go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-08-08 22:46:33 +02:00
Code Issues Releases Activity

add nightly build and push (#2297)

Browse Source 
* add nightly build and push

* add date based nightly build tags

* only keep single multiarch image build and push

* add changelog

* add images to internal docs static files

* add docu for nightly builds

* remove unnecessary spaces

* update nightly repository
This commit is contained in:
Jan Larwig
2023-11-18 14:56:29 +01:00
committed by GitHub
parent 53cd0b83d3
commit bee7879cb2
10 changed files with 101 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
.github/workflows/nightly.yml vendored Normal file
View File

@ -0,0 +1,39 @@
name: Nightly builds
on:
schedule: # Run every day at 03:00 UTC
- cron: '0 3 * * *'
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v3
with:
ref: master
fetch-depth: 0
fetch-tags: true
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Login to quay.io
uses: docker/login-action@v2
with:
registry: quay.io/oauth2-proxy
username: ${{ secrets.REGISTRY_USERNAME_NIGHTLY }}
password: ${{ secrets.REGISTRY_PASSWORD_NIGHTLY }}
- name: Build images
run: |
make docker-nightly-build
- name: Push images
run: |
make docker-nightly-push

3
CHANGELOG.md
View File

@ -15,8 +15,9 @@
- [#2274](https://github.com/oauth2-proxy/oauth2-proxy/pull/2274) Upgrade golang.org/x/net to v0.17.0 (@pierluigilenoci) - [#2274](https://github.com/oauth2-proxy/oauth2-proxy/pull/2274) Upgrade golang.org/x/net to v0.17.0 (@pierluigilenoci)
- [#2278](https://github.com/oauth2-proxy/oauth2-proxy/pull/2278) Improve the Nginx auth_request example (@akunzai) - [#2278](https://github.com/oauth2-proxy/oauth2-proxy/pull/2278) Improve the Nginx auth_request example (@akunzai)
- [#2282](https://github.com/oauth2-proxy/oauth2-proxy/pull/2282) Fixed checking Google Groups membership using Google Application Credentials (@kvanzuijlen) - [#2282](https://github.com/oauth2-proxy/oauth2-proxy/pull/2282) Fixed checking Google Groups membership using Google Application Credentials (@kvanzuijlen)
- [#2183](https://github.com/oauth2-proxy/oauth2-proxy/pull/2183) Allowing relative redirect url though an option - [#2183](https://github.com/oauth2-proxy/oauth2-proxy/pull/2183) Allowing relative redirect url though an option (@axel7083)
- [#1866](https://github.com/oauth2-proxy/oauth2-proxy/pull/1866) Add support for unix socker as upstream (@babs) - [#1866](https://github.com/oauth2-proxy/oauth2-proxy/pull/1866) Add support for unix socker as upstream (@babs)
- [#2297](https://github.com/oauth2-proxy/oauth2-proxy/pull/2297) Add nightly build and push (@tuunit)
# V7.5.1 # V7.5.1

