bump python to 3.12.9-r0

switch to branch next on upstream py-kms
drop KMS_ENHANCED_PRIVACY_ID
2025-10-24 08:33:48 +00:00 · 2025-02-10 10:41:40 +01:00 · 2025-02-10 10:39:20 +01:00 · 2025-02-07 11:43:16 +01:00 · 2025-02-07 11:31:02 +01:00 · 2025-02-07 11:30:22 +01:00
7 changed files with 43 additions and 1072 deletions
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -2,12 +2,19 @@ name: create and publish docker image

 on:
  workflow_dispatch:
+    inputs:
+      release:
+        description: 'create release or not'
+        required: false
+        default: true
+        type: 'boolean'
  push:
    tags:
      - 'v*'

 env:
  DOCKER_USERNAME: 11notes
+  RELEASE: true

 jobs:
  build-and-push-image:
@@ -36,19 +43,27 @@ jobs:
          export LOCAL_SEMVER_MAJOR=$(awk -F. '{ print $1 }' <<< ${json_version})
          export LOCAL_SEMVER_MINOR=$(awk -F. '{ print $2 }' <<< ${json_version})
          export LOCAL_SEMVER_PATCH=$(awk -F. '{ print $3 }' <<< ${json_version})
-          export LOCAL_TAGS="${json_image}:latest"
+          export LOCAL_TAGS="${json_image}:${LOCAL_SHA}"
          if [ ! -z ${LOCAL_SEMVER_MAJOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SEMVER_MAJOR}"; fi
          if [ ! -z ${LOCAL_SEMVER_MINOR} ]; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}"; fi
          if [ ! -z ${LOCAL_SEMVER_PATCH} ]; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SEMVER_MAJOR}.${LOCAL_SEMVER_MINOR}.${LOCAL_SEMVER_PATCH}"; fi
          if echo "${LOCAL_TAGS}" | grep -q "${json_stable}" ; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:stable"; fi
+          if echo "${LOCAL_TAGS}" | grep -q "${json_latest}" ; then LOCAL_TAGS="${LOCAL_TAGS},${json_image}:latest"; fi
          if [ ! -z ${json_tags} ]; then SPECIAL_LOCAL_TAGS=$(echo ${json_tags} | sed 's/,/ /g'); for LOCAL_TAG in ${json_tags}; do LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_TAG}"; done; fi
-          LOCAL_TAGS="${LOCAL_TAGS},${json_image}:${LOCAL_SHA}"
          echo "IMAGE_TAGS=${LOCAL_TAGS}" >> $GITHUB_ENV

          : # if for whatever reason UID/GID must be changed at build time
          echo "IMAGE_UID=${json_uid:-1000}" >> $GITHUB_ENV
          echo "IMAGE_GID=${json_gid:-1000}" >> $GITHUB_ENV

+          : # echo inputs
+          echo "${{ toJSON(github.event.inputs) }}"
+
+      - name: github / disable release
+        if: ${{ inputs.release != null && inputs.release == false }}
+        run: |
+          echo "RELEASE=false" >> $GITHUB_ENV
+
      - name: docker / login to hub
        uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567
        with:
@@ -88,6 +103,10 @@ jobs:
          image: ${{ env.json_image }}:grype
          severity-cutoff: high

+      - name: grype / report / print
+        if: success() || failure()
+        run: cat ${{ steps.scan.outputs.sarif }}
+
      - name: grype / delete tag
        if: success() || failure()
        run: |
@@ -102,9 +121,6 @@ jobs:
        with:
          sarif_file: ${{ steps.scan.outputs.sarif }}

-      - name: grype / report / print
-        run: cat ${{ steps.scan.outputs.sarif }}
-
      - name: docker / build & push
        uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d
        with:
@@ -128,9 +144,11 @@ jobs:
            ${{ env.IMAGE_TAGS }}

      - name: github / create release notes
+        if: ${{ env.RELEASE == 'true' && hashFiles('RELEASE.md') != '' }}
        env:
          GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        run: gh release create ${{ github.ref_name }} -F RELEASE.md
+        run: |
+          gh release create ${{ github.ref_name }} -F RELEASE.md

