Switch master branch to alpine

.github/workflows/call_issue_pr_tracker.yml

@@ -2,9 +2,11 @@ name: Issue & PR Tracker
 
 on:
   issues:
-    types: [opened,reopened,labeled,unlabeled]
+    types: [opened,reopened,labeled,unlabeled,closed]
   pull_request_target:
-    types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled]
+    types: [opened,reopened,review_requested,review_request_removed,labeled,unlabeled,closed]
+  pull_request_review:
+    types: [submitted,edited,dismissed]
 
 jobs:
   manage-project:

.github/workflows/external_trigger.yml

@@ -14,9 +14,11 @@ jobs:
         run: |
           if [ -n "${{ secrets.PAUSE_EXTERNAL_TRIGGER_WIREGUARD_MASTER }}" ]; then
             echo "**** Github secret PAUSE_EXTERNAL_TRIGGER_WIREGUARD_MASTER is set; skipping trigger. ****"
+            echo "Github secret \`PAUSE_EXTERNAL_TRIGGER_WIREGUARD_MASTER\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
             exit 0
           fi
           echo "**** External trigger running off of master branch. To disable this trigger, set a Github secret named \"PAUSE_EXTERNAL_TRIGGER_WIREGUARD_MASTER\". ****"
+          echo "External trigger running off of master branch. To disable this trigger, set a Github secret named \`PAUSE_EXTERNAL_TRIGGER_WIREGUARD_MASTER\`" >> $GITHUB_STEP_SUMMARY
           echo "**** Retrieving external version ****"
           EXT_RELEASE=$(curl -u ${{ secrets.CR_USER }}:${{ secrets.CR_PAT }} -sX GET https://api.github.com/repos/WireGuard/wireguard-tools/tags | jq -r .[0].name)
           if [ -z "${EXT_RELEASE}" ] || [ "${EXT_RELEASE}" == "null" ]; then
@@ -30,6 +32,7 @@ jobs:
           fi
           EXT_RELEASE=$(echo ${EXT_RELEASE} | sed 's/[~,%@+;:/]//g')
           echo "**** External version: ${EXT_RELEASE} ****"
+          echo "External version: ${EXT_RELEASE}" >> $GITHUB_STEP_SUMMARY
           echo "**** Retrieving last pushed version ****"
           image="linuxserver/wireguard"
           tag="latest"
@@ -65,14 +68,18 @@ jobs:
             exit 1
           fi
           echo "**** Last pushed version: ${IMAGE_VERSION} ****"
+          echo "Last pushed version: ${IMAGE_VERSION}" >> $GITHUB_STEP_SUMMARY
           if [ "${EXT_RELEASE}" == "${IMAGE_VERSION}" ]; then
             echo "**** Version ${EXT_RELEASE} already pushed, exiting ****"
+            echo "Version ${EXT_RELEASE} already pushed, exiting" >> $GITHUB_STEP_SUMMARY
             exit 0
           elif [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
             echo "**** New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting ****"
+            echo "New version ${EXT_RELEASE} found; but there already seems to be an active build on Jenkins; exiting" >> $GITHUB_STEP_SUMMARY
             exit 0
           else
             echo "**** New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build ****"
+            echo "New version ${EXT_RELEASE} found; old version was ${IMAGE_VERSION}. Triggering new build" >> $GITHUB_STEP_SUMMARY
             response=$(curl -iX POST \
               https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/master/buildWithParameters?PACKAGE_CHECK=false \
               --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
@@ -82,6 +89,7 @@ jobs:
             buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
             buildurl="${buildurl%$'\r'}"
             echo "**** Jenkins job build url: ${buildurl} ****"
+            echo "Jenkins job build url: ${buildurl}" >> $GITHUB_STEP_SUMMARY
             echo "**** Attempting to change the Jenkins job description ****"
             curl -iX POST \
               "${buildurl}submitDescription" \