25
Makefile
View File

@ -5,6 +5,7 @@ BINARY := oauth2-proxy
VERSION ?= $(shell git describe --always --dirty --tags 2>/dev/null || echo "undefined") VERSION ?= $(shell git describe --always --dirty --tags 2>/dev/null || echo "undefined")
# Allow to override image registry. # Allow to override image registry.
REGISTRY ?= quay.io/oauth2-proxy REGISTRY ?= quay.io/oauth2-proxy
DATE := $(shell date +"%Y%m%d")
.NOTPARALLEL: .NOTPARALLEL:
GO_MAJOR_VERSION = $(shell $(GO) version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f1) GO_MAJOR_VERSION = $(shell $(GO) version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f1)
@ -51,6 +52,10 @@ DOCKER_BUILDX_PUSH_X_PLATFORM := $(DOCKER_BUILDX_PUSH) --platform ${DOCKER_BUILD
docker: docker:
$(DOCKER_BUILDX_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:latest -t $(REGISTRY)/oauth2-proxy:${VERSION} . $(DOCKER_BUILDX_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:latest -t $(REGISTRY)/oauth2-proxy:${VERSION} .
.PHONY: docker-push
docker-push:
$(DOCKER_BUILDX_PUSH_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:latest -t $(REGISTRY)/oauth2-proxy:${VERSION} .
.PHONY: docker-all .PHONY: docker-all
docker-all: docker docker-all: docker
$(DOCKER_BUILDX) --platform linux/amd64 -t $(REGISTRY)/oauth2-proxy:latest-amd64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 . $(DOCKER_BUILDX) --platform linux/amd64 -t $(REGISTRY)/oauth2-proxy:latest-amd64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 .
@ -59,10 +64,6 @@ docker-all: docker
$(DOCKER_BUILDX) --platform linux/arm/v6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 . $(DOCKER_BUILDX) --platform linux/arm/v6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 .
$(DOCKER_BUILDX) --platform linux/arm/v7 -t $(REGISTRY)/oauth2-proxy:latest-armv7 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv7 . $(DOCKER_BUILDX) --platform linux/arm/v7 -t $(REGISTRY)/oauth2-proxy:latest-armv7 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv7 .
.PHONY: docker-push
docker-push:
$(DOCKER_BUILDX_PUSH_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy:latest -t $(REGISTRY)/oauth2-proxy:${VERSION} .
.PHONY: docker-push-all .PHONY: docker-push-all
docker-push-all: docker-push docker-push-all: docker-push
$(DOCKER_BUILDX_PUSH) --platform linux/amd64 -t $(REGISTRY)/oauth2-proxy:latest-amd64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 . $(DOCKER_BUILDX_PUSH) --platform linux/amd64 -t $(REGISTRY)/oauth2-proxy:latest-amd64 -t $(REGISTRY)/oauth2-proxy:${VERSION}-amd64 .
@ -71,6 +72,14 @@ docker-push-all: docker-push
$(DOCKER_BUILDX_PUSH) --platform linux/arm/v6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 . $(DOCKER_BUILDX_PUSH) --platform linux/arm/v6 -t $(REGISTRY)/oauth2-proxy:latest-armv6 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv6 .
$(DOCKER_BUILDX_PUSH) --platform linux/arm/v7 -t $(REGISTRY)/oauth2-proxy:latest-armv7 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv7 . $(DOCKER_BUILDX_PUSH) --platform linux/arm/v7 -t $(REGISTRY)/oauth2-proxy:latest-armv7 -t $(REGISTRY)/oauth2-proxy:${VERSION}-armv7 .
.PHONY: docker-nightly-build
docker-nightly-build:
$(DOCKER_BUILDX_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy-nightly:latest -t $(REGISTRY)/oauth2-proxy-nightly-${DATE} .
.PHONY: docker-nightly-push
docker-nightly-push:
$(DOCKER_BUILDX_PUSH_X_PLATFORM) -t $(REGISTRY)/oauth2-proxy-nightly:latest -t $(REGISTRY)/oauth2-proxy-nightly-${DATE} .
.PHONY: generate .PHONY: generate
generate: generate:
go generate ./pkg/... go generate ./pkg/...
@ -101,10 +110,10 @@ validate-go-version:
# local-env can be used to interact with the local development environment # local-env can be used to interact with the local development environment
# eg: # eg:
# make local-env-up # Bring up a basic test environment # make local-env-up # Bring up a basic test environment
# make local-env-down # Tear down the basic test environment # make local-env-down # Tear down the basic test environment
# make local-env-nginx-up # Bring up an nginx based test environment # make local-env-nginx-up # Bring up an nginx based test environment
# make local-env-nginx-down # Tead down the nginx based test environment # make local-env-nginx-down # Tead down the nginx based test environment
.PHONY: local-env-% .PHONY: local-env-%
local-env-%: local-env-%:
make -C contrib/local-environment $* make -C contrib/local-environment $*

