mirror of
https://github.com/11notes/docker-kms-gui.git
synced 2025-11-02 20:33:12 +00:00
Compare commits
5 Commits
| Author | SHA1 | Date | |
|---|---|---|---|
|
caa7a8a1e6 | ||
|
|
dcfb8ba91e | ||
|
|
129c21344c | ||
|
|
303774a72c | ||
|
|
23892c6d0b |
3
.gitattributes
vendored
3
.gitattributes
vendored
@@ -1,2 +1 @@
|
||||
# Auto detect text files and perform LF normalization
|
||||
* text=auto
|
||||
* text=auto
|
||||
138
.github/workflows/docker.yml
vendored
138
.github/workflows/docker.yml
vendored
@@ -2,16 +2,37 @@ name: create and publish docker image
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
inputs:
|
||||
release:
|
||||
description: 'set WORKFLOW_GITHUB_RELEASE'
|
||||
required: false
|
||||
default: 'false'
|
||||
image:
|
||||
description: 'set IMAGE'
|
||||
required: false
|
||||
uid:
|
||||
description: 'set IMAGE_UID'
|
||||
required: false
|
||||
gid:
|
||||
description: 'set IMAGE_GID'
|
||||
required: false
|
||||
semverprefix:
|
||||
description: 'prefix for semver tags'
|
||||
required: false
|
||||
semversuffix:
|
||||
description: 'suffix for semver tags'
|
||||
required: false
|
||||
dispatch:
|
||||
description: 'run dispatch at end'
|
||||
required: false
|
||||
default: 'false'
|
||||
push:
|
||||
tags:
|
||||
- 'v*'
|
||||
|
||||
env:
|
||||
DOCKER_USERNAME: 11notes
|
||||
|
||||
jobs:
|
||||
build-and-push-image:
|
||||
runs-on: ubuntu-latest
|
||||
runs-on: ubuntu-22.04
|
||||
permissions:
|
||||
contents: write
|
||||
packages: write
|
||||
@@ -21,6 +42,14 @@ jobs:
|
||||
- name: init / checkout
|
||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683
|
||||
|
||||
- name: init / inputs to env
|
||||
if: github.event_name == 'workflow_dispatch'
|
||||
run: |
|
||||
cat << 'EOF' > .inputs
|
||||
${{ toJSON(github.event.inputs) }}
|
||||
EOF
|
||||
for KEY in $(cat .inputs | jq --raw-output 'keys[]' | tr '\n' ' '); do echo "input_$(echo ${KEY} | tr '[:upper:]' '[:lower:]')=$(cat .inputs | jq --raw-output '.'${KEY}'')" >> $GITHUB_ENV; done
|
||||
|
||||
- name: init / .json to env
|
||||
uses: rgarcia-phi/json-to-variables@9835d537368468c4e4de5254dc3efeadda183793
|
||||
with:
|
||||
@@ -28,31 +57,43 @@ jobs:
|
||||
|
||||
- name: init / setup environment
|
||||
run: |
|
||||
: # set default arch if not set
|
||||
: # set image
|
||||
LOCAL_IMAGE=${json_image}
|
||||
if [ ! -z ${input_image} ]; then LOCAL_IMAGE=${input_image}; fi
|
||||
echo "IMAGE=${LOCAL_IMAGE}" >> $GITHUB_ENV
|
||||
|
||||
: # set defaults
|
||||
echo "IMAGE_ARCH=${json_arch:-linux/amd64,linux/arm64}" >> $GITHUB_ENV
|
||||
echo "WORKFLOW_GRYPE_SEVERITY_CUTOFF=${json_grype_severity:-high}" >> $GITHUB_ENV;
|
||||
echo "WORKFLOW_GITHUB_RELEASE=${input_release:-true}" >> $GITHUB_ENV;
|
||||
echo "WORKFLOW_DISPATCH=${input_dispatch:-true}" >> $GITHUB_ENV;
|
||||
|
||||
: # create tags for semver, stable and other shenanigans
|
||||
export LOCAL_SHA=$(git rev-parse --short HEAD)
|
||||
export LOCAL_SEMVER_MAJOR=$(awk -F. '{ print $1 }' <<< ${json_version})
|
||||
export LOCAL_SEMVER_MINOR=$(awk -F. '{ print $2 }' <<< ${json_version})
|
||||
export LOCAL_SEMVER_PATCH=$(awk -F. '{ print $3 }' <<< ${json_version})
|
||||
export LOCAL_TAGS="${json_image}:latest"
|
