Merge pull request #1950 from pi-hole/development-v6

Development v6

.devcontainer/devcontainer.json

@@ -1,10 +1,22 @@
 {
-  "name": "FTL x86_64 Build Env",  
-  "image": "ghcr.io/pi-hole/ftl-build:x86_64", 
-  "extensions": [
-    "jetmartin.bats",
-    "ms-vscode.cpptools",
-    "ms-vscode.cmake-tools",
-    "eamodio.gitlens"
-  ],  
-}
+  "name": "FTL x86_64 Build Env",
+  "image": "ghcr.io/pi-hole/ftl-build:nightly",
+  "runArgs": [ "--cap-add=SYS_PTRACE", "--security-opt", "seccomp=unconfined" ],
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "jetmartin.bats",
+        "ms-vscode.cpptools",
+        "ms-vscode.cmake-tools",
+        "eamodio.gitlens",
+        "github.copilot",
+        "ms-python.python"
+      ]
+    }
+  },
+  "mounts": [
+    "type=bind,source=/home/${localEnv:USER}/.ssh,target=/root/.ssh,readonly",
+    "type=bind,source=/var/www/html,target=/var/www/html,readonly"
+  ]
+
+}

.github/.codespellignore

@@ -2,5 +2,14 @@ ssudo
 tre
 ede
 nd
+doubleclick
 requestor
-requestors
+requestors
+punycode
+bitap
+mmapped
+dnsmasq
+iif
+prefered
+padd
+rabit

.github/.codespellignore_lines

@@ -0,0 +1,3 @@
+			self.errors.append("Exception when GETing from FTL: " + str(e))
+//    sitten -> sittin (substitution of "i" for "e"),
+//    sittin -> sitting (insertion of "g" at the end).

.github/Dockerfile

@@ -0,0 +1,30 @@
+FROM ghcr.io/pi-hole/ftl-build:v2.7 AS builder
+
+WORKDIR /app
+
+COPY . /app
+
+ARG CI_ARCH="linux/amd64"
+ENV CI_ARCH=${CI_ARCH}
+ARG GIT_BRANCH="test"
+ENV GIT_BRANCH=${GIT_BRANCH}
+ARG GIT_TAG="test"
+ENV GIT_TAG=${GIT_TAG}
+ARG BUILD_OPTS=""
+ENV BUILD_OPTS=${BUILD_OPTS}
+
+# Build FTL
+# Remove possible old build files
+RUN rm -rf cmake && \
+# Build and test FTL
+    bash build.sh "-DSTATIC=${STATIC}" test ${BUILD_OPTS} && \
+# Move FTL binary to root directory
+    cd / &&\
+    mv /app/pihole-FTL . && \
+# Create tarball of API docs
+    tar -C /app/src/api/docs/content/ -czvf /api-docs.tar.gz .
+
+# Create final image containing only the FTL binary and API docs
+FROM scratch AS result
+COPY --from=builder /pihole-FTL /pihole-FTL
+COPY --from=builder /api-docs.tar.gz /api-docs.tar.gz