21
README.md
View File

@ -1,4 +1,4 @@
![OAuth2 Proxy](/docs/static/img/logos/OAuth2_Proxy_horizontal.svg) ![OAuth2 Proxy](docs/static/img/logos/OAuth2_Proxy_horizontal.svg)
[![Continuous Integration](https://github.com/oauth2-proxy/oauth2-proxy/actions/workflows/ci.yaml/badge.svg)](https://github.com/oauth2-proxy/oauth2-proxy/actions/workflows/ci.yaml) [![Continuous Integration](https://github.com/oauth2-proxy/oauth2-proxy/actions/workflows/ci.yaml/badge.svg)](https://github.com/oauth2-proxy/oauth2-proxy/actions/workflows/ci.yaml)
[![Go Report Card](https://goreportcard.com/badge/github.com/oauth2-proxy/oauth2-proxy)](https://goreportcard.com/report/github.com/oauth2-proxy/oauth2-proxy) [![Go Report Card](https://goreportcard.com/badge/github.com/oauth2-proxy/oauth2-proxy)](https://goreportcard.com/report/github.com/oauth2-proxy/oauth2-proxy)
@ -7,7 +7,7 @@
[![Maintainability](https://api.codeclimate.com/v1/badges/a58ff79407212e2beacb/maintainability)](https://codeclimate.com/github/oauth2-proxy/oauth2-proxy/maintainability) [![Maintainability](https://api.codeclimate.com/v1/badges/a58ff79407212e2beacb/maintainability)](https://codeclimate.com/github/oauth2-proxy/oauth2-proxy/maintainability)
[![Test Coverage](https://api.codeclimate.com/v1/badges/a58ff79407212e2beacb/test_coverage)](https://codeclimate.com/github/oauth2-proxy/oauth2-proxy/test_coverage) [![Test Coverage](https://api.codeclimate.com/v1/badges/a58ff79407212e2beacb/test_coverage)](https://codeclimate.com/github/oauth2-proxy/oauth2-proxy/test_coverage)
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) A reverse proxy and static file server that provides authentication using Providers (Google, Keycloak, GitHub and others)
to validate accounts by email, domain or group. to validate accounts by email, domain or group.
**Note:** This repository was forked from [bitly/OAuth2_Proxy](https://github.com/bitly/oauth2_proxy) on 27/11/2018. **Note:** This repository was forked from [bitly/OAuth2_Proxy](https://github.com/bitly/oauth2_proxy) on 27/11/2018.
@ -17,17 +17,24 @@ A list of changes can be seen in the [CHANGELOG](CHANGELOG.md).
**Note:** This project was formerly hosted as `pusher/oauth2_proxy` but has been renamed as of 29/03/2020 to `oauth2-proxy/oauth2-proxy`. **Note:** This project was formerly hosted as `pusher/oauth2_proxy` but has been renamed as of 29/03/2020 to `oauth2-proxy/oauth2-proxy`.
Going forward, all images shall be available at `quay.io/oauth2-proxy/oauth2-proxy` and binaries will be named `oauth2-proxy`. Going forward, all images shall be available at `quay.io/oauth2-proxy/oauth2-proxy` and binaries will be named `oauth2-proxy`.
![Sign In Page](https://cloud.githubusercontent.com/assets/45028/4970624/7feb7dd8-6886-11e4-93e0-c9904af44ea8.png) ![Sign In Page](docs/static/img/sign-in-page.png)
## Installation ## Installation
1. Choose how to deploy: 1. Choose how to deploy:
a. Download [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.0`) a. Using a [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.1`)
b. Build with `$ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest` which will put the binary in `$GOROOT/bin` b. Using Go to install the latest release
```bash
$ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest
# which will put the binary in `$GOROOT/bin`
```
c. Using a [Prebuilt Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)
c. Using the prebuilt docker image [quay.io/oauth2-proxy/oauth2-proxy](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available) d. Using a [Pre-Release Nightly Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy-nightly) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)
e. Using the official [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm)
Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`. Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`.
@ -50,7 +57,7 @@ See [open redirect vulnerability](https://github.com/oauth2-proxy/oauth2-proxy/s
Read the docs on our [Docs site](https://oauth2-proxy.github.io/oauth2-proxy/docs/). Read the docs on our [Docs site](https://oauth2-proxy.github.io/oauth2-proxy/docs/).
![OAuth2 Proxy Architecture](https://cloud.githubusercontent.com/assets/45028/8027702/bd040b7a-0d6a-11e5-85b9-f8d953d04f39.png) ![OAuth2 Proxy Architecture](docs/static/img/architecture.svg)
## Getting Involved ## Getting Involved

