Merge pull request #4 from MythicAgents/dev #34
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Pulled from Thanatos (https://github.com/MythicAgents/thanatos/blob/rewrite/.github/workflows/image.yml) - MEhrn00 | |
# Name for the Github actions workflow | |
name: Build and push container images | |
on: | |
# Only run workflow when there is a new release published in Github | |
#release: | |
# types: [published] | |
push: | |
branches: | |
- 'main' | |
tags: | |
- "v*.*.*" | |
# Variables holding configuration settings | |
env: | |
# Container registry the built container image will be pushed to | |
REGISTRY: ghcr.io | |
# Description label for the package in Github | |
IMAGE_DESCRIPTION: ${{ github.repository }} container for use with Mythic | |
# Source URL for the package in Github. This links the Github repository packages list | |
# to this container image | |
IMAGE_SOURCE: ${{ github.server_url }}/${{ github.repository }} | |
# License for the container image | |
IMAGE_LICENSE: BSD-3-Clause | |
# Set the container image version to the Github release tag | |
VERSION: ${{ github.ref_name }} | |
#VERSION: ${{ github.event.head_commit.message }} | |
RELEASE_BRANCH: main | |
jobs: | |
# Builds the base container image and pushes it to the container registry | |
agent_build_amd: | |
runs-on: ubuntu-latest | |
permissions: | |
contents: write | |
packages: write | |
steps: | |
- name: Checkout the repository | |
uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout | |
- name: Log in to the container registry | |
uses: docker/login-action@v3 # ref: https://github.com/marketplace/actions/docker-login | |
with: | |
registry: ${{ env.REGISTRY }} | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
- name: Set up QEMU | |
uses: docker/setup-qemu-action@v2 | |
with: | |
platforms: 'arm64,arm' | |
- name: Set up Docker Buildx | |
id: buildx | |
uses: docker/setup-buildx-action@v2 | |
- name: Build and push the server container image (api) | |
uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images | |
with: | |
context: Payload_Type/sliverapi | |
file: Payload_Type/sliverapi/Dockerfile | |
tags: | | |
${{ env.REGISTRY }}/mythicagents/sliver:sliverapi.${{ env.VERSION }} | |
push: ${{ github.ref_type == 'tag' }} | |
# These container metadata labels allow configuring the package in Github | |
# packages. The source will link the package to this Github repository | |
labels: | | |
org.opencontainers.image.source=${{ env.IMAGE_SOURCE }} | |
org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }} | |
org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }} | |
platforms: linux/amd64,linux/arm64 | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
- name: Build and push the server container image (implant) | |
uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images | |
with: | |
context: Payload_Type/sliverimplant | |
file: Payload_Type/sliverimplant/Dockerfile | |
tags: | | |
${{ env.REGISTRY }}/mythicagents/sliver:sliverimplant.${{ env.VERSION }} | |
push: ${{ github.ref_type == 'tag' }} | |
# These container metadata labels allow configuring the package in Github | |
# packages. The source will link the package to this Github repository | |
labels: | | |
org.opencontainers.image.source=${{ env.IMAGE_SOURCE }} | |
org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }} | |
org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }} | |
platforms: linux/amd64,linux/arm64 | |
cache-from: type=gha | |
cache-to: type=gha,mode=max | |
update_files: | |
runs-on: ubuntu-latest | |
needs: | |
- agent_build_amd | |
permissions: | |
contents: write | |
packages: write | |
steps: | |
# Pull in the repository code | |
- name: Checkout the repository | |
uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout | |
- name: Update config.json version for sliverapi | |
uses: jossef/[email protected] | |
with: | |
file: config.json | |
field: remote_images.sliverapi | |
value: ${{env.REGISTRY}}/mythicagents/sliver:sliverapi.${{ env.VERSION }} | |
- name: Update config.json version for sliverimplant | |
uses: jossef/[email protected] | |
with: | |
file: config.json | |
field: remote_images.sliverimplant | |
value: ${{env.REGISTRY}}/mythicagents/sliver:sliverimplant.${{ env.VERSION }} | |
# Push the changes to the Dockerfile | |
- name: Push the updated base Dockerfile image reference changes | |
if: ${{ github.ref_type == 'tag' }} | |
uses: EndBug/add-and-commit@v9 # ref: https://github.com/marketplace/actions/add-commit | |
with: | |
# Only add the Dockerfile changes. Nothing else should have been modified | |
add: "['config.json']" | |
# Use the Github actions bot for the commit author | |
default_author: github_actions | |
committer_email: github-actions[bot]@users.noreply.github.com | |
# Set the commit message | |
message: "Bump Dockerfile tag to match release '${{ env.VERSION }}'" | |
# Overwrite the current git tag with the new changes | |
tag: '${{ env.VERSION }} --force' | |
# Push the new changes with the tag overwriting the current one | |
tag_push: '--force' | |
# Push the commits to the branch marked as the release branch | |
push: origin HEAD:${{ env.RELEASE_BRANCH }} --set-upstream | |
# Have the workflow fail in case there are pathspec issues | |
pathspec_error_handling: exitImmediately | |
# agent_build_arm: | |
# runs-on: ubuntu-latest | |
# permissions: | |
# contents: write | |
# packages: write | |
# steps: | |
# - name: Checkout the repository | |
# uses: actions/checkout@v4 # ref: https://github.com/marketplace/actions/checkout | |
# - name: Log in to the container registry | |
# uses: docker/login-action@v3 # ref: https://github.com/marketplace/actions/docker-login | |
# with: | |
# registry: ${{ env.REGISTRY }} | |
# username: ${{ github.actor }} | |
# password: ${{ secrets.GITHUB_TOKEN }} | |
# - name: Set up QEMU | |
# uses: docker/setup-qemu-action@v2 | |
# with: | |
# platforms: 'arm64,arm' | |
# - name: Set up Docker Buildx | |
# id: buildx | |
# uses: docker/setup-buildx-action@v2 | |
# - name: Build and push the server container image (api) | |
# uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images | |
# with: | |
# context: Payload_Type/sliverapi | |
# file: Payload_Type/sliverapi/Dockerfile | |
# tags: | | |
# ${{ env.REGISTRY }}/mythicagents/sliver:sliverapi.${{ env.VERSION }} | |
# push: ${{ github.ref_type == 'tag' }} | |
# # These container metadata labels allow configuring the package in Github | |
# # packages. The source will link the package to this Github repository | |
# labels: | | |
# org.opencontainers.image.source=${{ env.IMAGE_SOURCE }} | |
# org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }} | |
# org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }} | |
# platforms: linux/arm64 | |
# - name: Build and push the server container image (implant) | |
# uses: docker/build-push-action@v5 # ref: https://github.com/marketplace/actions/build-and-push-docker-images | |
# with: | |
# context: Payload_Type/sliverimplant | |
# file: Payload_Type/sliverimplant/Dockerfile | |
# tags: | | |
# ${{ env.REGISTRY }}/mythicagents/sliver:sliverimplant.${{ env.VERSION }} | |
# push: ${{ github.ref_type == 'tag' }} | |
# # These container metadata labels allow configuring the package in Github | |
# # packages. The source will link the package to this Github repository | |
# labels: | | |
# org.opencontainers.image.source=${{ env.IMAGE_SOURCE }} | |
# org.opencontainers.image.description=${{ env.IMAGE_DESCRIPTION }} | |
# org.opencontainers.image.licenses=${{ env.IMAGE_LICENSE }} | |
# platforms: linux/arm64 |