From 6d889a594589c6f259b87038106e5c9b20a56a2c Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Mon, 6 May 2024 11:48:35 +0000 Subject: [PATCH 1/9] Setup actions --- .gitea/workflows/build-develop.yaml | 52 +++++++++++++++ .gitea/workflows/build-main.yaml | 52 +++++++++++++++ .gitea/workflows/build-tagged-release.yaml | 77 ++++++++++++++++++++++ .gitea/workflows/test-pr.yaml | 46 +++++++++++++ 4 files changed, 227 insertions(+) create mode 100644 .gitea/workflows/build-develop.yaml create mode 100644 .gitea/workflows/build-main.yaml create mode 100644 .gitea/workflows/build-tagged-release.yaml create mode 100644 .gitea/workflows/test-pr.yaml diff --git a/.gitea/workflows/build-develop.yaml b/.gitea/workflows/build-develop.yaml new file mode 100644 index 0000000..137fbf7 --- /dev/null +++ b/.gitea/workflows/build-develop.yaml @@ -0,0 +1,52 @@ +name: Build Develop Image +on: + push: + branches: + - 'develop' + +env: + FULL_TAG: git.mrmeeb.stream/mrmeeb/pywebfinger:develop + +jobs: + "Build Image": + runs-on: [ubuntu-docker-latest, linux/amd64] + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Gitea Container Registry + uses: docker/login-action@v3 + with: + registry: git.mrmeeb.stream + username: ${{ env.GITHUB_ACTOR }} + password: ${{ secrets.GTCR_TOKEN }} + - name: Build and push + uses: docker/build-push-action@v5 + with: + push: true + platforms: linux/amd64,linux/arm64 + tags: ${{ env.FULL_TAG }} + provenance: false + - name: Notify on failure + uses: rjstone/discord-webhook-notify@v1 + if: failure() + with: + severity: error + details: Build failed! + webhookUrl: ${{ secrets.DISCORD_WEBHOOK }} + username: Gitea + avatarUrl: ${{ vars.RUNNER_ICON_URL }} + "Notify": + runs-on: [ubuntu-docker-latest, linux/amd64] + needs: ["Build Image"] + steps: + - name: Notify of success + uses: rjstone/discord-webhook-notify@v1 + if: success() + with: + severity: info + details: Build succeeded! + webhookUrl: ${{ secrets.DISCORD_WEBHOOK }} + username: Gitea + avatarUrl: ${{ vars.RUNNER_ICON_URL }} \ No newline at end of file diff --git a/.gitea/workflows/build-main.yaml b/.gitea/workflows/build-main.yaml new file mode 100644 index 0000000..05c38e7 --- /dev/null +++ b/.gitea/workflows/build-main.yaml @@ -0,0 +1,52 @@ +name: Build Main Image +on: + push: + branches: + - 'main' + +env: + FULL_TAG: git.mrmeeb.stream/mrmeeb/pywebfinger:latest + +jobs: + "Build Image": + runs-on: [ubuntu-docker-latest, linux/amd64] + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Gitea Container Registry + uses: docker/login-action@v3 + with: + registry: git.mrmeeb.stream + username: ${{ env.GITHUB_ACTOR }} + password: ${{ secrets.GTCR_TOKEN }} + - name: Build and push + uses: docker/build-push-action@v5 + with: + push: true + platforms: linux/amd64,linux/arm64 + tags: ${{ env.FULL_TAG }} + provenance: false + - name: Notify on failure + uses: rjstone/discord-webhook-notify@v1 + if: failure() + with: + severity: error + details: Build failed! + webhookUrl: ${{ secrets.DISCORD_WEBHOOK }} + username: Gitea + avatarUrl: ${{ vars.RUNNER_ICON_URL }} + "Notify": + runs-on: [ubuntu-docker-latest, linux/amd64] + needs: ["Build Image"] + steps: + - name: Notify of success + uses: rjstone/discord-webhook-notify@v1 + if: success() + with: + severity: info + details: Build succeeded! + webhookUrl: ${{ secrets.DISCORD_WEBHOOK }} + username: Gitea + avatarUrl: ${{ vars.RUNNER_ICON_URL }} \ No newline at end of file diff --git a/.gitea/workflows/build-tagged-release.yaml b/.gitea/workflows/build-tagged-release.yaml new file mode 100644 index 0000000..8814e0c --- /dev/null +++ b/.gitea/workflows/build-tagged-release.yaml @@ -0,0 +1,77 @@ +name: Build Tagged Release Image +on: + push: + tags: + - '*' + +env: + FULL_TAG: git.mrmeeb.stream/mrmeeb/pywebfinger + +jobs: + "Build Image": + runs-on: [ubuntu-docker-latest, linux/amd64] + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Login to Gitea Container Registry + uses: docker/login-action@v3 + with: + registry: git.mrmeeb.stream + username: ${{ env.GITHUB_ACTOR }} + password: ${{ secrets.GTCR_TOKEN }} + - name: Docker metadata + id: meta + uses: docker/metadata-action@v5 + with: + images: ${FULL_TAG} + tags: | + type=pep440,pattern={{version}} + - name: Build and push + uses: docker/build-push-action@v5 + with: + push: true + platforms: linux/amd64,linux/arm64 + tags: ${{ steps.meta.outputs.tags }} + provenance: false + - name: Notify on failure + uses: rjstone/discord-webhook-notify@v1 + if: failure() + with: + severity: error + details: Build failed! + webhookUrl: ${{ secrets.DISCORD_WEBHOOK }} + username: Gitea + avatarUrl: ${{ vars.RUNNER_ICON_URL }} + "Create Release": + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + with: + fetch-depth: 0 + - name: Set up Go + uses: actions/setup-go@v4 + - name: Run GoReleaser + uses: goreleaser/goreleaser-action@v5 + with: + distribution: goreleaser + version: latest + args: release --clean -f .goreleaser-gitea.yaml + env: + GITHUB_TOKEN: ${{ secrets.GITEA_TOKEN }} + + "Notify": + runs-on: [ubuntu-docker-latest, linux/amd64] + needs: ["Build Image"] + steps: + - name: Notify of success + uses: rjstone/discord-webhook-notify@v1 + if: success() + with: + severity: info + details: Build succeeded! + webhookUrl: ${{ secrets.DISCORD_WEBHOOK }} + username: Gitea + avatarUrl: ${{ vars.RUNNER_ICON_URL }} \ No newline at end of file diff --git a/.gitea/workflows/test-pr.yaml b/.gitea/workflows/test-pr.yaml new file mode 100644 index 0000000..93b5cfa --- /dev/null +++ b/.gitea/workflows/test-pr.yaml @@ -0,0 +1,46 @@ +name: Test Pull Request +on: + pull_request: + branches: + - 'develop' + +env: + FULL_TAG: git.mrmeeb.stream/mrmeeb/pywebfinger:develop + +jobs: + "Build Image": + runs-on: [ubuntu-docker-latest, linux/amd64] + steps: + - name: Set up QEMU + uses: docker/setup-qemu-action@v3 + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + - name: Build + uses: docker/build-push-action@v5 + with: + push: false + platforms: linux/amd64,linux/arm64 + tags: ${{ env.FULL_TAG }} + provenance: false + - name: Notify on failure + uses: rjstone/discord-webhook-notify@v1 + if: failure() + with: + severity: error + details: Build failed! + webhookUrl: ${{ secrets.DISCORD_WEBHOOK }} + username: Gitea + avatarUrl: ${{ vars.RUNNER_ICON_URL }} + "Notify": + runs-on: [ubuntu-docker-latest, linux/amd64] + needs: ["Build Image"] + steps: + - name: Notify of success + uses: rjstone/discord-webhook-notify@v1 + if: success() + with: + severity: info + details: Build succeeded! + webhookUrl: ${{ secrets.DISCORD_WEBHOOK }} + username: Gitea + avatarUrl: ${{ vars.RUNNER_ICON_URL }} \ No newline at end of file From f3e925a01852d9eaf21854d3fd53636dacb60999 Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Mon, 6 May 