2-proxy` and binaries will be named `oauth2-proxy`.

-![Sign In Page](https://cloud.githubusercontent.com/assets/45028/4970624/7feb7dd8-6886-11e4-93e0-c9904af44ea8.png)
+![Sign In Page](docs/static/img/sign-in-page.png)

 ## Installation

 1.  Choose how to deploy:

-    a. Download [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.0`)
+    a. Using a [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.1`)

-    b. Build with `$ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest` which will put the binary in `$GOROOT/bin`
+    b. Using Go to install the latest release
+    ```bash
+    $ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest
+    # which will put the binary in `$GOROOT/bin`
+    ```
+    c. Using a [Prebuilt Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)

-    c. Using the prebuilt docker image [quay.io/oauth2-proxy/oauth2-proxy](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)
+    d. Using a [Pre-Release Nightly Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy-nightly) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)
+
+    e. Using the official [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm)

    Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`.

@ -50,7 +57,7 @@ See [open redirect vulnerability](https://github.com/oauth2-proxy/oauth2-proxy/s

 Read the docs on our [Docs site](https://oauth2-proxy.github.io/oauth2-proxy/docs/).

-![OAuth2 Proxy Architecture](https://cloud.githubusercontent.com/assets/45028/8027702/bd040b7a-0d6a-11e5-85b9-f8d953d04f39.png)
+![OAuth2 Proxy Architecture](docs/static/img/architecture.svg)

 ## Getting Involved

--- a/docs/docs/installation.md
+++ b/docs/docs/installation.md
@ -6,13 +6,18 @@ slug: /

 1.  Choose how to deploy:

-    a. Download [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.0`)
+    a. Using a [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.1`)

-    b. Build with `$ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest` which will put the binary in `$GOPATH/bin`
+    b. Using Go to install the latest release
+    ```bash
+    $ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest
+    # which will put the binary in `$GOROOT/bin`
+    ```
+    c. Using a [Prebuilt Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)

-    c. Using the prebuilt docker image [quay.io/oauth2-proxy/oauth2-proxy](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 tags available)
+    d. Using a [Pre-Release Nightly Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy-nightly) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)

-    d. Using a [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm)
+    e. Using the official [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm)

    Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`.
    
--- a/docs/src/pages/index.md
+++ b/docs/src/pages/index.md
@ -3,7 +3,7 @@ title: Welcome to OAuth2 Proxy
 hide_table_of_contents: true
 ---

-![OAuth2 Proxy](../../static/img/logos/OAuth2_Proxy_horizontal.svg)
+![OAuth2 Proxy](/img/logos/OAuth2_Proxy_horizontal.svg)

 A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others)
 to validate accounts by email, domain or group.
@ -18,4 +18,4 @@ A list of changes can be seen in the [CHANGELOG](https://github.com/oauth2-proxy

 ## Architecture

-![OAuth2 Proxy Architecture](/img/architecture.png)
+![OAuth2 Proxy Architecture](/img/architecture.svg)
--- a/docs/static/img/architecture.png
+++ b/docs/static/img/architecture.png
--- a/docs/static/img/architecture.svg
+++ b/docs/static/img/architecture.svg
--- a/docs/static/img/sign-in-page.png
+++ b/docs/static/img/sign-in-page.png
--- a/docs/versioned_docs/version-7.5.x/installation.md
+++ b/docs/versioned_docs/version-7.5.x/installation.md
@ -6,20 +6,25 @@ slug: /

 1.  Choose how to deploy:

-    a. Download [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.0`)
+    a. Using a [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.1`)

-    b. Build with `$ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest` which will put the binary in `$GOPATH/bin`
+    b. Using Go to install the latest release
+    ```bash
+    $ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest
+    # which will put the binary in `$GOROOT/bin`
+    ```
+    c. Using a [Prebuilt Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)

-    c. Using the prebuilt docker image [quay.io/oauth2-proxy/oauth2-proxy](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 tags available)
+    d. Using a [Pre-Release Nightly Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy-nightly) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)

-    d. Using a [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm)
+    e. Using the official [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm)

-Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`.
+    Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`.

-```
-$ sha256sum -c sha256sum.txt
-oauth2-proxy-x.y.z.linux-amd64: OK
-```
+    ```
+    sha256sum -c sha256sum.txt 2>&1 | grep OK
+    oauth2-proxy-x.y.z.linux-amd64: OK
+    ```

 2.  [Select a Provider and Register an OAuth Application with a Provider](configuration/auth.md)
 3.  [Configure OAuth2 Proxy using config file, command line options, or environment variables](configuration/overview.md)