From 3809a76d8b2f89358d33c2cd30f21f508634c3dd Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Sun, 10 Sep 2023 02:08:19 +0900 Subject: [PATCH 01/18] refactor: fix error message --- rpxy-lib/src/proxy/proxy_tls.rs | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/rpxy-lib/src/proxy/proxy_tls.rs b/rpxy-lib/src/proxy/proxy_tls.rs index da4205e..7c5d601 100644 --- a/rpxy-lib/src/proxy/proxy_tls.rs +++ b/rpxy-lib/src/proxy/proxy_tls.rs @@ -46,13 +46,13 @@ where let client_hello = start.client_hello(); let server_name = client_hello.server_name(); debug!("HTTP/2 or 1.1: SNI in ClientHello: {:?}", server_name); - let server_name = server_name.map_or_else(|| None, |v| Some(v.to_server_name_vec())); - if server_name.is_none(){ + let server_name_in_bytes = server_name.map_or_else(|| None, |v| Some(v.to_server_name_vec())); + if server_name_in_bytes.is_none(){ return Err(RpxyError::Proxy("No SNI is given".to_string())); } - let server_crypto = sc_map_inner.as_ref().unwrap().get(server_name.as_ref().unwrap()); + let server_crypto = sc_map_inner.as_ref().unwrap().get(server_name_in_bytes.as_ref().unwrap()); if server_crypto.is_none() { - return Err(RpxyError::Proxy(format!("No TLS serving app for {:?}", "xx"))); + return Err(RpxyError::Proxy(format!("No TLS serving app for {:?}", server_name.unwrap()))); } let stream = match start.into_stream(server_crypto.unwrap().clone()).await { Ok(s) => s, @@ -60,7 +60,7 @@ where return Err(RpxyError::Proxy(format!("Failed to handshake TLS: {e}"))); } }; - self_inner.client_serve(stream, server_clone, client_addr, server_name); + self_inner.client_serve(stream, server_clone, client_addr, server_name_in_bytes); Ok(()) }; From 10cb1f46b1abc59642e62bd288dba53a74d6430e Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 13 Sep 2023 10:24:51 +0900 Subject: [PATCH 02/18] docker build actions --- .github/workflows/docker_build_push.yml | 12 ++++++------ submodules/quinn | 2 +- submodules/s2n-quic | 2 +- 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/docker_build_push.yml b/.github/workflows/docker_build_push.yml index 4b15d10..c8903b8 100644 --- a/.github/workflows/docker_build_push.yml +++ b/.github/workflows/docker_build_push.yml @@ -59,24 +59,24 @@ jobs: - name: Docker meta id: meta - uses: docker/metadata-action@v4 + uses: docker/metadata-action@v5 with: images: ${{ env.GHCR }}/${{ env.GHCR_IMAGE_NAME }} - name: Set up QEMU - uses: docker/setup-qemu-action@v2 + uses: docker/setup-qemu-action@v3 - name: Set up Docker Buildx - uses: docker/setup-buildx-action@v2 + uses: docker/setup-buildx-action@v3 - name: Login to Docker Hub - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: username: ${{ secrets.DOCKERHUB_USERNAME }} password: ${{ secrets.DOCKERHUB_TOKEN }} - name: Login to GitHub Container Registry - uses: docker/login-action@v2 + uses: docker/login-action@v3 with: registry: ${{ env.GHCR }} username: ${{ github.actor }} @@ -84,7 +84,7 @@ jobs: - name: Nightly build test on amd64 for pull requests if: ${{ github.event_name == 'pull_request' }} - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . build-args: ${{ matrix.build-args }} diff --git a/submodules/quinn b/submodules/quinn index 5d4d583..5cca306 160000 --- a/submodules/quinn +++ b/submodules/quinn @@ -1 +1 @@ -Subproject commit 5d4d58387d77db952c47168ed2185b6a38b8717a +Subproject commit 5cca3063f6f7747dcd9ec6e080ee48dcb5cfc4a7 diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 9fd762a..e6402b7 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 9fd762a538924f943c4c8ae0aae95337635fb485 +Subproject commit e6402b7f8649bc9d90b69aedc83c387b0372bc94 From 259a01b3f760b062322de40bf9bb328259892a7b Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 13 Sep 2023 10:28:56 +0900 Subject: [PATCH 03/18] deps --- rpxy-bin/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 4 ++-- submodules/quinn | 2 +- submodules/s2n-quic | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index c162a9c..182bea0 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -38,7 +38,7 @@ rustls-pemfile = "1.0.3" mimalloc = { version = "*", default-features = false } # config -clap = { version = "4.4.2", features = ["std", "cargo", "wrap_help"] } +clap = { version = "4.4.3", features = ["std", "cargo", "wrap_help"] } toml = { version = "0.7.8", default-features = false, features = ["parse"] } hot_reload = "0.1.4" diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 4ca6822..e3cb708 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -67,7 +67,7 @@ h3 = { path = "../submodules/h3/h3/", optional = true } # h3-quinn = { path = "./h3/h3-quinn/", optional = true } h3-quinn = { path = "../submodules/h3-quinn/", optional = true } # Tentative to support rustls-0.21 # for UDP socket wit SO_REUSEADDR when h3 with quinn -socket2 = { version = "0.5.3", features = ["all"], optional = true } +socket2 = { version = "0.5.4", features = ["all"], optional = true } s2n-quic = { path = "../submodules/s2n-quic/quic/s2n-quic/", default-features = false, features = [ "provider-tls-rustls", ], optional = true } @@ -84,7 +84,7 @@ chrono = { version = "0.4.30", default-features = false, features = [ "alloc", "clock", ], optional = true } -base64 = { version = "0.21.3", optional = true } +base64 = { version = "0.21.4", optional = true } sha2 = { version = "0.10.7", default-features = false, optional = true } diff --git a/submodules/quinn b/submodules/quinn index 5cca306..0af891e 160000 --- a/submodules/quinn +++ b/submodules/quinn @@ -1 +1 @@ -Subproject commit 5cca3063f6f7747dcd9ec6e080ee48dcb5cfc4a7 +Subproject commit 0af891e0b81d208f6561ed6918fa262c815722f2 diff --git a/submodules/s2n-quic b/submodules/s2n-quic index e6402b7..9fd762a 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit e6402b7f8649bc9d90b69aedc83c387b0372bc94 +Subproject commit 9fd762a538924f943c4c8ae0aae95337635fb485 From 963449a1d6bd716dcd566169d0f4a06a247e81f3 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 13 Sep 2023 10:40:01 +0900 Subject: [PATCH 04/18] Update docker_build_push.yml --- .github/workflows/docker_build_push.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker_build_push.yml b/.github/workflows/docker_build_push.yml index c8903b8..4677592 100644 --- a/.github/workflows/docker_build_push.yml +++ b/.github/workflows/docker_build_push.yml @@ -98,7 +98,7 @@ jobs: - name: Nightly build and push from develop branch if: ${{ (github.ref_name == 'develop') && (github.event_name == 'push') }} - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . build-args: ${{ matrix.build-args }} @@ -115,7 +115,7 @@ jobs: - name: Release build and push from main branch if: ${{ (github.ref_name == 'main') && (github.event_name == 'push') }} - uses: docker/build-push-action@v4 + uses: docker/build-push-action@v5 with: context: . build-args: ${{ matrix.build-args }} From b13df20c27441806c491ebc2bc8b765172324a6e Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Thu, 14 Sep 2023 11:58:35 +0900 Subject: [PATCH 05/18] deps: toml --- rpxy-bin/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 182bea0..30c8ac1 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -39,7 +39,7 @@ mimalloc = { version = "*", default-features = false } # config clap = { version = "4.4.3", features = ["std", "cargo", "wrap_help"] } -toml = { version = "0.7.8", default-features = false, features = ["parse"] } +toml = { version = "0.8", default-features = false, features = ["parse"] } hot_reload = "0.1.4" # logging From 7c3b03668cb0673aaa69118076b17724ac181662 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 20 Sep 2023 11:06:57 +0900 Subject: [PATCH 06/18] deps --- rpxy-bin/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 2 +- submodules/s2n-quic | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 30c8ac1..2feaffc 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -38,7 +38,7 @@ rustls-pemfile = "1.0.3" mimalloc = { version = "*", default-features = false } # config -clap = { version = "4.4.3", features = ["std", "cargo", "wrap_help"] } +clap = { version = "4.4.4", features = ["std", "cargo", "wrap_help"] } toml = { version = "0.8", default-features = false, features = ["parse"] } hot_reload = "0.1.4" diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index e3cb708..3f43589 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -79,7 +79,7 @@ http-cache-semantics = { path = "../submodules/rusty-http-cache-semantics/", opt lru = { version = "0.11.1", optional = true } # cookie handling for sticky cookie -chrono = { version = "0.4.30", default-features = false, features = [ +chrono = { version = "0.4.31", default-features = false, features = [ "unstable-locales", "alloc", "clock", diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 9fd762a..2bc27fd 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 9fd762a538924f943c4c8ae0aae95337635fb485 +Subproject commit 2bc27fd75a3cb74d1b16357ae363e3ecc241d462 From bf56de147929402ec7d2f9ea708f6fbad5950a04 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Mon, 25 Sep 2023 11:04:18 +0900 Subject: [PATCH 07/18] deps: submodules --- submodules/quinn | 2 +- submodules/s2n-quic | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/submodules/quinn b/submodules/quinn index 0af891e..e1e1e6e 160000 --- a/submodules/quinn +++ b/submodules/quinn @@ -1 +1 @@ -Subproject commit 0af891e0b81d208f6561ed6918fa262c815722f2 +Subproject commit e1e1e6e392a382fbded42ca010505fecb8fe3655 diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 2bc27fd..2c5731f 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 2bc27fd75a3cb74d1b16357ae363e3ecc241d462 +Subproject commit 2c5731fac898e5b547337f2e27441bc4288d9072 From 25533f171aed36b2457f1cf0dcf8c74e92eddf36 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 27 Sep 2023 10:22:11 +0900 Subject: [PATCH 08/18] deps --- rpxy-bin/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 4 ++-- submodules/s2n-quic | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 2feaffc..d13b730 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -38,7 +38,7 @@ rustls-pemfile = "1.0.3" mimalloc = { version = "*", default-features = false } # config -clap = { version = "4.4.4", features = ["std", "cargo", "wrap_help"] } +clap = { version = "4.4.5", features = ["std", "cargo", "wrap_help"] } toml = { version = "0.8", default-features = false, features = ["parse"] } hot_reload = "0.1.4" diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 3f43589..30c4812 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -37,7 +37,7 @@ hot_reload = "0.1.4" # reloading certs # Error handling anyhow = "1.0.75" -thiserror = "1.0.48" +thiserror = "1.0.49" # http and tls hyper = { version = "0.14.27", default-features = false, features = [ @@ -85,7 +85,7 @@ chrono = { version = "0.4.31", default-features = false, features = [ "clock", ], optional = true } base64 = { version = "0.21.4", optional = true } -sha2 = { version = "0.10.7", default-features = false, optional = true } +sha2 = { version = "0.10.8", default-features = false, optional = true } [dev-dependencies] diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 2c5731f..4e9756f 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 2c5731fac898e5b547337f2e27441bc4288d9072 +Subproject commit 4e9756f58ce2abb6c67e5f909dcbf762b514437e From 62e003eb1dd1a551eb0111e38f07015673205f2d Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Tue, 3 Oct 2023 19:06:20 +0900 Subject: [PATCH 09/18] deps --- rpxy-bin/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 2 +- submodules/s2n-quic | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index d13b730..07b79cb 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -38,7 +38,7 @@ rustls-pemfile = "1.0.3" mimalloc = { version = "*", default-features = false } # config -clap = { version = "4.4.5", features = ["std", "cargo", "wrap_help"] } +clap = { version = "4.4.6", features = ["std", "cargo", "wrap_help"] } toml = { version = "0.8", default-features = false, features = ["parse"] } hot_reload = "0.1.4" diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 30c4812..8f6ddd1 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -54,7 +54,7 @@ hyper-rustls = { version = "0.24.1", default-features = false, features = [ ] } tokio-rustls = { version = "0.24.1", features = ["early-data"] } rustls = { version = "0.21.7", default-features = false } -webpki = "0.22.1" +webpki = "0.22.2" x509-parser = "0.15.1" # logging diff --git a/submodules/s2n-quic b/submodules/s2n-quic index 4e9756f..ea3e878 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit 4e9756f58ce2abb6c67e5f909dcbf762b514437e +Subproject commit ea3e878ec70439dea87588e31b5139a574b593ab From 1cbb9210c34216825f11b3e6ecb5c4971babc57c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 4 Oct 2023 22:31:46 +0000 Subject: [PATCH 10/18] chore(deps): update lru requirement from 0.11.1 to 0.12.0 Updates the requirements on [lru](https://github.com/jeromefroe/lru-rs) to permit the latest version. - [Changelog](https://github.com/jeromefroe/lru-rs/blob/master/CHANGELOG.md) - [Commits](https://github.com/jeromefroe/lru-rs/compare/0.11.1...0.12.0) --- updated-dependencies: - dependency-name: lru dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- rpxy-lib/Cargo.toml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 8f6ddd1..6f2819a 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -76,7 +76,7 @@ s2n-quic-rustls = { path = "../submodules/s2n-quic/quic/s2n-quic-rustls/", optio # cache http-cache-semantics = { path = "../submodules/rusty-http-cache-semantics/", optional = true } -lru = { version = "0.11.1", optional = true } +lru = { version = "0.12.0", optional = true } # cookie handling for sticky cookie chrono = { version = "0.4.31", default-features = false, features = [ From af2bc582266ca87244543f71755b541d52c86979 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 11 Oct 2023 10:48:43 +0900 Subject: [PATCH 11/18] deps and submodule --- rpxy-bin/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 4 ++-- submodules/s2n-quic | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 07b79cb..0e5f4b4 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -26,7 +26,7 @@ anyhow = "1.0.75" rustc-hash = "1.1.0" serde = { version = "1.0.188", default-features = false, features = ["derive"] } derive_builder = "0.12.0" -tokio = { version = "1.32.0", default-features = false, features = [ +tokio = { version = "1.33.0", default-features = false, features = [ "net", "rt-multi-thread", "time", diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 6f2819a..f781f0c 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -24,7 +24,7 @@ rustc-hash = "1.1.0" bytes = "1.5.0" derive_builder = "0.12.0" futures = { version = "0.3.28", features = ["alloc", "async-await"] } -tokio = { version = "1.32.0", default-features = false, features = [ +tokio = { version = "1.33.0", default-features = false, features = [ "net", "rt-multi-thread", "time", @@ -54,7 +54,7 @@ hyper-rustls = { version = "0.24.1", default-features = false, features = [ ] } tokio-rustls = { version = "0.24.1", features = ["early-data"] } rustls = { version = "0.21.7", default-features = false } -webpki = "0.22.2" +webpki = "0.22.4" x509-parser = "0.15.1" # logging diff --git a/submodules/s2n-quic b/submodules/s2n-quic index ea3e878..c88e64b 160000 --- a/submodules/s2n-quic +++ b/submodules/s2n-quic @@ -1 +1 @@ -Subproject commit ea3e878ec70439dea87588e31b5139a574b593ab +Subproject commit c88e64b6c58891651954834207d974de80e9bba8 From 1c84ef795a46e6d2dddf84342337f59e884ac4f9 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 11 Oct 2023 14:16:15 +0900 Subject: [PATCH 12/18] feat: add a feature to use native root store for connection from proxy to the backend application --- .github/dependabot.yml | 17 +++++++++++------ rpxy-bin/Cargo.toml | 1 + rpxy-lib/Cargo.toml | 1 + rpxy-lib/src/handler/forwarder.rs | 28 ++++++++++++++++------------ 4 files changed, 29 insertions(+), 18 deletions(-) diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 4293fb7..3e44060 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -5,17 +5,23 @@ version: 2 updates: # Enable version updates for cargo - package-ecosystem: "cargo" - # Look for `Cargo.toml` and `lock` files in the `root` directory directory: "/" - # Check the crates.io for updates every day (weekdays) + schedule: + interval: "daily" + + - package-ecosystem: "cargo" + directory: "/rpxy-bin" + schedule: + interval: "daily" + + - package-ecosystem: "cargo" + directory: "/rpxy-lib" schedule: interval: "daily" # Enable version updates for Docker - package-ecosystem: "docker" - # Look for a `Dockerfile` in the `root` directory - directory: "/" - # Check for updates everyday + directory: "/docker" schedule: interval: "daily" @@ -23,5 +29,4 @@ updates: - package-ecosystem: "github-actions" directory: "/" schedule: - # Check for updates everyday interval: "daily" diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 0e5f4b4..98ff827 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -16,6 +16,7 @@ default = ["http3-quinn", "cache"] http3-quinn = ["rpxy-lib/http3-quinn"] http3-s2n = ["rpxy-lib/http3-s2n"] cache = ["rpxy-lib/cache"] +native-roots = ["rpxy-lib/native-roots"] [dependencies] rpxy-lib = { path = "../rpxy-lib/", default-features = false, features = [ diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index f781f0c..0b0d3ee 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -17,6 +17,7 @@ http3-quinn = ["quinn", "h3", "h3-quinn", "socket2"] http3-s2n = ["h3", "s2n-quic", "s2n-quic-rustls", "s2n-quic-h3"] sticky-cookie = ["base64", "sha2", "chrono"] cache = ["http-cache-semantics", "lru"] +native-roots = ["hyper-rustls/native-tokio"] [dependencies] rand = "0.8.5" diff --git a/rpxy-lib/src/handler/forwarder.rs b/rpxy-lib/src/handler/forwarder.rs index 43cf098..369ba56 100644 --- a/rpxy-lib/src/handler/forwarder.rs +++ b/rpxy-lib/src/handler/forwarder.rs @@ -118,18 +118,22 @@ where impl Forwarder, Body> { /// Build forwarder pub async fn new(_globals: &std::sync::Arc>) -> Self { - // let connector = TrustDnsResolver::default().into_rustls_webpki_https_connector(); - let connector = hyper_rustls::HttpsConnectorBuilder::new() - .with_webpki_roots() - .https_or_http() - .enable_http1() - .enable_http2() - .build(); - let connector_h2 = hyper_rustls::HttpsConnectorBuilder::new() - .with_webpki_roots() - .https_or_http() - .enable_http2() - .build(); + #[cfg(feature = "native-roots")] + let builder = hyper_rustls::HttpsConnectorBuilder::new().with_native_roots(); + #[cfg(feature = "native-roots")] + let builder_h2 = hyper_rustls::HttpsConnectorBuilder::new().with_native_roots(); + #[cfg(feature = "native-roots")] + info!("Native cert store is used for the connection to backend applications"); + + #[cfg(not(feature = "native-roots"))] + let builder = hyper_rustls::HttpsConnectorBuilder::new().with_webpki_roots(); + #[cfg(not(feature = "native-roots"))] + let builder_h2 = hyper_rustls::HttpsConnectorBuilder::new().with_webpki_roots(); + #[cfg(not(feature = "native-roots"))] + info!("Mozilla WebPKI root certs is used for the connection to backend applications"); + + let connector = builder.https_or_http().enable_http1().enable_http2().build(); + let connector_h2 = builder_h2.https_or_http().enable_http2().build(); let inner = Client::builder().build::<_, Body>(connector); let inner_h2 = Client::builder().http2_only(true).build::<_, Body>(connector_h2); From 20ec40ffeede747042c1f7e1335c167e100d8429 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 11 Oct 2023 15:28:14 +0900 Subject: [PATCH 13/18] feat: add docker build options for forwarder with native root store --- .github/workflows/docker_build_push.yml | 37 +++++++++++++++++++++++++ docker/Dockerfile-slim | 4 ++- docker/docker-compose-slim.yml | 20 +++++++------ docker/docker-compose.yml | 20 +++++++------ rpxy-lib/src/handler/forwarder.rs | 4 +-- 5 files changed, 63 insertions(+), 22 deletions(-) diff --git a/.github/workflows/docker_build_push.yml b/.github/workflows/docker_build_push.yml index 4677592..c158cbe 100644 --- a/.github/workflows/docker_build_push.yml +++ b/.github/workflows/docker_build_push.yml @@ -51,6 +51,43 @@ jobs: jqtype/rpxy:s2n ghcr.io/junkurihara/rust-rpxy:s2n + - target: "native-roots" + dockerfile: ./docker/Dockerfile + platforms: linux/amd64,linux/arm64 + build-args: | + "CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,native-roots" + tags-suffix: "-native-roots" + # Aliases must be used only for release builds + aliases: | + jqtype/rpxy:native-roots + ghcr.io/junkurihara/rust-rpxy:native-roots + + - target: "slim-native-roots" + dockerfile: ./docker/Dockerfile-slim + build-args: | + "CARGO_FEATURES=--no-default-features --features=http3-quinn,cache,native-roots" + build-contexts: | + messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl + messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl + platforms: linux/amd64,linux/arm64 + tags-suffix: "-slim-native-roots" + # Aliases must be used only for release builds + aliases: | + jqtype/rpxy:slim-native-roots + ghcr.io/junkurihara/rust-rpxy:slim-native-roots + + - target: "s2n-native-roots" + dockerfile: ./docker/Dockerfile + build-args: | + "CARGO_FEATURES=--no-default-features --features=http3-s2n,cache,native-roots" + "ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++" + platforms: linux/amd64,linux/arm64 + tags-suffix: "-s2n-native-roots" + # Aliases must be used only for release builds + aliases: | + jqtype/rpxy:s2n-native-roots + ghcr.io/junkurihara/rust-rpxy:s2n-native-roots + steps: - name: Checkout uses: actions/checkout@v4 diff --git a/docker/Dockerfile-slim b/docker/Dockerfile-slim index 46afe57..0aa69cc 100644 --- a/docker/Dockerfile-slim +++ b/docker/Dockerfile-slim @@ -4,6 +4,8 @@ FROM --platform=$BUILDPLATFORM messense/rust-musl-cross:${TARGETARCH}-musl AS bu LABEL maintainer="Jun Kurihara" ARG TARGETARCH +ARG CARGO_FEATURES +ENV CARGO_FEATURES ${CARGO_FEATURES} RUN if [ $TARGETARCH = "amd64" ]; then \ echo "x86_64" > /arch; \ @@ -23,7 +25,7 @@ COPY . /tmp/ ENV RUSTFLAGS "-C link-arg=-s" RUN echo "Building rpxy from source" && \ - cargo build --release --target $(cat /arch)-unknown-linux-musl && \ + cargo build --release --target $(cat /arch)-unknown-linux-musl ${CARGO_FEATURES} && \ musl-strip --strip-all /tmp/target/$(cat /arch)-unknown-linux-musl/release/rpxy && \ cp /tmp/target/$(cat /arch)-unknown-linux-musl/release/rpxy /tmp/target/release/rpxy diff --git a/docker/docker-compose-slim.yml b/docker/docker-compose-slim.yml index 9d1e271..90f5e76 100644 --- a/docker/docker-compose-slim.yml +++ b/docker/docker-compose-slim.yml @@ -9,15 +9,17 @@ services: - 127.0.0.1:8080:8080/tcp - 127.0.0.1:8443:8443/udp - 127.0.0.1:8443:8443/tcp - # build: # Uncomment if you build yourself - # context: ../ - # additional_contexts: - # - messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl - # - messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl - # dockerfile: ./docker/Dockerfile-slim # based on alpine and build x86_64-unknown-linux-musl - # platforms: # Choose your platforms - # - "linux/amd64" - # # - "linux/arm64" + build: # Uncomment if you build yourself + context: ../ + additional_contexts: + - messense/rust-musl-cross:amd64-musl=docker-image://messense/rust-musl-cross:x86_64-musl + - messense/rust-musl-cross:arm64-musl=docker-image://messense/rust-musl-cross:aarch64-musl + # args: # Uncomment when build with native cert store + # - "CARGO_FEATURES=--no-default-features --features=http3-quinn,native-roots" + dockerfile: ./docker/Dockerfile-slim # based on alpine and build x86_64-unknown-linux-musl + platforms: # Choose your platforms + # - "linux/amd64" + - "linux/arm64" environment: - LOG_LEVEL=debug - LOG_TO_FILE=true diff --git a/docker/docker-compose.yml b/docker/docker-compose.yml index 063ce82..bac5957 100644 --- a/docker/docker-compose.yml +++ b/docker/docker-compose.yml @@ -9,15 +9,17 @@ services: - 127.0.0.1:8080:8080/tcp - 127.0.0.1:8443:8443/udp - 127.0.0.1:8443:8443/tcp - # build: # Uncomment if you build yourself - # context: ../ - # args: # Uncomment when build quic-s2n version - # - "CARGO_FEATURES=--no-default-features --features http3-s2n" - # - "ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++" - # dockerfile: ./docker/Dockerfile # based on ubuntu 22.04 and build x86_64-unknown-linux-gnu - # platforms: # Choose your platforms - # - "linux/amd64" - # # - "linux/arm64" + build: # Uncomment if you build yourself + context: ../ + # args: # Uncomment when build quic-s2n version + # - "CARGO_FEATURES=--no-default-features --features=http3-s2n" + # - "ADDITIONAL_DEPS=pkg-config libssl-dev cmake libclang1 gcc g++" + # args: # Uncomment when build with native cert store + # - "CARGO_FEATURES=--no-default-features --features=http3-quinn,native-roots" + dockerfile: ./docker/Dockerfile # based on ubuntu 22.04 and build x86_64-unknown-linux-gnu + platforms: # Choose your platforms + # - "linux/amd64" + - "linux/arm64" environment: - LOG_LEVEL=debug - LOG_TO_FILE=true diff --git a/rpxy-lib/src/handler/forwarder.rs b/rpxy-lib/src/handler/forwarder.rs index 369ba56..4764d36 100644 --- a/rpxy-lib/src/handler/forwarder.rs +++ b/rpxy-lib/src/handler/forwarder.rs @@ -1,8 +1,6 @@ #[cfg(feature = "cache")] use super::cache::{get_policy_if_cacheable, RpxyCache}; -#[cfg(feature = "cache")] -use crate::log::*; -use crate::{error::RpxyError, globals::Globals, CryptoSource}; +use crate::{error::RpxyError, globals::Globals, log::*, CryptoSource}; use async_trait::async_trait; #[cfg(feature = "cache")] use bytes::Buf; From a6893cc2d402fbf18f2c56b3dbc81cda0364df04 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 11 Oct 2023 17:52:29 +0900 Subject: [PATCH 14/18] feat: extract binary actions: Initial --- .github/workflows/release.yml | 59 +++++++++++++++++++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..91dd18b --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,59 @@ +name: Release +on: + push: + # workflow_run: + # workflows: + # - "Build and Publish Docker" + # - "Unit Test" + # types: + # - "completed" + # branches: + # - "main" + # - "develop" + +jobs: + on-success: + runs-on: ubuntu-latest + # if: ${{ github.event.workflow_run.conclusion == 'success' }} + strategy: + fail-fast: false + matrix: + include: + - target: "gnu" + platform: linux/amd64 + + - target: "gnu" + platform: linux/arm64 + + - target: "musl" + platform: linux/amd64 + tags-suffix: "-slim" + + - target: "musl" + platform: linux/arm64 + tags-suffix: "-slim" + + - target: "gnu-s2n" + platform: linux/amd64 + tags-suffix: "-s2n" + + - target: "gnu-s2n" + platform: linux/arm64 + tags-suffix: "-s2n" + + steps: + - run: echo 'The relese triggering workflows passed' + + - name: "docker pull and extract binary from docker image" + # if: ${{ github.ref_name == 'develop' }} + run: | + CONTAINER_ID=`docker create --platform=${{ matrix.platform }} ghcr.io/junkurihara/rust-rpxy:nightly${{ matrix.tags-suffix }}` + if [ ${{ matrix.platform }} = "linux/amd64" ];then PLATFORM_MAP="x86_64";else PLATFORM_MAP="aarch64";fi + docker cp ${CONTAINER_ID}:/rpxy/bin/rpxy /tmp/rpxy-nightly-${PLATFORM_MAP}-unknown-linux-${{ matrix.target }}-${{ matrix.tags-suffix }} + ls /tmp + + # on-failure: + # runs-on: ubuntu-latest + # if: ${{ github.event.workflow_run.conclusion == 'failure' }} + # steps: + # - run: echo 'The release triggering workflows failed' From ef0c92ce0997d8127d5ca676807c7ca00e828d54 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 11 Oct 2023 20:08:12 +0900 Subject: [PATCH 15/18] feat: extract binary actions: temporary upload to artifact --- .github/workflows/release.yml | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 91dd18b..a6a252c 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,4 +1,4 @@ -name: Release +name: Extract executable binary and upload artifacts on: push: # workflow_run: @@ -42,15 +42,29 @@ jobs: tags-suffix: "-s2n" steps: - - run: echo 'The relese triggering workflows passed' + - run: "echo 'The relese triggering workflows passed'" + + - name: "set env" + #if [ ${{ github.ref_name == 'develop' }} ];then BUILD_NAME="-nightly";else BUILD_NAME="";fi + run: | + if [ ${{ matrix.platform }} = "linux/amd64" ];then PLATFORM_MAP="x86_64";else PLATFORM_MAP="aarch64";fi + echo "PLATFORM_MAP=${PLATFORM_MAP}" >> $GITHUB_ENV + echo "TARGET_NAME=rpxy-nightly-${PLATFORM_MAP}-unknown-linux-${{ matrix.target }}" >> $GITHUB_ENV - name: "docker pull and extract binary from docker image" - # if: ${{ github.ref_name == 'develop' }} + id: "extract-binary" run: | CONTAINER_ID=`docker create --platform=${{ matrix.platform }} ghcr.io/junkurihara/rust-rpxy:nightly${{ matrix.tags-suffix }}` - if [ ${{ matrix.platform }} = "linux/amd64" ];then PLATFORM_MAP="x86_64";else PLATFORM_MAP="aarch64";fi - docker cp ${CONTAINER_ID}:/rpxy/bin/rpxy /tmp/rpxy-nightly-${PLATFORM_MAP}-unknown-linux-${{ matrix.target }}-${{ matrix.tags-suffix }} - ls /tmp + docker cp ${CONTAINER_ID}:/rpxy/bin/rpxy /tmp/${TARGET_NAME} + cd /tmp + tar zcvf ${TARGET_NAME}.tar.gz ${TARGET_NAME} + echo "artifact=${TARGET_NAME}" >> $GITHUB_OUTPUT + + - name: "upload artifacts" + uses: actions/upload-artifact@v3 + with: + name: ${{ steps.extract-binary.outputs.artifact }} + path: "/tmp/${{ steps.extract-binary.outputs.artifact }}.tar.gz" # on-failure: # runs-on: ubuntu-latest From b4792451ab7608a121a2968a40242a2d166195cb Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 11 Oct 2023 20:48:50 +0900 Subject: [PATCH 16/18] feat: automatic draft release --- .github/workflows/docker_build_push.yml | 2 + .github/workflows/release.yml | 73 +++++++++++++++++++++++-- CHANGELOG.md | 8 +++ rpxy-bin/Cargo.toml | 2 +- rpxy-lib/Cargo.toml | 2 +- 5 files changed, 79 insertions(+), 8 deletions(-) diff --git a/.github/workflows/docker_build_push.yml b/.github/workflows/docker_build_push.yml index c158cbe..c3cba7b 100644 --- a/.github/workflows/docker_build_push.yml +++ b/.github/workflows/docker_build_push.yml @@ -4,6 +4,8 @@ on: branches: - "develop" - "main" + tags: + - "*.*.