.github/actions/build-and-test/action.yml

@@ -0,0 +1,142 @@
+name: Build and test
+description: Builds and tests FTL on all supported platforms
+
+inputs:
+  platform:
+    required: true
+    description: The platform to build for
+  build_opts:
+    required: true
+    description: Any extra build opts to use
+  git_branch:
+    required: true
+    description: The branch to build from
+  git_tag:
+    required: true
+    description: The tag to build from (if any)
+  bin_name:
+    required: true
+    description: The name of the binary to build
+  artifact_name:
+    required: true
+    description: The name of the artifact to upload
+  event_name:
+    required: true
+    description: The name of the event that triggered the workflow run
+  actor:
+    required: true
+    description: The name of the user or app that initiated the workflow run
+  target_dir:
+    required: true
+    description: The directory to deploy the artifacts to
+  # Secrets cannot be accessed in the action.yml file so we need to pass them as
+  # inputs to the action.
+  SSH_KEY:
+    required: true
+    description: The SSH private key to use for authentication
+  KNOWN_HOSTS:
+    required: true
+    description: The SSH known hosts file
+  SSH_USER:
+    required: true
+    description: The SSH user to use for authentication
+  SSH_HOST:
+    required: true
+    description: The SSH host to connect to
+
+# Both the definition of environment variables and checking out the code
+# needs to be done outside of the composite action as
+# - environment variables cannot be defined using inputs
+# - the checkout action needs to be the first step in the workflow, otherwise we
+#   cannot use the composite action as the corresponding "action.yml" isn't
+#   there yet
+runs:
+  using: "composite"
+  steps:
+    -
+      name: Set up Docker Buildx
+      uses: docker/[email protected]
+    -
+      name: Print directory contents
+      shell: bash
+      run: ls -l
+    -
+      name: Build and test FTL in ftl-build container (QEMU)
+      uses: Wandalen/[email protected]
+      with:
+        attempt_limit: 3
+        action: docker/[email protected]
+        with: |
+          platforms: ${{ inputs.platform }}
+          pull: true
+          push: false
+          context: .
+          target: result
+          file: .github/Dockerfile
+          outputs: |
+            type=tar,dest=build.tar
+          build-args: |
+            "CI_ARCH=${{ inputs.platform }}"
+            "GIT_BRANCH=${{ inputs.git_branch }}"
+            "GIT_TAG=${{ inputs.git_tag }}"
+            "BUILD_OPTS=${{ inputs.build_opts }}"
+    -
+      name: List files in current directory
+      shell: bash
+      run: ls -l
+    -
+      name: Extract FTL binary from container
+      shell: bash
+      run: |
+        tar -xf build.tar pihole-FTL
+    -
+      name: "Generate checksum file"
+      shell: bash
+      run: |
+        mv pihole-FTL "${{ inputs.bin_name }}"
+        sha1sum pihole-FTL-* > ${{ inputs.bin_name }}.sha1
+    -
+      name: Store binary artifacts for later deployoment
+      if: inputs.event_name != 'pull_request'
+      uses: actions/[email protected]
+      with:
+        name: ${{ inputs.artifact_name }}
+        path: '${{ inputs.bin_name }}*'
+    -
+      name: Generate artifact attestation
+      uses: actions/attest-build-provenance@v1
+      # Skip attestation if ACTIONS_ID_TOKEN_REQUEST_URL env variable is not
+      # available (e.g., PR originating from a fork)
+      if: ${{ env.ACTIONS_ID_TOKEN_REQUEST_URL != '' }}
+      with:
+        subject-path: ${{ inputs.bin_name }}
+    -
+      name: Extract documentation files from container
+      if: inputs.event_name != 'pull_request' && inputs.platform == 'linux/amd64' && inputs.build_opts == ''
+      shell: bash
+      run: |
+        tar -xf build.tar api-docs.tar.gz
+    -
+      name: Upload documentation artifacts for deployoment
+      if: inputs.event_name != 'pull_request' && inputs.platform == 'linux/amd64' && inputs.build_opts == ''
+      uses: actions/[email protected]
+      with:
+        name: pihole-api-docs
+        path: 'api-docs.tar.gz'
+    -
+      name: Deploy
+      # Skip deployment step if:
+      # - this is a triggered by a PR event (we only push on commit to branch
+      #   events)
+      # - no SSH key is provided (this is a PR from a fork)
+      if: inputs.event_name != 'pull_request' && ${{ inputs.SSH_KEY != '' }}
+      uses: ./.github/actions/deploy
+      with:
+        pattern: ${{ inputs.bin_name }}-binary
+        target_dir: ${{ inputs.target_dir }}
+        event_name: ${{ inputs.event_name }}
+        actor: ${{ inputs.actor }}
+        SSH_KEY: ${{ inputs.SSH_KEY }}
+        KNOWN_HOSTS: ${{ inputs.KNOWN_HOSTS }}
+        SSH_USER: ${{ inputs.SSH_USER }}
+        SSH_HOST: ${{ inputs.SSH_HOST }}

.github/actions/deploy/action.yml

@@ -0,0 +1,96 @@
+name: Deploy
+description: Deploy the FTL binary and documentation
+
+inputs:
+  pattern:
+    required: true
+    description: The pattern to match the artifacts to download
+  target_dir:
+    required: true
+    description: The directory to deploy the artifacts to
+  event_name:
+    required: true
+    description: The name of the event that triggered the workflow run
+  actor:
+    required: true
+    description: The name of the user or app that initiated the workflow run
+  # Secrets cannot be accessed in the action.yml file so we need to pass them as
+  # inputs to the action.
+  SSH_KEY:
+    required: true
+    description: The SSH private key to use for authentication
+  KNOWN_HOSTS:
+    required: true
+    description: The SSH known hosts file
+  SSH_USER:
+    required: true
+    description: The SSH user to use for authentication
+  SSH_HOST:
+    required: true
+    description: The SSH host to connect to
+
+runs:
+  using: "composite"
+  steps:
+    -
+      name: Get binaries built in previous jobs
+      uses: actions/[email protected]
+      id: download
+      with:
+        path: ftl_builds/
+        pattern: ${{ inputs.pattern }}
+        merge-multiple: true
+    -
+      name: Get documentation files built in previous jobs
+      if: inputs.pattern == 'pihole-FTL-amd64-binary'
+      uses: actions/[email protected]
+      with:
+        path: ftl_builds/
+        name: pihole-api-docs
+    -
+      name: Display structure of downloaded files
+      shell: bash
+      run: ls -R
+      working-directory: ${{steps.download.outputs.download-path}}
+    -
+      name: Install SSH Key
+      uses: benoitchantre/[email protected]
+      with:
+        private-key: ${{ inputs.SSH_KEY }}
+        private-key-name: id_rsa
+        known-hosts: ${{ inputs.KNOWN_HOSTS }}
+    -
+      name: Set private key permissions
+      shell: bash
+      run: chmod 600 ~/.ssh/id_rsa
+    -
+      name: Untar documentation files
+      if: inputs.pattern == 'pihole-FTL-amd64-binary'
+      working-directory: ftl_builds/
+      shell: bash
+      run: |
+        mkdir docs/
+        tar xzvf api-docs.tar.gz -C docs/
+    -
+      name: Display structure of files ready for upload
+      working-directory: ftl_builds/
+      shell: bash
+      run: ls -R
+    -
+      name: Transfer Builds to Pi-hole server for pihole checkout
+      if: inputs.actor != 'dependabot[bot]'
+      env:
+        USER: ${{ inputs.SSH_USER }}
+        HOST: ${{ inputs.SSH_HOST }}
+        TARGET_DIR: ${{ inputs.target_dir }}
+        SOURCE_DIR: ftl_builds/
+      shell: bash
+      run: |
+        bash ./deploy.sh
+    -
+      name: Attach binaries to release
+      if: inputs.event_name == 'release'
+      uses: softprops/action-gh-release@v2
+      with:
+        files: |
+          ftl_builds/*