2024 11:49:35 +0000 Subject: [PATCH 2/9] Add webfinger.py --- webfinger.py | 72 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 72 insertions(+) create mode 100644 webfinger.py diff --git a/webfinger.py b/webfinger.py new file mode 100644 index 0000000..e989a38 --- /dev/null +++ b/webfinger.py @@ -0,0 +1,72 @@ + +from http.server import BaseHTTPRequestHandler, HTTPServer +from urllib.parse import urlparse, parse_qs +import json +import os + +class WebFingerHandler(BaseHTTPRequestHandler): + def do_GET(self): + if self.path.startswith('/.well-known/webfinger'): + parsed_url = urlparse(self.path) + query_params = parse_qs(parsed_url.query) + + if 'resource' in query_params: + resource = query_params['resource'][0] + + if resource.startswith('acct:'): + email = resource[5:] + issuer_url = os.environ["ISSUER_URL"] + response_data = { + "subject": resource, + "links": [ + { + "rel": "http://openid.net/specs/connect/1.0/issuer", + "href": issuer_url + }, + { + "rel": "authorization_endpoint", + "href": issuer_url + "oauth2/authorize" + }, + { + "rel": "token_endpoint", + "href": issuer_url + "oauth2/token" + }, + { + "rel": "userinfo_endpoint", + "href": issuer_url + "userinfo" + }, + { + "rel": "jwks_uri", + "href": issuer_url + "jwks" + } + ] + } + self.send_response(200) + self.send_header("Content-type", "application/json") + self.end_headers() + self.wfile.write(json.dumps(response_data).encode()) + return + + if self.path.startswith('/health'): + self.send_response(200) + response_data = { + "health": "ok" + } + self.send_header("Content-type", "application/json") + self.end_headers() + self.wfile.write(json.dumps(response_data).encode()) + return + + self.send_response(404) + self.end_headers() + self.wfile.write(b"Resource not found") + +def run_server(server_class=HTTPServer, handler_class=WebFingerHandler, port=8000): + server_address = ('', port) + httpd = server_class(server_address, handler_class) + print("Issuer URL is " + os.environ["ISSUER_URL"]) + print(f"Starting WebFinger server on port {port}") + httpd.serve_forever() + +if __name__ == '__main__': + run_server() \ No newline at end of file From d7bef43b9c0bbbdfe1d7c4bdafcc5934f41bcb1d Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Mon, 6 May 2024 11:49:41 +0000 Subject: [PATCH 3/9] Add Dockerfile --- Dockerfile | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 Dockerfile diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..780be26 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,13 @@ +FROM python:3.13.0a6-alpine3.19 + +RUN apk add curl + +ENV ISSUER_URL= + +EXPOSE 8000 + +COPY webfinger.py /webfinger.py + +HEALTHCHECK --interval=30s --timeout=15s --start-period=30s --retries=3 CMD curl -f http://localhost:8000/healthcheck || exit 1 + +CMD [ "python", "-u", "/webfinger.py" ] \ No newline at end of file From c2a4a9f9f9726e9c53f223a5aa8cb61e13c4e100 Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Mon, 6 May 2024 11:49:49 +0000 Subject: [PATCH 4/9] Enable goreleaser --- goreleaser-gitea.yaml | 34 ++++++++++++++++++++++++++++++++++ 1 file changed, 34 insertions(+) create mode 100644 goreleaser-gitea.yaml diff --git a/goreleaser-gitea.yaml b/goreleaser-gitea.yaml new file mode 100644 index 0000000..aa84bdd --- /dev/null +++ b/goreleaser-gitea.yaml @@ -0,0 +1,34 @@ +dist: dist-gitea + +build: + skip: true + +archives: +- format: binary + +release: + draft: true + + header: | + # PyWebfinger v{{ .Tag }} + + ## Docker Image: + `git.mrmeeb.stream/mrmeeb/pywebfinger:{{ .Tag }}` + + gitea: + owner: MrMeeb + name: pywebfinger + +changelog: + sort: asc + filters: + exclude: + - '^docs:' + - '^test:' + +# .goreleaser.yaml +gitea_urls: + api: https://git.mrmeeb.stream/api/v1 + download: https://git.mrmeeb.stream + # set to true if you use a self-signed certificate + skip_tls_verify: false \ No newline at end of file From 1e0190f3043846fcfd4883d598403e1c59bd4564 Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Mon, 6 May 2024 11:49:55 +0000 Subject: [PATCH 5/9] Enable renovate --- renovate.json | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 renovate.json diff --git a/renovate.json b/renovate.json new file mode 100644 index 0000000..6932b78 --- /dev/null +++ b/renovate.json @@ -0,0 +1,8 @@ + +{ + "extends": [":automergeMinor", ":automergePr", ":automergeRequireAllStatusChecks", ":dependencyDashboard", ":disableRateLimiting", ":rebaseStalePrs"], + "baseBranches": ["develop"], + "major": { + "dependencyDashboardApproval": true + } +} \ No newline at end of file From 90b290a259ee6c05164eb187b4bd11dd3d1e1f80 Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Mon, 6 May 2024 11:51:16 +0000 Subject: [PATCH 6/9] Update goreleaser builds syntax --- goreleaser-gitea.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/goreleaser-gitea.yaml b/goreleaser-gitea.yaml index aa84bdd..9547d70 100644 --- a/goreleaser-gitea.yaml +++ b/goreleaser-gitea.yaml @@ -1,6 +1,6 @@ dist: dist-gitea -build: +builds: skip: true archives: From 40fc5bdd303370e25d84ce9cf6421ce176d9ad1e Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Mon, 6 May 2024 11:58:29 +0000 Subject: [PATCH 7/9] Test PRs on both develop and main --- .gitea/workflows/test-pr.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitea/workflows/test-pr.yaml b/.gitea/workflows/test-pr.yaml index 93b5cfa..61cd271 100644 --- a/.gitea/workflows/test-pr.yaml +++ b/.gitea/workflows/test-pr.yaml @@ -2,7 +2,7 @@ name: Test Pull Request on: pull_request: branches: - - 'develop' + - ['develop', 'main'] env: FULL_TAG: git.mrmeeb.stream/mrmeeb/pywebfinger:develop From 312505e1391d7006aea033df35cddc1cbcd172fa Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Mon, 6 May 2024 11:58:36 +0000 Subject: [PATCH 8/9] Run renovate on main --- renovate.json | 1 - 1 file changed, 1 deletion(-) diff --git a/renovate.json b/renovate.json index 6932b78..7ace4a5 100644 --- a/renovate.json +++ b/renovate.json @@ -1,7 +1,6 @@ { "extends": [":automergeMinor", ":automergePr", ":automergeRequireAllStatusChecks", ":dependencyDashboard", ":disableRateLimiting", ":rebaseStalePrs"], - "baseBranches": ["develop"], "major": { "dependencyDashboardApproval": true } From c6f4d6a82e01725f5669086fe3e965908a691eaa Mon Sep 17 00:00:00 2001 From: MrMeeb Date: Mon, 6 May 2024 12:04:33 +0000 Subject: [PATCH 9/9] Correct syntax for testing PRs on main --- .gitea/workflows/test-pr.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitea/workflows/test-pr.yaml b/.gitea/workflows/test-pr.yaml index 61cd271..9f026c1 100644 --- a/.gitea/workflows/test-pr.yaml +++ b/.gitea/workflows/test-pr.yaml @@ -2,7 +2,8 @@ name: Test Pull Request on: pull_request: branches: - - ['develop', 'main'] + - 'main' + - 'develop' env: FULL_TAG: git.mrmeeb.stream/mrmeeb/pywebfinger:develop