.github/workflows/external_trigger_scheduler.yml

@@ -2,7 +2,7 @@ name: External Trigger Scheduler
 
 on:
   schedule:
-    - cron:  '25 * * * *'
+    - cron:  '51 * * * *'
   workflow_dispatch:
 
 jobs:
@@ -17,27 +17,29 @@ jobs:
         run: |
           echo "**** Branches found: ****"
           git for-each-ref --format='%(refname:short)' refs/remotes
-          echo "**** Pulling the yq docker image ****"
-          docker pull ghcr.io/linuxserver/yq
           for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
           do
             br=$(echo "$br" | sed 's|origin/||g')
             echo "**** Evaluating branch ${br} ****"
-            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/jenkins-vars.yml \
-              | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
-            if [ "$br" == "$ls_branch" ]; then
-              echo "**** Branch ${br} appears to be live; checking workflow. ****"
+            ls_jenkins_vars=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/jenkins-vars.yml)
+            ls_branch=$(echo "${ls_jenkins_vars}" | yq -r '.ls_branch')
+            ls_trigger=$(echo "${ls_jenkins_vars}" | yq -r '.external_type')
+            if [[ "${br}" == "${ls_branch}" ]] && [[ "${ls_trigger}" != "os" ]]; then
+              echo "**** Branch ${br} appears to be live and trigger is not os; checking workflow. ****"
               if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/.github/workflows/external_trigger.yml > /dev/null 2>&1; then
                 echo "**** Workflow exists. Triggering external trigger workflow for branch ${br} ****."
+                echo "Triggering external trigger workflow for branch ${br}" >> $GITHUB_STEP_SUMMARY
                 curl -iX POST \
                   -H "Authorization: token ${{ secrets.CR_PAT }}" \
                   -H "Accept: application/vnd.github.v3+json" \
                   -d "{\"ref\":\"refs/heads/${br}\"}" \
                   https://api.github.com/repos/linuxserver/docker-wireguard/actions/workflows/external_trigger.yml/dispatches
               else
                 echo "**** Workflow doesn't exist; skipping trigger. ****"
+                echo "Skipping branch ${br} due to no external trigger workflow present." >> $GITHUB_STEP_SUMMARY
               fi
             else
-              echo "**** ${br} appears to be a dev branch; skipping trigger. ****"
+              echo "**** ${br} is either a dev branch, or has no external version; skipping trigger. ****"
+              echo "Skipping branch ${br} due to being detected as dev branch or having no external version." >> $GITHUB_STEP_SUMMARY
             fi
           done

.github/workflows/package_trigger.yml

@@ -14,13 +14,16 @@ jobs:
         run: |
           if [ -n "${{ secrets.PAUSE_PACKAGE_TRIGGER_WIREGUARD_MASTER }}" ]; then
             echo "**** Github secret PAUSE_PACKAGE_TRIGGER_WIREGUARD_MASTER is set; skipping trigger. ****"
+            echo "Github secret \`PAUSE_PACKAGE_TRIGGER_WIREGUARD_MASTER\` is set; skipping trigger." >> $GITHUB_STEP_SUMMARY
             exit 0
           fi
           if [ $(curl -s https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/master/lastBuild/api/json | jq -r '.building') == "true" ]; then
             echo "**** There already seems to be an active build on Jenkins; skipping package trigger ****"
+            echo "There already seems to be an active build on Jenkins; skipping package trigger" >> $GITHUB_STEP_SUMMARY
             exit 0
           fi
           echo "**** Package trigger running off of master branch. To disable, set a Github secret named \"PAUSE_PACKAGE_TRIGGER_WIREGUARD_MASTER\". ****"
+          echo "Package trigger running off of master branch. To disable, set a Github secret named \`PAUSE_PACKAGE_TRIGGER_WIREGUARD_MASTER\`" >> $GITHUB_STEP_SUMMARY
           response=$(curl -iX POST \
             https://ci.linuxserver.io/job/Docker-Pipeline-Builders/job/docker-wireguard/job/master/buildWithParameters?PACKAGE_CHECK=true \
             --user ${{ secrets.JENKINS_USER }}:${{ secrets.JENKINS_TOKEN }} | grep -i location | sed "s|^[L|l]ocation: \(.*\)|\1|")
@@ -30,6 +33,7 @@ jobs:
           buildurl=$(curl -s "${response%$'\r'}api/json" | jq -r '.executable.url')
           buildurl="${buildurl%$'\r'}"
           echo "**** Jenkins job build url: ${buildurl} ****"
+          echo "Jenkins job build url: ${buildurl}" >> $GITHUB_STEP_SUMMARY
           echo "**** Attempting to change the Jenkins job description ****"
           curl -iX POST \
             "${buildurl}submitDescription" \

