mirror of
https://github.com/Aryma-f4/Ares-mythic.git
synced 2026-06-13 19:54:11 +00:00
9f0471b682
Update README image source from 'apollo' to 'ares' to reflect correct branding. Add linux/arm64/v8 to Docker build platforms for broader ARM architecture support.
140 lines
5.3 KiB
YAML
140 lines
5.3 KiB
YAML
# Pulled from Thanatos (https://github.com/MythicAgents/thanatos/blob/rewrite/.github/workflows/image.yml) - MEhrn00
|
|
|
|
# Name for the Github actions workflow
|
|
name: Build and push container images
|
|
|
|
on:
|
|
# Only run workflow when there is a new release published in Github
|
|
#release:
|
|
# types: [published]
|
|
push:
|
|
branches:
|
|
- 'master'
|
|
- 'Mythic3.3'
|
|
tags:
|
|
- "v*.*.*"
|
|
|
|
# Variables holding configuration settings
|
|
env:
|
|
# Container registry the built container image will be pushed to
|
|
REGISTRY: ghcr.io
|
|
|
|
# Set the container image name to the Github repository name. (MythicAgents/apollo)
|
|
AGENT_IMAGE_NAME: ${{ github.repository }}
|
|
|
|
# Description label for the package in Github
|
|
IMAGE_DESCRIPTION: ${{ github.repository }} container for use with Mythic
|
|
|
|
# Source URL for the package in Github. This links the Github repository packages list
|
|
# to this container image
|
|
IMAGE_SOURCE: ${{ github.server_url }}/${{ github.repository }}
|
|
|
|
# License for the container image
|
|
IMAGE_LICENSE: BSD-3-Clause
|
|
|
|
# Set the container image version to the Github release tag
|
|
VERSION: ${{ github.ref_name }}
|
|
#VERSION: ${{ github.event.head_commit.message }}
|
|
|
|
RELEASE_BRANCH: master
|
|
|
|
jobs:
|
|
# Builds the base container image and pushes it to the container registry
|
|
agent_build:
|
|
runs-on: ubuntu-latest
|
|
permissions:
|
|
contents: write
|
|
packages: write
|
|
steps:
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout
|
|
- name: Log in to the container registry
|
|
uses: docker/login-action@v3 # ref: https://github.com/marketplace/actions/docker-login
|
|
with:
|
|
registry: ${{ env.REGISTRY }}
|
|
username: ${{ github.actor }}
|
|
password: ${{ secrets.GHCR_TOKEN }}
|
|
- name: Set up QEMU
|
|
uses: docker/setup-qemu-action@v2
|
|
with:
|
|
platforms: 'arm64,arm'
|
|
- name: Set up Docker Buildx
|
|
id: buildx
|
|
uses: docker/setup-buildx-action@v2
|
|
# the following are unique to this job
|
|
- name: Lowercase the server container image name
|
|
run: echo "AGENT_IMAGE_NAME=${AGENT_IMAGE_NAME,,}" >> ${GITHUB_ENV}
|
|
- name: Build and push the server container image
|
|
uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images
|
|
with:
|
|
context: Payload_Type/ares
|
|
file: Payload_Type/ares/Dockerfile
|
|
tags: |
|
|
${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}:${{ env.VERSION }}
|
|
${{ env.REGISTRY }}/${{ env.AGENT_IMAGE_NAME }}:latest
|
|
push: ${{ github.ref_type == 'tag' }}
|
|
# These container metadata labels allow configuring the package in Github
|
|
# packages. The source will link the package to this Github repository
|
|
labels: |
|
|
org.opencontainers.image.source=${{ env.IMAGE_SOURCE }}
|
|
org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }}
|
|
org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }}
|
|
platforms: linux/amd64,linux/arm64,linux/arm64/v8
|
|
|
|
update_files:
|
|
runs-on: ubuntu-latest
|
|
needs:
|
|
- agent_build
|
|
permissions:
|
|
contents: write
|
|
packages: write
|
|
|
|
steps:
|
|
# Pull in the repository code
|
|
- name: Checkout the repository
|
|
uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout
|
|
|
|
# update names to lowercase
|
|
- name: Lowercase the container image name
|
|
run: echo "AGENT_IMAGE_NAME=${AGENT_IMAGE_NAME,,}" >> ${GITHUB_ENV}
|
|
|
|
# The Dockerfile which Mythic uses to pull in the base container image needs to be
|
|
# updated to reference the newly built container image
|
|
- name: Fix the server Dockerfile reference to reference the new release tag
|
|
working-directory: Payload_Type/apollo
|
|
run: |
|
|
sed -i "s|^FROM ghcr\.io.*$|FROM ${REGISTRY}/${AGENT_IMAGE_NAME}:${VERSION}|" Dockerfile
|
|
|
|
- name: Update package.json version
|
|
uses: jossef/action-set-json-field@v2.1
|
|
with:
|
|
file: config.json
|
|
field: remote_images.apollo
|
|
value: ${{env.REGISTRY}}/${{env.AGENT_IMAGE_NAME}}:${{env.VERSION}}
|
|
|
|
# Push the changes to the Dockerfile
|
|
- name: Push the updated base Dockerfile image reference changes
|
|
if: ${{ github.ref_type == 'tag' }}
|
|
uses: EndBug/add-and-commit@v9 # ref: https://github.com/marketplace/actions/add-commit
|
|
with:
|
|
# Only add the Dockerfile changes. Nothing else should have been modified
|
|
add: "['Payload_Type/apollo/Dockerfile', 'config.json']"
|
|
# Use the Github actions bot for the commit author
|
|
default_author: github_actions
|
|
committer_email: github-actions[bot]@users.noreply.github.com
|
|
|
|
# Set the commit message
|
|
message: "Bump Dockerfile tag to match release '${{ env.VERSION }}'"
|
|
|
|
# Overwrite the current git tag with the new changes
|
|
tag: '${{ env.VERSION }} --force'
|
|
|
|
# Push the new changes with the tag overwriting the current one
|
|
tag_push: '--force'
|
|
|
|
# Push the commits to the branch marked as the release branch
|
|
push: origin HEAD:${{ env.RELEASE_BRANCH }} --set-upstream
|
|
|
|
# Have the workflow fail in case there are pathspec issues
|
|
pathspec_error_handling: exitImmediately
|