vane 0.9.2

A flow-based reverse proxy with multi-layer routing and programmable pipelines.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117

name: Publish Docker Image

on:
  workflow_call:
    inputs:
      ref:
        required: true
        type: string
    secrets:
      DOCKER_HUB_TOKEN:
        required: true
      GHCR_PACKAGE_TOKEN:
        required: true
  workflow_dispatch:
    inputs:
      tag:
        description: 'Tag to build and release (e.g., v{a.b.c})'
        required: true
        type: string

env:
  DOCKER_HUB_IMAGE: canmi/vane
  GHCR_IMAGE: ghcr.io/canmi21/vane

jobs:
  docker:
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

    steps:
      - name: Checkout
        uses: actions/checkout@v6
        with:
          ref: ${{ inputs.ref || inputs.tag || github.ref_name }}

      - name: Set up QEMU
        uses: docker/setup-qemu-action@v3

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3

      - name: Login to Docker Hub
        uses: docker/login-action@v3
        with:
          username: canmi
          password: ${{ secrets.DOCKER_HUB_TOKEN }}

      - name: Login to GHCR
        uses: docker/login-action@v3
        with:
          registry: ghcr.io
          username: canmi21
          password: ${{ secrets.GHCR_PACKAGE_TOKEN }}

      - name: Download x86_64 binary
        uses: actions/download-artifact@v6
        with:
          name: bin-linux-x86_64
          path: dist/amd64

      - name: Download arm64 binary
        uses: actions/download-artifact@v6
        with:
          name: bin-linux-aarch64
          path: dist/arm64

      - name: Prepare binaries
        run: |
          mv dist/amd64/vane dist/vane-amd64
          mv dist/arm64/vane dist/vane-arm64
          chmod +x dist/vane-*
          ls -l dist/

      - name: Generate Dockerfile.ci
        run: |
          cat <<EOF > Dockerfile.ci
          FROM scratch
          ARG TARGETARCH

          WORKDIR /app
          COPY dist/vane-\$TARGETARCH /app/vane

          WORKDIR /root/vane
          COPY LICENSE README.md CHANGELOG.md SECURITY.md ./

          WORKDIR /app
          CMD ["./vane"]
          EOF

          # Allow 'dist/' and 'Dockerfile.ci' in .dockerignore (fix for whitelist mode)
          echo "!dist/" >> .dockerignore
          echo "!Dockerfile.ci" >> .dockerignore

      - name: Extract metadata (tags, labels)
        id: meta
        uses: docker/metadata-action@v5
        with:
          images: |
            ${{ env.DOCKER_HUB_IMAGE }}
            ${{ env.GHCR_IMAGE }}
          tags: |
            type=semver,pattern={{version}},value=${{ github.event.inputs.tag || github.ref_name }}
            type=raw,value=latest,enable=${{ github.ref_type == 'tag' || github.event_name == 'workflow_dispatch' }}

      - name: Build and push
        uses: docker/build-push-action@v6
        with:
          context: .
          file: Dockerfile.ci
          platforms: linux/amd64,linux/arm64
          push: true
          tags: ${{ steps.meta.outputs.tags }}
          labels: ${{ steps.meta.outputs.labels }}
          build-args: |
            PROXY_URL=