||||
if [ ! -z ${LOCAL_SEMVER_MAJOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SEMVER_MAJOR}"; fi
|
||||
if [ ! -z ${LOCAL_SEMVER_MINOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}"; fi
|
||||
if [ ! -z ${LOCAL_SEMVER_PATCH} ]; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}.${LOCAL_SEMVER_PATCH}"; fi
|
||||
if echo "${LOCAL_TAGS}" | grep -q "${json_stable}" ; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:stable"; fi
|
||||
if [ ! -z ${json_tags} ]; then SPECIAL_LOCAL_TAGS=$(echo ${json_tags} | sed 's/,/ /g'); for LOCAL_TAG in ${json_tags}; do LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_TAG}"; done; fi
|
||||
LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SHA}"
|
||||
LOCAL_SHA=$(git rev-parse --short HEAD)
|
||||
LOCAL_SEMVER_MAJOR=$(awk -F. '{ print $1 }' <<< ${json_semver_version})
|
||||
LOCAL_SEMVER_MINOR=$(awk -F. '{ print $2 }' <<< ${json_semver_version})
|
||||
LOCAL_SEMVER_PATCH=$(awk -F. '{ print $3 }' <<< ${json_semver_version})
|
||||
LOCAL_SEMVER_PREFIX=""
|
||||
LOCAL_SEMVER_SUFFIX=""
|
||||
LOCAL_TAGS="${LOCAL_IMAGE}:${LOCAL_SHA}"
|
||||
if [ ! -z ${input_semverprefix} ]; then LOCAL_SEMVER_PREFIX="${input_semverprefix}-"; fi
|
||||
if [ ! -z ${input_semversuffix} ]; then LOCAL_SEMVER_SUFFIX="-${input_semversuffix}"; fi
|
||||
if [ ! -z ${LOCAL_SEMVER_MAJOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_SEMVER_PREFIX}${LOCAL_SEMVER_MAJOR}${LOCAL_SEMVER_SUFFIX}"; fi
|
||||
if [ ! -z ${LOCAL_SEMVER_MINOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_SEMVER_PREFIX}${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}${LOCAL_SEMVER_SUFFIX}"; fi
|
||||
if [ ! -z ${LOCAL_SEMVER_PATCH} ]; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_SEMVER_PREFIX}${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}.${LOCAL_SEMVER_PATCH}${LOCAL_SEMVER_SUFFIX}"; fi
|
||||
if echo "${LOCAL_TAGS}" | grep -q "${json_semver_stable}" ; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:stable"; fi
|
||||
if echo "${LOCAL_TAGS}" | grep -q "${json_semver_latest}" ; then LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:latest"; fi
|
||||
if [ ! -z ${json_semver_tags} ]; then SPECIAL_LOCAL_TAGS=$(echo ${json_semver_tags} | sed 's/,/ /g'); for LOCAL_TAG in ${json_semver_tags}; do LOCAL_TAGS="${LOCAL_TAGS},${LOCAL_IMAGE}:${LOCAL_TAG}"; done; fi
|
||||
echo "IMAGE_TAGS=${LOCAL_TAGS}" >> $GITHUB_ENV
|
||||
|
||||
: # if for whatever reason UID/GID must be changed at build time
|
||||
echo "IMAGE_UID=${json_uid:-1000}" >> $GITHUB_ENV
|
||||
echo "IMAGE_GID=${json_gid:-1000}" >> $GITHUB_ENV
|
||||
if [ ! -z ${input_uid} ]; then echo "IMAGE_UID=${input_uid}" >> $GITHUB_ENV; else echo "IMAGE_UID=${json_uid:-1000}" >> $GITHUB_ENV; fi
|
||||
if [ ! -z ${input_gid} ]; then echo "IMAGE_GID=${input_gid}" >> $GITHUB_ENV; else echo "IMAGE_GID=${json_gid:-1000}" >> $GITHUB_ENV; fi
|
||||
|
||||
- name: docker / login to hub
|
||||
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
|
||||
with:
|
||||
username: ${{ env.DOCKER_USERNAME }}
|
||||
username: 11notes
|
||||
password: ${{ secrets.DOCKER_TOKEN }}
|
||||
|
||||
- name: docker / setup qemu
|
||||
@@ -68,31 +109,41 @@ jobs:
|
||||
file: arch.dockerfile
|
||||
push: true
