delfer · F13 · Jun 7, 2024
diff --git a/.github/workflows/docker-publish-image.yml b/.github/workflows/docker-publish-image.yml
@@ -2,85 +2,38 @@ name: Docker hub auto publish image
 
 on:
   push:
-    branches:
-      - master
-    paths:
-      # Run when file is edited
-      - Dockerfile
-      - start_vsftpd.sh
-      - vsftpd.conf
-
-  # Run tests for any PRs.
-  pull_request:
+    branches: ['master']
 
 env:
-  # Image name at docker hub
-  IMAGE_NAME: delfer/alpine-ftp-server
+  REGISTRY: ghcr.io
+  IMAGE_NAME: ${{ github.repository }}
 
 jobs:
-  # Run tests.
-  # See also https://docs.docker.com/docker-hub/builds/automated-testing/
-  test:
+  build-and-push-image:
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
 
     steps:
-      - name: Checkout 
-        uses: actions/checkout@v2
-
-      - name: Run tests
-        run: |
-          if [ -f docker-compose.test.yml ]; then
-            docker-compose --file docker-compose.test.yml build
-            docker-compose --file docker-compose.test.yml run sut
-          else
-            docker build . --file Dockerfile
-          fi
-
-  push:
-    # Ensure test job passes before pushing image.
-    needs: test
+      - name: Checkout repository
+        uses: actions/checkout@v3
 
-    runs-on: ubuntu-latest
-    if: github.event_name == 'push'
-
-    steps:
-      - name: Checkout 
-        uses: actions/checkout@v2
-
-      - name: Set up QEMU
-        uses: docker/setup-qemu-action@v1
+      - name: Log in to the Container registry
+        uses: docker/login-action@f054a8b539a109f9f41c372932f1ae047eff08c9
+        with:
+          registry: ${{ env.REGISTRY }}
+          username: ${{ github.actor }}
+          password: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v1
-
-      - name: Login to Docker Hub
-        uses: docker/login-action@v1
+      - id: string
+        uses: ASzc/change-string-case-action@v2
         with:
-          # Genrate secret from here https://hub.docker.com/settings/security
-          username: ${{ secrets.DOCKER_HUB_USERNAME }}
-          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+          string: ${{ env.IMAGE_NAME }}
 
-      - name: Add Label Schema to Dockerfile
-        run: |
-          # Label Schema based on http://label-schema.org/rc1/
-          TIME_ISO=$(date -u +"%Y-%m-%dT%H:%M:%SZ")
-          echo "LABEL org.label-schema.build-date=$TIME_ISO" >> Dockerfile
-          echo "LABEL org.label-schema.name=vsftpd" >> Dockerfile
-          echo "LABEL org.label-schema.url=https://security.appspot.com/vsftpd.html" >> Dockerfile
-          echo "LABEL org.label-schema.vcs-url=https://github.com/delfer/docker-alpine-ftp-server" >> Dockerfile
-          GIT_HASH=$(git rev-parse --short "$GITHUB_SHA")
-          echo "LABEL org.label-schema.vcs-ref=$GIT_HASH" >> Dockerfile
-          echo "LABEL org.label-schema.schema-version=1.0.0-rc.1" >> Dockerfile
-          echo "LABEL org.label-schema.docker.cmd=\"docker run -d -p 21:21 -e USERS=\"username|password\" delfer/alpine-ftp-server\"" >> Dockerfile
-          # Show edited Dockerfile content
-          cat Dockerfile
-
-      - name: Build and push latest
-        uses: docker/build-push-action@v2
+      - name: Build and push Docker image
+        uses: docker/build-push-action@ad44023a93711e3deb337508980b4b5e9bcdc5dc
         with:
           context: .
-          file: ./Dockerfile
-          platforms: linux/amd64,linux/arm/v6,linux/arm/v7,linux/arm64
           push: true
-          tags: |
-            ${{ env.IMAGE_NAME }}:latest
+          tags: ${{ env.REGISTRY }}/${{ steps.string.outputs.lowercase }}:latest
diff --git a/start_vsftpd.sh b/start_vsftpd.sh
@@ -1,5 +1,29 @@
 #!/bin/sh
 
+# usage: file_env VAR [DEFAULT]
+#    ie: file_env 'XYZ_DB_PASSWORD' 'example'
+# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of
+#  "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature)
+file_env() {
+	local var="$1"
+	local fileVar="${var}_FILE"
+	local def="${2:-}"
+	local varValue=$(env | grep -E "^${var}=" | sed -E -e "s/^${var}=//")
+	local fileVarValue=$(env | grep -E "^${fileVar}=" | sed -E -e "s/^${fileVar}=//")
+	if [ -n "${varValue}" ] && [ -n "${fileVarValue}" ]; then
+		echo >&2 "error: both $var and $fileVar are set (but are exclusive)"
+		exit 1
+	fi
+	if [ -n "${varValue}" ]; then
+		export "$var"="${varValue}"
+	elif [ -n "${fileVarValue}" ]; then
+		export "$var"="$(cat "${fileVarValue}")"
+	elif [ -n "${def}" ]; then
+		export "$var"="$def"
+	fi
+	unset "$fileVar"
+}
+
 #Remove all ftp users
 grep '/ftp/' /etc/passwd | cut -d':' -f1 | xargs -r -n1 deluser
 
@@ -16,9 +40,7 @@ grep '/ftp/' /etc/passwd | cut -d':' -f1 | xargs -r -n1 deluser
 
 #Default user 'ftp' with password 'alpineftp'
 
-if [ -z "$USERS" ]; then
-  USERS="alpineftp|alpineftp"
-fi
+file_env 'USERS' 'alpineftp|alpineftp'
 
 for i in $USERS ; do
   NAME=$(echo $i | cut -d'|' -f1)