*" pull_request: types: [synchronize, opened] diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a6a252c..a285aba 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -33,23 +33,55 @@ jobs: platform: linux/arm64 tags-suffix: "-slim" - - target: "gnu-s2n" + - target: "gnu" + build-feature: "-s2n" platform: linux/amd64 tags-suffix: "-s2n" - - target: "gnu-s2n" + - target: "gnu" + build-feature: "-s2n" platform: linux/arm64 tags-suffix: "-s2n" + - target: "gnu" + build-feature: "-native-roots" + platform: linux/amd64 + tags-suffix: "-native-roots" + + - target: "gnu" + build-feature: "-native-roots" + platform: linux/arm64 + tags-suffix: "-native-roots" + + - target: "musl" + build-feature: "-native-roots" + platform: linux/amd64 + tags-suffix: "-slim-native-roots" + + - target: "musl" + build-feature: "-native-roots" + platform: linux/arm64 + tags-suffix: "-slim-native-roots" + + - target: "gnu" + build-feature: "-s2n-native-roots" + platform: linux/amd64 + tags-suffix: "-s2n-native-roots" + + - target: "gnu" + build-feature: "-s2n-native-roots" + platform: linux/arm64 + tags-suffix: "-s2n-native-roots" + steps: - run: "echo 'The relese triggering workflows passed'" - name: "set env" - #if [ ${{ github.ref_name == 'develop' }} ];then BUILD_NAME="-nightly";else BUILD_NAME="";fi + #if [ ${{ github.ref_name == 'develop' }} ];then BUILD_NAME="rpxy-nightly";else BUILD_NAME="rpxy";fi run: | if [ ${{ matrix.platform }} = "linux/amd64" ];then PLATFORM_MAP="x86_64";else PLATFORM_MAP="aarch64";fi echo "PLATFORM_MAP=${PLATFORM_MAP}" >> $GITHUB_ENV - echo "TARGET_NAME=rpxy-nightly-${PLATFORM_MAP}-unknown-linux-${{ matrix.target }}" >> $GITHUB_ENV + echo "TARGET_NAME=rpxy-${PLATFORM_MAP}-unknown-linux-${{ matrix.target }}${{ matrix.build-feature }}" >> $GITHUB_ENV - name: "docker pull and extract binary from docker image" id: "extract-binary" @@ -57,17 +89,46 @@ jobs: CONTAINER_ID=`docker create --platform=${{ matrix.platform }} ghcr.io/junkurihara/rust-rpxy:nightly${{ matrix.tags-suffix }}` docker cp ${CONTAINER_ID}:/rpxy/bin/rpxy /tmp/${TARGET_NAME} cd /tmp - tar zcvf ${TARGET_NAME}.tar.gz ${TARGET_NAME} echo "artifact=${TARGET_NAME}" >> $GITHUB_OUTPUT - name: "upload artifacts" uses: actions/upload-artifact@v3 with: name: ${{ steps.extract-binary.outputs.artifact }} - path: "/tmp/${{ steps.extract-binary.outputs.artifact }}.tar.gz" + path: "/tmp/${{ steps.extract-binary.outputs.artifact }}" # on-failure: # runs-on: ubuntu-latest # if: ${{ github.event.workflow_run.conclusion == 'failure' }} # steps: # - run: echo 'The release triggering workflows failed' + + release: + runs-on: ubuntu-latest + # if: startsWith(github.ref, 'refs/tags/') + needs: on-success + steps: + - name: checkout + uses: actions/checkout@v4 + + - name: download artifacts + uses: actions/download-artifact@v3 + with: + path: /tmp/rpxy + + - name: make tar.gz of assets + run: | + mkdir /tmp/assets + cd /tmp/rpxy + for i in ./*; do sh -c "cd $i && tar zcvf $i.tar.gz $i && mv $i.tar.gz /tmp/assets/"; done + ls -lha /tmp/assets + + # - name: release + # uses: softprops/action-gh-release@v1 + # if: startsWith(github.ref, 'refs/tags/') + # with: + # files: /tmp/assets/*.tar.gz + # tag_name: ${{ github.ref }} + # draft: true + # prerelease: false + # generate_release_notes: true diff --git a/CHANGELOG.md b/CHANGELOG.md index a7c171f..20ac679 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,14 @@ ## 0.7.0 (unreleased) +## 0.6.2 + +### Improvement + +- Feat: Add a build feature of `native-roots` to use the system's default root cert store. +- Feat: Add binary release in addition to container release +- Refactor: lots of minor improvements + ## 0.6.1 ### Bugfix diff --git a/rpxy-bin/Cargo.toml b/rpxy-bin/Cargo.toml index 98ff827..fbe14dc 100644 --- a/rpxy-bin/Cargo.toml +++ b/rpxy-bin/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "rpxy" -version = "0.6.1" +version = "0.6.2" authors = ["Jun Kurihara"] homepage = "https://github.com/junkurihara/rust-rpxy" repository = "https://github.com/junkurihara/rust-rpxy" diff --git a/rpxy-lib/Cargo.toml b/rpxy-lib/Cargo.toml index 0b0d3ee..c7cce09 100644 --- a/rpxy-lib/Cargo.toml +++ b/rpxy-lib/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "rpxy-lib" -version = "0.6.1" +version = "0.6.2" authors = ["Jun Kurihara"] homepage = "https://github.com/junkurihara/rust-rpxy" repository = "https://github.com/junkurihara/rust-rpxy" From 22f647cb2a07cdcc94e9427f76444c2e036143c5 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 11 Oct 2023 22:28:18 +0900 Subject: [PATCH 17/18] feat: automatic draft release updated --- .github/workflows/ci.yml | 16 ++++---- .github/workflows/docker_build_push.yml | 4 +- .github/workflows/release.yml | 54 +++++++++++-------------- 3 files changed, 32 insertions(+), 42 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b578d4b..d9c9478 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,22 +2,20 @@ name: Unit Test on: push: - branches: [ main, develop ] pull_request: - branches: [ main, develop ] + types: [synchronize, opened] env: CARGO_TERM_COLOR: always jobs: test: - runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 - with: - submodules: recursive - - name: Run unit tests - run: | - cargo test --verbose + - uses: actions/checkout@v4 + with: + submodules: recursive + - name: Run unit tests + run: | + cargo test --verbose diff --git a/.github/workflows/docker_build_push.yml b/.github/workflows/docker_build_push.yml index c3cba7b..7f96aa8 100644 --- a/.github/workflows/docker_build_push.yml +++ b/.github/workflows/docker_build_push.yml @@ -1,4 +1,4 @@ -name: Build and Publish Docker +name: Build and publish docker on: push: branches: @@ -6,8 +6,6 @@ on: - "main" tags: - "*.