|
||||
platforms: ${{ env.IMAGE_ARCH }}
|
||||
cache-from: type=registry,ref=${{ env.json_image }}:buildcache
|
||||
cache-to: type=registry,ref=${{ env.json_image }}:buildcache,mode=max,compression=zstd,force-compression=true
|
||||
cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache
|
||||
cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max,compression=zstd,force-compression=true
|
||||
build-args: |
|
||||
APP_IMAGE=${{ env.json_image }}
|
||||
APP_IMAGE=${{ env.IMAGE }}
|
||||
APP_NAME=${{ env.json_name }}
|
||||
APP_VERSION=${{ env.json_version }}
|
||||
APP_VERSION=${{ env.json_semver_version }}
|
||||
APP_ROOT=${{ env.json_root }}
|
||||
APP_UID=${{ env.IMAGE_UID }}
|
||||
APP_GID=${{ env.IMAGE_GID }}
|
||||
NO_CACHE=$(date +%s)
|
||||
tags: |
|
||||
${{ env.json_image }}:grype
|
||||
${{ env.IMAGE }}:grype
|
||||
|
||||
- name: grype / scan
|
||||
id: scan
|
||||
uses: anchore/scan-action@abae793926ec39a78ab18002bc7fc45bbbd94342
|
||||
with:
|
||||
image: ${{ env.json_image }}:grype
|
||||
severity-cutoff: high
|
||||
image: ${{ env.IMAGE }}:grype
|
||||
severity-cutoff: ${{ env.WORKFLOW_GRYPE_SEVERITY_CUTOFF }}
|
||||
|
||||
- name: grype / report / print
|
||||
if: success() || failure()
|
||||
run: cat ${{ steps.scan.outputs.sarif }}
|
||||
|
||||
- name: grype / report / annotation
|
||||
if: success() || failure()
|
||||
uses: Miragon/sarif-report-parse@f8bcc5ece9c2b9a786ff4e7392cca2bb72ae8b4b
|
||||
with:
|
||||
sarif-file: ${{ steps.scan.outputs.sarif }}
|
||||
|
||||
- name: grype / delete tag
|
||||
if: success() || failure()
|
||||
run: |
|
||||
curl --request DELETE \
|
||||
--url https://hub.docker.com/v2/repositories/${{ env.json_image }}/tags/grype/ \
|
||||
--url https://hub.docker.com/v2/repositories/${{ env.IMAGE }}/tags/grype/ \
|
||||
--header 'authorization: jwt ${{ secrets.DOCKER_TOKEN }}' \
|
||||
--header 'content-type: application/json' \
|
||||
--fail
|
||||
@@ -102,9 +153,6 @@ jobs:
|
||||
with:
|
||||
sarif_file: ${{ steps.scan.outputs.sarif }}
|
||||
|
||||
- name: grype / report / print
|
||||
run: cat ${{ steps.scan.outputs.sarif }}
|
||||
|
||||
- name: docker / build & push
|
||||
uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d
|
||||
with:
|
||||
@@ -114,12 +162,12 @@ jobs:
|
||||
sbom: true
|
||||
provenance: mode=max
|
||||
platforms: ${{ env.IMAGE_ARCH }}
|
||||
cache-from: type=registry,ref=${{ env.json_image }}:buildcache
|
||||
cache-to: type=registry,ref=${{ env.json_image }}:buildcache,mode=max,compression=zstd,force-compression=true
|
||||
cache-from: type=registry,ref=${{ env.IMAGE }}:buildcache
|
||||
cache-to: type=registry,ref=${{ env.IMAGE }}:buildcache,mode=max,compression=zstd,force-compression=true
|
||||
build-args: |
|
||||
APP_IMAGE=${{ env.json_image }}
|
||||
APP_IMAGE=${{ env.IMAGE }}
|
||||
APP_NAME=${{ env.json_name }}
|
||||
APP_VERSION=${{ env.json_version }}
|
||||
APP_VERSION=${{ env.json_semver_version }}
|
||||
APP_ROOT=${{ env.json_root }}
|
||||
APP_UID=${{ env.IMAGE_UID }}
|
||||
APP_GID=${{ env.IMAGE_GID }}
|
||||
@@ -128,9 +176,11 @@ jobs:
|
||||
${{ env.IMAGE_TAGS }}
|
||||
|
||||
- name: github / create release notes
|
||||
if: env.WORKFLOW_GITHUB_RELEASE == 'true' && hashFiles('RELEASE.md') != ''