.github/workflows/package_trigger_scheduler.yml

@@ -17,18 +17,16 @@ jobs:
         run: |
           echo "**** Branches found: ****"
           git for-each-ref --format='%(refname:short)' refs/remotes
-          echo "**** Pulling the yq docker image ****"
-          docker pull ghcr.io/linuxserver/yq
           for br in $(git for-each-ref --format='%(refname:short)' refs/remotes)
           do
             br=$(echo "$br" | sed 's|origin/||g')
             echo "**** Evaluating branch ${br} ****"
-            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/jenkins-vars.yml \
-              | docker run --rm -i --entrypoint yq ghcr.io/linuxserver/yq -r .ls_branch)
+            ls_branch=$(curl -sX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/jenkins-vars.yml | yq -r '.ls_branch')
             if [ "${br}" == "${ls_branch}" ]; then
               echo "**** Branch ${br} appears to be live; checking workflow. ****"
               if curl -sfX GET https://raw.githubusercontent.com/linuxserver/docker-wireguard/${br}/.github/workflows/package_trigger.yml > /dev/null 2>&1; then
                 echo "**** Workflow exists. Triggering package trigger workflow for branch ${br}. ****"
+                echo "Triggering package trigger workflow for branch ${br}" >> $GITHUB_STEP_SUMMARY
                 triggered_branches="${triggered_branches}${br} "
                 curl -iX POST \
                   -H "Authorization: token ${{ secrets.CR_PAT }}" \
@@ -38,9 +36,11 @@ jobs:
                 sleep 30
               else
                 echo "**** Workflow doesn't exist; skipping trigger. ****"
+                echo "Skipping branch ${br} due to no package trigger workflow present." >> $GITHUB_STEP_SUMMARY
               fi
             else
               echo "**** ${br} appears to be a dev branch; skipping trigger. ****"
+              echo "Skipping branch ${br} due to being detected as dev branch." >> $GITHUB_STEP_SUMMARY
             fi
           done
           echo "**** Package check build(s) triggered for branch(es): ${triggered_branches} ****"

Dockerfile

@@ -1,64 +1,53 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-ubuntu:jammy
+FROM ghcr.io/linuxserver/baseimage-alpine:3.17
 
 # set version label
 ARG BUILD_DATE
 ARG VERSION
 ARG WIREGUARD_RELEASE
 LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
-LABEL maintainer="aptalca"
-
-ENV DEBIAN_FRONTEND="noninteractive"
+LABEL maintainer="thespad"
 
 RUN \
   echo "**** install dependencies ****" && \
-  apt-get update && \
-  apt-get install -y --no-install-recommends \
-    bc \
-    build-essential \
-    dkms \
+  apk add --no-cache --virtual=build-dependencies \
+    build-base \
+    elfutils-dev \
+    gcc \
     git \
+    linux-headers && \
+  apk add --no-cache \
+    bc \
+    coredns \
     gnupg \
-    ifupdown \
+    grep \
     iproute2 \
     iptables \
-    iputils-ping \
-    libc6 \
-    libelf-dev \
+    ip6tables \
+    iputils \
+    libcap-utils \
+    libqrencode \
     net-tools \
     openresolv \
-    perl \
-    pkg-config \
-    qrencode && \
-  update-alternatives --set iptables /usr/sbin/iptables-legacy && \
+    perl && \
+  echo "wireguard" >> /etc/modules && \
   echo "**** install wireguard-tools ****" && \
   if [ -z ${WIREGUARD_RELEASE+x} ]; then \
     WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
-      | jq -r .[0].name); \
+    | jq -r .[0].name); \
   fi && \
   cd /app && \
-  git clone https://git.zx2c4.com/wireguard-linux-compat && \
   git clone https://git.zx2c4.com/wireguard-tools && \
   cd wireguard-tools && \
   git checkout "${WIREGUARD_RELEASE}" && \
   sed -i 's|\[\[ $proto == -4 \]\] && cmd sysctl -q net\.ipv4\.conf\.all\.src_valid_mark=1|[[ $proto == -4 ]] \&\& [[ $(sysctl -n net.ipv4.conf.all.src_valid_mark) != 1 ]] \&\& cmd sysctl -q net.ipv4.conf.all.src_valid_mark=1|' src/wg-quick/linux.bash && \
   make -C src -j$(nproc) && \
   make -C src install && \
-  echo "**** install CoreDNS ****" && \
-  COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
-    | awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \
-  curl -o \
-    /tmp/coredns.tar.gz -L \
-    "https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_amd64.tgz" && \
-  tar xf \
-    /tmp/coredns.tar.gz -C \
-    /app && \
   echo "**** clean up ****" && \
+  apk del --no-network build-dependencies && \
   rm -rf \
-    /tmp/* \
-    /var/lib/apt/lists/* \
-    /var/tmp/*
+    /tmp/*
 
