Skip to content

Merge pull request #2 from MythicAgents/dev #32

Merge pull request #2 from MythicAgents/dev

Merge pull request #2 from MythicAgents/dev #32

Workflow file for this run

# Pulled from Thanatos (https://github.com/MythicAgents/thanatos/blob/rewrite/.github/workflows/image.yml) - MEhrn00
# Name for the Github actions workflow
name: Build and push container images
on:
# Only run workflow when there is a new release published in Github
#release:
# types: [published]
push:
branches:
- 'main'
tags:
- "v*.*.*"
# Variables holding configuration settings
env:
# Container registry the built container image will be pushed to
REGISTRY: ghcr.io
# Description label for the package in Github
IMAGE_DESCRIPTION: ${{ github.repository }} container for use with Mythic
# Source URL for the package in Github. This links the Github repository packages list
# to this container image
IMAGE_SOURCE: ${{ github.server_url }}/${{ github.repository }}
# License for the container image
IMAGE_LICENSE: BSD-3-Clause
# Set the container image version to the Github release tag
VERSION: ${{ github.ref_name }}
#VERSION: ${{ github.event.head_commit.message }}
RELEASE_BRANCH: main
jobs:
# Builds the base container image and pushes it to the container registry
agent_build_amd:
runs-on: ubuntu-latest
permissions:
contents: write
packages: write
steps:
- name: Checkout the repository
uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout
- name: Log in to the container registry
uses: docker/login-action@v3 # ref: https://github.com/marketplace/actions/docker-login
with:
registry: ${{ env.REGISTRY }}
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up QEMU
uses: docker/setup-qemu-action@v2
with:
platforms: 'arm64,arm'
- name: Set up Docker Buildx
id: buildx
uses: docker/setup-buildx-action@v2
- name: Build and push the server container image (api)
uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images
with:
context: Payload_Type/sliverapi
file: Payload_Type/sliverapi/Dockerfile
tags: |
${{ env.REGISTRY }}/mythicagents/sliver:sliverapi.${{ env.VERSION }}
push: ${{ github.ref_type == 'tag' }}
# These container metadata labels allow configuring the package in Github
# packages. The source will link the package to this Github repository
labels: |
org.opencontainers.image.source=${{ env.IMAGE_SOURCE }}
org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }}
org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }}
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
- name: Build and push the server container image (implant)
uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images
with:
context: Payload_Type/sliverimplant
file: Payload_Type/sliverimplant/Dockerfile
tags: |
${{ env.REGISTRY }}/mythicagents/sliver:sliverimplant.${{ env.VERSION }}
push: ${{ github.ref_type == 'tag' }}
# These container metadata labels allow configuring the package in Github
# packages. The source will link the package to this Github repository
labels: |
org.opencontainers.image.source=${{ env.IMAGE_SOURCE }}
org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }}
org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }}
platforms: linux/amd64,linux/arm64
cache-from: type=gha
cache-to: type=gha,mode=max
update_files:
runs-on: ubuntu-latest
needs:
- agent_build_amd
permissions:
contents: write
packages: write
steps:
# Pull in the repository code
- name: Checkout the repository
uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout
- name: Update config.json version for sliverapi
uses: jossef/[email protected]
with:
file: config.json
field: remote_images.sliverapi
value: ${{env.REGISTRY}}/mythicagents/sliver:sliverapi.${{ env.VERSION }}
- name: Update config.json version for sliverimplant
uses: jossef/[email protected]
with:
file: config.json
field: remote_images.sliverimplant
value: ${{env.REGISTRY}}/mythicagents/sliver:sliverimplant.${{ env.VERSION }}
# Push the changes to the Dockerfile
- name: Push the updated base Dockerfile image reference changes
if: ${{ github.ref_type == 'tag' }}
uses: EndBug/add-and-commit@v9 # ref: https://github.com/marketplace/actions/add-commit
with:
# Only add the Dockerfile changes. Nothing else should have been modified
add: "['config.json']"
# Use the Github actions bot for the commit author
default_author: github_actions
committer_email: github-actions[bot]@users.noreply.github.com
# Set the commit message
message: "Bump Dockerfile tag to match release '${{ env.VERSION }}'"
# Overwrite the current git tag with the new changes
tag: '${{ env.VERSION }} --force'
# Push the new changes with the tag overwriting the current one
tag_push: '--force'
# Push the commits to the branch marked as the release branch
push: origin HEAD:${{ env.RELEASE_BRANCH }} --set-upstream
# Have the workflow fail in case there are pathspec issues
pathspec_error_handling: exitImmediately
# agent_build_arm:
# runs-on: ubuntu-latest
# permissions:
# contents: write
# packages: write
# steps:
# - name: Checkout the repository
# uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout
# - name: Log in to the container registry
# uses: docker/login-action@v3 # ref: https://github.com/marketplace/actions/docker-login
# with:
# registry: ${{ env.REGISTRY }}
# username: ${{ github.actor }}
# password: ${{ secrets.GITHUB_TOKEN }}
# - name: Set up QEMU
# uses: docker/setup-qemu-action@v2
# with:
# platforms: 'arm64,arm'
# - name: Set up Docker Buildx
# id: buildx
# uses: docker/setup-buildx-action@v2
# - name: Build and push the server container image (api)
# uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images
# with:
# context: Payload_Type/sliverapi
# file: Payload_Type/sliverapi/Dockerfile
# tags: |
# ${{ env.REGISTRY }}/mythicagents/sliver:sliverapi.${{ env.VERSION }}
# push: ${{ github.ref_type == 'tag' }}
# # These container metadata labels allow configuring the package in Github
# # packages. The source will link the package to this Github repository
# labels: |
# org.opencontainers.image.source=${{ env.IMAGE_SOURCE }}
# org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }}
# org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }}
# platforms: linux/arm64
# - name: Build and push the server container image (implant)
# uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images
# with:
# context: Payload_Type/sliverimplant
# file: Payload_Type/sliverimplant/Dockerfile
# tags: |
# ${{ env.REGISTRY }}/mythicagents/sliver:sliverimplant.${{ env.VERSION }}
# push: ${{ github.ref_type == 'tag' }}
# # These container metadata labels allow configuring the package in Github
# # packages. The source will link the package to this Github repository
# labels: |
# org.opencontainers.image.source=${{ env.IMAGE_SOURCE }}
# org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }}
# org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }}
# platforms: linux/arm64