|
||||
env:
|
||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
||||
run: gh release create ${{ github.ref_name }} -F RELEASE.md
|
||||
run: |
|
||||
gh release create ${{ github.ref_name }} -F RELEASE.md
|
||||
|
||||
- name: github / update description and set repo defaults
|
||||
run: |
|
||||
@@ -139,7 +189,7 @@ jobs:
|
||||
--header 'authorization: Bearer ${{ secrets.REPOSITORY_TOKEN }}' \
|
||||
--header 'content-type: application/json' \
|
||||
--data '{
|
||||
"description":"${{ env.json_description }}",
|
||||
"description":"${{ env.json_readme_description }}",
|
||||
"homepage":"",
|
||||
"has_issues":true,
|
||||
"has_discussions":true,
|
||||
@@ -149,12 +199,20 @@ jobs:
|
||||
--fail
|
||||
|
||||
- name: docker / push README.md to docker hub
|
||||
if: hashFiles('README.md') != ''
|
||||
uses: christian-korneck/update-container-description-action@d36005551adeaba9698d8d67a296bd16fa91f8e8
|
||||
env:
|
||||
DOCKER_USER: ${{ env.DOCKER_USERNAME }}
|
||||
DOCKER_USER: 11notes
|
||||
DOCKER_PASS: ${{ secrets.DOCKER_TOKEN }}
|
||||
with:
|
||||
destination_container_repo: ${{ env.json_image }}
|
||||
destination_container_repo: ${{ env.IMAGE }}
|
||||
provider: dockerhub
|
||||
short_description: ${{ env.json_description }}
|
||||
readme_file: 'README.md'
|
||||
short_description: ${{ env.json_readme_description }}
|
||||
readme_file: 'README.md'
|
||||
|
||||
- name: github / dispatch workflow
|
||||
if: env.WORKFLOW_DISPATCH == 'true' && env.json_dispatch_workflow != null
|
||||
uses: benc-uk/workflow-dispatch@e2e5e9a103e331dad343f381a29e654aea3cf8fc
|
||||
with:
|
||||
workflow: ${{ env.json_dispatch_workflow }}
|
||||
token: "${{ secrets.REPOSITORY_TOKEN }}"
|
||||
16
.json
16
.json
@@ -1,10 +1,18 @@
|
||||
{
|
||||
"image":"11notes/kms-gui",
|
||||
"description":"Activate any version of Windows and Office, forever",
|
||||
"name":"kms-gui",
|
||||
"version":"646f476",
|
||||
"root":"/kms",
|
||||
|
||||
"stable":"646f476",
|
||||
"parent":"11notes/kms:646f476"
|
||||
"semver":{
|
||||
"version":"465f4d1",
|
||||
"stable":"465f4d1",
|
||||
"latest":"465f4d1"
|
||||
},
|
||||
|
||||
"readme":{
|
||||
"description":"Activate any version of Windows and Office, forever",
|
||||
"parent":{
|
||||
"image":"11notes/kms:465f4d1"
|
||||
}
|
||||
}
|
||||
}
|
||||
20
README.md
20
README.md
@@ -1,11 +1,11 @@
|
||||
|
||||
|
||||
# 🏔️ kms-gui on Alpine
|
||||
[<img src="https://img.shields.io/badge/github-source-blue?logo=github&color=040308">](https://github.com/11notes/docker-kms-gui)[<img src="https://img.shields.io/github/issues/11notes/docker-kms-gui?color=7842f5">](https://github.com/11notes/docker-kms-gui/issues)
|
||||
[<img src="https://img.shields.io/badge/github-source-blue?logo=github&color=040308">](https://github.com/11notes/docker-kms-gui)[<img src="https://img.shields.io/github/issues/11notes/docker-kms-gui?color=7842f5">](https://github.com/11notes/docker-kms-gui/issues)
|
||||
|
||||
**Activate any version of Windows and Office, forever**
|
||||
|
||||
|
||||
|
||||
|
||||
# SYNOPSIS 📖
|
||||
**What can I do with this?** This image will run a web GUI for your [11notes/kms](https://hub.docker.com/r/11notes/kms) server.