 # add local files
 COPY /root /

Dockerfile.aarch64

@@ -1,64 +1,53 @@
 # syntax=docker/dockerfile:1
 
-FROM ghcr.io/linuxserver/baseimage-ubuntu:arm64v8-jammy
+FROM ghcr.io/linuxserver/baseimage-alpine:arm64v8-3.17
 
 # set version label
 ARG BUILD_DATE
 ARG VERSION
 ARG WIREGUARD_RELEASE
 LABEL build_version="Linuxserver.io version:- ${VERSION} Build-date:- ${BUILD_DATE}"
-LABEL maintainer="aptalca"
-
-ENV DEBIAN_FRONTEND="noninteractive"
+LABEL maintainer="thespad"
 
 RUN \
   echo "**** install dependencies ****" && \
-  apt-get update && \
-  apt-get install -y --no-install-recommends \
-    bc \
-    build-essential \
-    dkms \
+  apk add --no-cache --virtual=build-dependencies \
+    build-base \
+    elfutils-dev \
+    gcc \
     git \
+    linux-headers && \
+  apk add --no-cache \
+    bc \
+    coredns \
     gnupg \
-    ifupdown \
+    grep \
     iproute2 \
     iptables \
-    iputils-ping \
-    libc6 \
-    libelf-dev \
+    ip6tables \
+    iputils \
+    libcap-utils \
+    libqrencode \
     net-tools \
     openresolv \
-    perl \
-    pkg-config \
-    qrencode && \
-  update-alternatives --set iptables /usr/sbin/iptables-legacy && \
+    perl && \
+  echo "wireguard" >> /etc/modules && \
   echo "**** install wireguard-tools ****" && \
   if [ -z ${WIREGUARD_RELEASE+x} ]; then \
     WIREGUARD_RELEASE=$(curl -sX GET "https://api.github.com/repos/WireGuard/wireguard-tools/tags" \
-      | jq -r .[0].name); \
+    | jq -r .[0].name); \
   fi && \
   cd /app && \
-  git clone https://git.zx2c4.com/wireguard-linux-compat && \
   git clone https://git.zx2c4.com/wireguard-tools && \
   cd wireguard-tools && \
   git checkout "${WIREGUARD_RELEASE}" && \
   sed -i 's|\[\[ $proto == -4 \]\] && cmd sysctl -q net\.ipv4\.conf\.all\.src_valid_mark=1|[[ $proto == -4 ]] \&\& [[ $(sysctl -n net.ipv4.conf.all.src_valid_mark) != 1 ]] \&\& cmd sysctl -q net.ipv4.conf.all.src_valid_mark=1|' src/wg-quick/linux.bash && \
   make -C src -j$(nproc) && \
   make -C src install && \
-  echo "**** install CoreDNS ****" && \
-  COREDNS_VERSION=$(curl -sX GET "https://api.github.com/repos/coredns/coredns/releases/latest" \
-    | awk '/tag_name/{print $4;exit}' FS='[""]' | awk '{print substr($1,2); }') && \
-  curl -o \
-    /tmp/coredns.tar.gz -L \
-    "https://github.com/coredns/coredns/releases/download/v${COREDNS_VERSION}/coredns_${COREDNS_VERSION}_linux_arm64.tgz" && \
-  tar xf \
-    /tmp/coredns.tar.gz -C \
-    /app && \
   echo "**** clean up ****" && \
+  apk del --no-network build-dependencies && \
   rm -rf \
-    /tmp/* \
-    /var/lib/apt/lists/* \
-    /var/tmp/*
+    /tmp/*
 
 # add local files
 COPY /root /