13
docs/docs/installation.md
View File

@ -6,13 +6,18 @@ slug: /
1. Choose how to deploy: 1. Choose how to deploy:
a. Download [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.0`) a. Using a [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.1`)
b. Build with `$ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest` which will put the binary in `$GOPATH/bin` b. Using Go to install the latest release
```bash
$ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest
# which will put the binary in `$GOROOT/bin`
```
c. Using a [Prebuilt Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)
c. Using the prebuilt docker image [quay.io/oauth2-proxy/oauth2-proxy](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 tags available) d. Using a [Pre-Release Nightly Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy-nightly) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)
d. Using a [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm) e. Using the official [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm)
Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`. Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`.

4
docs/src/pages/index.md
View File

@ -3,7 +3,7 @@ title: Welcome to OAuth2 Proxy
hide_table_of_contents: true hide_table_of_contents: true
--- ---
![OAuth2 Proxy](../../static/img/logos/OAuth2_Proxy_horizontal.svg) ![OAuth2 Proxy](/img/logos/OAuth2_Proxy_horizontal.svg)
A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others) A reverse proxy and static file server that provides authentication using Providers (Google, GitHub, and others)
to validate accounts by email, domain or group. to validate accounts by email, domain or group.
@ -18,4 +18,4 @@ A list of changes can be seen in the [CHANGELOG](https://github.com/oauth2-proxy
## Architecture ## Architecture
![OAuth2 Proxy Architecture](/img/architecture.png) ![OAuth2 Proxy Architecture](/img/architecture.svg)

BIN
docs/static/img/architecture.png vendored
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 23 KiB

4
docs/static/img/architecture.svg vendored Normal file
View File

File diff suppressed because one or more lines are too long
Side by Side

After

Width:  |  Height:  |  Size: 80 KiB

BIN
docs/static/img/sign-in-page.png vendored
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 34 KiB

After

Width:  |  Height:  |  Size: 32 KiB

23
docs/versioned_docs/version-7.5.x/installation.md
View File

@ -6,20 +6,25 @@ slug: /
1. Choose how to deploy: 1. Choose how to deploy:
a. Download [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.0`) a. Using a [Prebuilt Binary](https://github.com/oauth2-proxy/oauth2-proxy/releases) (current release is `v7.5.1`)
b. Build with `$ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest` which will put the binary in `$GOPATH/bin` b. Using Go to install the latest release
```bash
$ go install github.com/oauth2-proxy/oauth2-proxy/v7@latest
# which will put the binary in `$GOROOT/bin`
```
c. Using a [Prebuilt Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)
c. Using the prebuilt docker image [quay.io/oauth2-proxy/oauth2-proxy](https://quay.io/oauth2-proxy/oauth2-proxy) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 tags available) d. Using a [Pre-Release Nightly Docker Image](https://quay.io/oauth2-proxy/oauth2-proxy-nightly) (AMD64, PPC64LE, ARMv6, ARMv7, and ARM64 available)
d. Using a [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm) e. Using the official [Kubernetes manifest](https://github.com/oauth2-proxy/manifests) (Helm)
Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`. Prebuilt binaries can be validated by extracting the file and verifying it against the `sha256sum.txt` checksum file provided for each release starting with version `v3.0.0`.
``` ```
$ sha256sum -c sha256sum.txt sha256sum -c sha256sum.txt 2>&1 | grep OK
oauth2-proxy-x.y.z.linux-amd64: OK oauth2-proxy-x.y.z.linux-amd64: OK
``` ```
2. [Select a Provider and Register an OAuth Application with a Provider](configuration/auth.md) 2. [Select a Provider and Register an OAuth Application with a Provider](configuration/auth.md)
3. [Configure OAuth2 Proxy using config file, command line options, or environment variables](configuration/overview.md) 3. [Configure OAuth2 Proxy using config file, command line options, or environment variables](configuration/overview.md)