      - name: github / update description and set repo defaults
        run: |
--- a/.json
+++ b/.json
@@ -2,9 +2,10 @@
  "image":"11notes/kms",
  "description":"Activate any version of Windows and Office, forever",
  "name":"kms",
-  "version":"646f476",
+  "version":"465f4d1",
  "root":"/kms",
  
-  "stable":"646f476",
+  "stable":"465f4d1",
+  "latest":"465f4d1",
  "parent":"11notes/alpine:stable"
 }
--- a/README.md
+++ b/README.md
@@ -1,7 +1,7 @@
 ![Banner](https://github.com/11notes/defaults/blob/main/static/img/banner.png?raw=true)

 # 🏔️ kms on Alpine
-[<img src="https://img.shields.io/badge/github-source-blue?logo=github&color=040308">](https://github.com/11notes/docker-kms)![size](https://img.shields.io/docker/image-size/11notes/kms/646f476?color=0eb305)![version](https://img.shields.io/docker/v/11notes/kms/646f476?color=eb7a09)![pulls](https://img.shields.io/docker/pulls/11notes/kms?color=2b75d6)[<img src="https://img.shields.io/github/issues/11notes/docker-kms?color=7842f5">](https://github.com/11notes/docker-kms/issues)
+[<img src="https://img.shields.io/badge/github-source-blue?logo=github&color=040308">](https://github.com/11notes/docker-kms)![size](https://img.shields.io/docker/image-size/11notes/kms/465f4d1?color=0eb305)![version](https://img.shields.io/docker/v/11notes/kms/465f4d1?color=eb7a09)![pulls](https://img.shields.io/docker/pulls/11notes/kms?color=2b75d6)[<img src="https://img.shields.io/github/issues/11notes/docker-kms?color=7842f5">](https://github.com/11notes/docker-kms/issues)

 **Activate any version of Windows and Office, forever**

@@ -41,7 +41,7 @@ Works with:
 name: "kms"
 services:
  kms:
-    image: "11notes/kms:646f476"
+    image: "11notes/kms:465f4d1"
    container_name: "kms"
    environment:
      TZ: "Europe/Zurich"
@@ -98,7 +98,7 @@ slmgr /ato
 | `KMS_IP` | localhost or 127.0.0.1 or a dedicated IP | 0.0.0.0 |
 | `KMS_PORT` | any port > 1024 | 1688 |
 | `KMS_LOCALE` | see Microsoft LICD specification | 1033 (en-US) |
-| `KMS_CLIENTCOUNT` | client count >= 25 | 25 |
+| `KMS_CLIENTCOUNT` | client count > 25 | 26 |
 | `KMS_ACTIVATIONINTERVAL` | Retry unsuccessful after N minutes | 120 (2 hours) |
 | `KMS_RENEWALINTERVAL` | re-activation after N minutes | 259200 (180 days) |
 | `KMS_LOGLEVEL` | CRITICAL, ERROR, WARNING, INFO, DEBUG, MININFO | INFO |
@@ -113,10 +113,11 @@ slmgr /ato
 * [py-kms](https://github.com/Py-KMS-Organization/py-kms)
 * [alpine](https://alpinelinux.org)

-# TIPS 📌
-* Use a reverse proxy like Traefik, Nginx, HAproxy to terminate TLS with a valid certificate
-* Use Let’s Encrypt certificates to protect your SSL endpoints
+# GENERAL TIPS 📌
+* Use a reverse proxy like Traefik, Nginx, HAproxy to terminate TLS and to protect your endpoints
+* Use Let’s Encrypt DNS-01 challenge to obtain valid SSL certificates for your services
+* Do not expose this image to WAN! You will get notified from Microsoft via your ISP to terminate the service if you do so
 * [Microsoft LICD](https://learn.microsoft.com/en-us/openspecs/office_standards/ms-oe376/6c085406-a698-4e12-9d4d-c3b0ee3dbc4a)
  