*.*" - pull_request: - types: [synchronize, opened] env: GHCR: ghcr.io diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a285aba..ec075c5 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -1,20 +1,15 @@ -name: Extract executable binary and upload artifacts +name: Extract executable binary, upload artifacts, create release on: - push: - # workflow_run: - # workflows: - # - "Build and Publish Docker" - # - "Unit Test" - # types: - # - "completed" - # branches: - # - "main" - # - "develop" + workflow_run: + workflows: + - "Build and publish docker" + types: + - "completed" jobs: on-success: runs-on: ubuntu-latest - # if: ${{ github.event.workflow_run.conclusion == 'success' }} + if: ${{ github.event.workflow_run.conclusion == 'success' }} strategy: fail-fast: false matrix: @@ -75,13 +70,12 @@ jobs: steps: - run: "echo 'The relese triggering workflows passed'" - - name: "set env" - #if [ ${{ github.ref_name == 'develop' }} ];then BUILD_NAME="rpxy-nightly";else BUILD_NAME="rpxy";fi run: | if [ ${{ matrix.platform }} = "linux/amd64" ];then PLATFORM_MAP="x86_64";else PLATFORM_MAP="aarch64";fi + if [ ${{ github.ref_name == 'develop' }} ];then BUILD_NAME="rpxy-nightly";else BUILD_NAME="rpxy";fi echo "PLATFORM_MAP=${PLATFORM_MAP}" >> $GITHUB_ENV - echo "TARGET_NAME=rpxy-${PLATFORM_MAP}-unknown-linux-${{ matrix.target }}${{ matrix.build-feature }}" >> $GITHUB_ENV + echo "TARGET_NAME=${BUILD_NAME}-${PLATFORM_MAP}-unknown-linux-${{ matrix.target }}${{ matrix.build-feature }}" >> $GITHUB_ENV - name: "docker pull and extract binary from docker image" id: "extract-binary" @@ -97,15 +91,15 @@ jobs: name: ${{ steps.extract-binary.outputs.artifact }} path: "/tmp/${{ steps.extract-binary.outputs.artifact }}" - # on-failure: - # runs-on: ubuntu-latest - # if: ${{ github.event.workflow_run.conclusion == 'failure' }} - # steps: - # - run: echo 'The release triggering workflows failed' + on-failure: + runs-on: ubuntu-latest + if: ${{ github.event.workflow_run.conclusion == 'failure' }} + steps: + - run: echo 'The release triggering workflows failed' release: runs-on: ubuntu-latest - # if: startsWith(github.ref, 'refs/tags/') + if: startsWith(github.ref, 'refs/tags/') needs: on-success steps: - name: checkout @@ -123,12 +117,12 @@ jobs: for i in ./*; do sh -c "cd $i && tar zcvf $i.tar.gz $i && mv $i.tar.gz /tmp/assets/"; done ls -lha /tmp/assets - # - name: release - # uses: softprops/action-gh-release@v1 - # if: startsWith(github.ref, 'refs/tags/') - # with: - # files: /tmp/assets/*.tar.gz - # tag_name: ${{ github.ref }} - # draft: true - # prerelease: false - # generate_release_notes: true + - name: release + uses: softprops/action-gh-release@v1 + if: startsWith(github.ref, 'refs/tags/') + with: + files: /tmp/assets/*.tar.gz + tag_name: ${{ github.ref }} + draft: true + prerelease: false + generate_release_notes: true From 85beedc5c724c5e6de24574bfc3425080019d729 Mon Sep 17 00:00:00 2001 From: Jun Kurihara Date: Wed, 11 Oct 2023 22:36:24 +0900 Subject: [PATCH 18/18] chore: fix docker build push yml --- .github/workflows/docker_build_push.yml | 26 ++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/.github/workflows/docker_build_push.yml b/.github/workflows/docker_build_push.yml index 7f96aa8..8aa089f 100644 --- a/.github/workflows/docker_build_push.yml +++ b/.github/workflows/docker_build_push.yml @@ -119,19 +119,19 @@ jobs: username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} - - name: Nightly build test on amd64 for pull requests - if: ${{ github.event_name == 'pull_request' }} - uses: docker/build-push-action@v5 - with: - context: . - build-args: ${{ matrix.build-args }} - push: false - build-contexts: ${{ matrix.build-contexts }} - file: ${{ matrix.dockerfile }} - cache-from: type=gha,scope=rpxy-nightly-${{ matrix.target }} - cache-to: type=gha,mode=max,scope=rpxy-nightly-${{ matrix.target }} - platforms: linux/amd64 - labels: ${{ steps.meta.outputs.labels }} + # - name: Nightly build test on amd64 for pull requests + # if: ${{ github.event_name == 'pull_request' }} + # uses: docker/build-push-action@v5 + # with: + # context: . + # build-args: ${{ matrix.build-args }} + # push: false + # build-contexts: ${{ matrix.build-contexts }} + # file: ${{ matrix.dockerfile }} + # cache-from: type=gha,scope=rpxy-nightly-${{ matrix.target }} + # cache-to: type=gha,mode=max,scope=rpxy-nightly-${{ matrix.target }} + # platforms: linux/amd64 + # labels: ${{ steps.meta.outputs.labels }} - name: Nightly build and push from develop branch if: ${{ (github.ref_name == 'develop') && (github.event_name == 'push') }}