|
||||
@@ -15,7 +15,7 @@
|
||||
name: "kms"
|
||||
services:
|
||||
kms:
|
||||
image: "11notes/kms:latest"
|
||||
image: "11notes/kms:stable"
|
||||
container_name: "kms"
|
||||
environment:
|
||||
TZ: Europe/Zurich
|
||||
@@ -25,7 +25,7 @@ services:
|
||||
- "1688:1688/tcp"
|
||||
restart: always
|
||||
kms-gui:
|
||||
image: "11notes/kms-gui:646f476"
|
||||
image: "11notes/kms-gui:465f4d1"
|
||||
container_name: "kms-gui"
|
||||
environment:
|
||||
TZ: Europe/Zurich
|
||||
@@ -42,21 +42,21 @@ volumes:
|
||||
| Parameter | Value | Default |
|
||||
| --- | --- | --- |
|
||||
| `TZ` | [Time Zone](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) | |
|
||||
| `DEBUG` | Show debug messages from image **not** app | |
|
||||
| `DEBUG` | Will activate debug option for container image and app (if available) | |
|
||||
|
||||
# SOURCE 💾
|
||||
* [11notes/kms-gui](https://github.com/11notes/docker-kms-gui)
|
||||
|
||||
# PARENT IMAGE 🏛️
|
||||
* [11notes/kms:646f476](https://hub.docker.com/r/11notes/kms)
|
||||
* [11notes/kms:465f4d1](https://hub.docker.com/r/11notes/kms)
|
||||
|
||||
# BUILT WITH 🧰
|
||||
* [py-kms](https://github.com/Py-KMS-Organization/py-kms)
|
||||
* [alpine](https://alpinelinux.org)
|
||||
|
||||
# TIPS 📌
|
||||
* Use a reverse proxy like Traefik, Nginx, HAproxy to terminate TLS with a valid certificate
|
||||
* Use Let’s Encrypt certificates to protect your SSL endpoints
|
||||
# GENERAL TIPS 📌
|
||||
* Use a reverse proxy like Traefik, Nginx, HAproxy to terminate TLS and to protect your endpoints
|
||||
* Use Let’s Encrypt DNS-01 challenge to obtain valid SSL certificates for your services
|
||||
|
||||
# ElevenNotes™️
|
||||
This image is provided to you at your own risk. Always make backups before updating an image to a different version. Check the [releases](https://github.com/11notes/docker-kms-gui/releases) for breaking changes. If you have any problems with using this image simply raise an [issue](https://github.com/11notes/docker-kms-gui/issues), thanks . You can find all my repositories on [github](https://github.com/11notes?tab=repositories).
|
||||
This image is provided to you at your own risk. Always make backups before updating an image to a different version. Check the [releases](https://github.com/11notes/docker-kms-gui/releases) for breaking changes. If you have any problems with using this image simply raise an [issue](https://github.com/11notes/docker-kms-gui/issues), thanks. If you have a question or inputs please create a new [discussion](https://github.com/11notes/docker-kms-gui/discussions) instead of an issue. You can find all my other repositories on [github](https://github.com/11notes?tab=repositories).
|
||||
@@ -1,2 +1,2 @@
|
||||
### 🪄 Features
|
||||
* add DEBUG option via enivornment variable DEBUG
|
||||
* new .json format
|
||||
@@ -1,7 +1,7 @@
|
||||
name: "kms"
|
||||
services:
|
||||
kms:
|
||||
image: "11notes/kms:latest"
|
||||
image: "11notes/kms:stable"
|
||||
container_name: "kms"
|
||||
environment:
|
||||
TZ: Europe/Zurich
|
||||
@@ -11,7 +11,7 @@ services:
|
||||
- "1688:1688/tcp"
|
||||
restart: always
|
||||
kms-gui:
|
||||
image: "11notes/kms-gui:646f476"
|
||||
image: "11notes/kms-gui:465f4d1"
|
||||
container_name: "kms-gui"
|
||||
environment:
|
||||
TZ: Europe/Zurich
|
||||
|
||||
Reference in New Issue
Block a user