 # ElevenNotes™️
-This image is provided to you at your own risk. Always make backups before updating an image to a different version. Check the [releases](https://github.com/11notes/docker-kms/releases) for breaking changes. If you have any problems with using this image simply raise an [issue](https://github.com/11notes/docker-kms/issues), thanks . You can find all my repositories on [github](https://github.com/11notes?tab=repositories).
+This image is provided to you at your own risk. Always make backups before updating an image to a different version. Check the [releases](https://github.com/11notes/docker-kms/releases) for breaking changes. If you have any problems with using this image simply raise an [issue](https://github.com/11notes/docker-kms/issues), thanks. You can find all my repositories on [github](https://github.com/11notes?tab=repositories).
--- a/RELEASE.md
+++ b/RELEASE.md
@@ -1,2 +1,2 @@
-### 🪄 Features
-* add DEBUG option via enivornment variable DEBUG
+### 🚀 Updates
+* switch to branch next on upstream py-kms
--- a/arch.dockerfile
+++ b/arch.dockerfile
@@ -1,18 +1,11 @@
 # :: Util
-  FROM alpine/git AS util
-
-  ARG NO_CACHE
-
-  RUN set -ex; \
-    git clone https://github.com/11notes/docker-util.git;
+  FROM 11notes/util AS util

 # :: Build / py-kms
  FROM alpine/git AS build
-
  ARG APP_VERSION
-
  RUN set -ex; \
-    git clone https://github.com/Py-KMS-Organization/py-kms.git; \
+    git clone https://github.com/Py-KMS-Organization/py-kms.git -b next; \
    cd /git/py-kms; \
    git checkout ${APP_VERSION}; \
    cp -R /git/py-kms/docker/docker-py3-kms-minimal/requirements.txt /git/py-kms/py-kms/requirements.txt; \
@@ -39,11 +32,11 @@
    ENV KMS_LOCALE=1033
    ENV KMS_CLIENTCOUNT=26
    ENV KMS_ACTIVATIONINTERVAL=120
-    ENV KMS_RENEWALINTERVAL=10080
+    ENV KMS_RENEWALINTERVAL=259200
    ENV KMS_LOGLEVEL="INFO"

  # :: multi-stage
-    COPY --from=util /git/docker-util/src/ /usr/local/bin
+    COPY --from=util /usr/local/bin/ /usr/local/bin
    COPY --from=build /git/py-kms/py-kms/ /opt/py-kms

  # :: Run
@@ -52,7 +45,7 @@
  # :: install application
    RUN set -ex; \
      apk --no-cache --update add \
-        python3=3.12.8-r1; \
+        python3=3.12.9-r0; \
      apk --no-cache --update --virtual .build add \
        py3-pip;

--- a/compose.yaml
+++ b/compose.yaml
@@ -1,7 +1,7 @@
 name: "kms"
 services:
  kms:
-    image: "11notes/kms:646f476"
+    image: "11notes/kms:465f4d1"
    container_name: "kms"
    environment:
      TZ: "Europe/Zurich"
--- a/rootfs/opt/py-kms/KmsDataBase.xml
+++ b/rootfs/opt/py-kms/KmsDataBase.xml
Author	SHA1	Message	Date
ElevenNotes	78d0173da0	bump python to 3.12.9-r0	2025-02-10 10:41:40 +01:00
ElevenNotes	c157fc1094	switch to branch next on upstream py-kms	2025-02-10 10:39:20 +01:00
ElevenNotes	b48eeb675e	drop KMS_ENHANCED_PRIVACY_ID	2025-02-07 11:43:16 +01:00
ElevenNotes	18c70eb586	drop KMS_ENHANCED_PRIVACY_ID	2025-02-07 11:31:02 +01:00
ElevenNotes	b1ff4dc249	drop KMS_ENHANCED_PRIVACY_ID	2025-02-07 11:30:22 +01:00
ElevenNotes	39c409583f	add KMS_ENHANCED_PRIVACY_ID	2025-02-07 11:14:17 +01:00
ElevenNotes	7b2d310a77	add KMS_ENHANCED_PRIVACY_ID	2025-02-07 11:13:54 +01:00