dangeroustech/zerotierbridge
1
0
Fork 0
mirror of https://github.com/dangeroustech/ZeroTierBridge.git synced 2025-12-06 09:06:58 +00:00
Code Issues Packages Projects Releases Wiki Activity
122 Commits 5 Branches 24 Tags
v1.2.2
Commit Graph

57 Commits

Author SHA1 Message Date
Josh Jacobs
2756d3b0c8 chore: harden compose + entrypoint; docs refresh; ignore artifacts; dependabot 
- docker-compose.yml.example: drop privileged; add cap_add (NET_ADMIN, NET_RAW) and sysctls; quote env vars
- entrypoint.sh: add strict mode + traps; wait for service; idempotent iptables; graceful shutdown
- README.md: update to multi-arch + non-privileged run guidance; fix examples
- .gitignore: ignore sbom.spdx.json and results.sarif
- .github/dependabot.yml: monitor Dockerfiles weekly

No functional changes intended; improves security, robustness, and maintainability.
 2025-10-26 15:50:49 +00:00
Josh Jacobs
9ab36f2593 ci: simplify multi-arch build, add cache & concurrency; fix release token 
- Add workflow-level concurrency to avoid overlapping releases
- Enable BuildKit cache (GHA) for faster Docker builds
- Simplify to a single multi-arch build (linux/amd64, linux/arm64)
  - Remove digest export/upload and manifest merge steps
  - Push manifest directly from buildx with tag `latest`
- Fix GitHub Release token casing to use `secrets.GITHUB_TOKEN`
- Update Dockerfile to use TARGETARCH for correct package selection
  - Pass VERSION consistently; write version to image

No functional change to runtime behavior expected; improves speed, reliability, and maintainability of the release pipeline.
 2025-10-26 15:38:44 +00:00
Josh Jacobs
2e84ed575c refactor(workflow): rename MergeRefs job to clarify purpose 2025-10-26 15:26:41 +00:00
Josh Jacobs
96ebbf805d fix(workflow): update artifact naming and handling in docker-build.yml 
- Changed artifact name to include architecture in upload step.
- Updated download step to use a pattern for artifact names and enabled merging of multiple artifacts.
 2025-10-26 15:19:15 +00:00
dependabot[bot]
9a725ba61f chore(deps): bump softprops/action-gh-release from 1 to 2 
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 1 to 2.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](https://github.com/softprops/action-gh-release/compare/v1...v2)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: '2'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-26 15:04:48 +00:00
dependabot[bot]
c82c86099a chore(deps): bump actions/checkout from 4 to 5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-26 15:04:37 +00:00
dependabot[bot]
13f56130ca chore(deps): bump anchore/scan-action from 3 to 7 
Bumps [anchore/scan-action](https://github.com/anchore/scan-action) from 3 to 7.
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md)
- [Commits](https://github.com/anchore/scan-action/compare/v3...v7)

---
updated-dependencies:
- dependency-name: anchore/scan-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-26 15:04:10 +00:00
dependabot[bot]
6a3d0a9f23 chore(deps): bump docker/build-push-action from 5 to 6 
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5 to 6.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v5...v6)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-26 15:02:58 +00:00
dependabot[bot]
b08ce9f821 chore(deps): bump github/codeql-action from 2 to 4 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-26 15:02:47 +00:00
dependabot[bot]
e987eeb8f4 chore(deps): bump TriPSs/conventional-changelog-action from 3 to 6 
Bumps [TriPSs/conventional-changelog-action](https://github.com/tripss/conventional-changelog-action) from 3 to 6.
- [Release notes](https://github.com/tripss/conventional-changelog-action/releases)
- [Changelog](https://github.com/TriPSs/conventional-changelog-action/blob/releases/v6/CHANGELOG.md)
- [Commits](https://github.com/tripss/conventional-changelog-action/compare/v3...v6)

---
updated-dependencies:
- dependency-name: TriPSs/conventional-changelog-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-26 15:02:32 +00:00
dependabot[bot]
85cd3af0ff chore(deps): bump actions/download-artifact from 3 to 6 
Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 3 to 6.
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v3...v6)

---
updated-dependencies:
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-26 15:02:08 +00:00
dependabot[bot]
3c0a4bb93e chore(deps): bump actions/upload-artifact from 3 to 5 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v5)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-26 14:58:09 +00:00
Josh Jacobs
8a260aebd1 chore: add dependabot configuration for GitHub Actions updates 2025-10-26 14:54:23 +00:00
Josh J
704859e91a ci: changelog needs permissions to commit to repo 
consider breaking this out into another workflow to segregate permission
 2023-10-17 09:09:03 +01:00
Josh J
63e3bea752 ci: must checkout before changelog 2023-10-17 08:59:47 +01:00
Josh J
fdd8bbbdda ci: needs to be able to publish security reports 2023-10-17 08:52:23 +01:00
Josh J
ffea17e8e8 ci: only do final build on main branch 
oitherwise there's no tag to pull from
 2023-10-17 08:43:10 +01:00
josh
b144c39680 ci: only build PRs with main as base 2023-10-03 07:21:37 +00:00
josh
a48a9286a2 ci: only build issue branches 2023-10-03 07:19:51 +00:00
josh
511a78b182 ci: only build assigned PRs 2023-10-03 07:18:49 +00:00
josh
2d7d9c7f3b ci: add permissions to actions file 2023-10-03 07:08:31 +00:00
josh
46ee60cbc9 fix: set latest tag 2023-09-23 22:31:27 +00:00
josh
bca9ec3df7 fix: 401 2023-09-23 21:49:35 +00:00
josh
5cd683cb7a fix: remove tag to hopefully fix digest pushing 2023-09-23 21:44:42 +00:00
josh
8d550748cd fix: push by digest again 2023-09-23 21:39:53 +00:00
josh
f8d73263fd fix: re-setup buildx 2023-09-23 21:33:13 +00:00
josh
2c987a3bbe fix: push by digest is breaking things 2023-09-23 21:30:17 +00:00
josh
be55349cef fix: correct deps 2023-09-23 21:28:42 +00:00
josh
593036c8ad fix: correct multiplatform builds 
because apparently manifests are too difficult
 2023-09-23 21:27:47 +00:00
josh
aab5c079dc feat: multi-platform builds 2023-09-23 21:06:25 +00:00
josh
d3f10891c8 sec: lower vuln threshold 2023-09-22 21:09:20 +00:00
josh
6e3c2690fc fix: correct double message 2023-09-22 21:03:32 +00:00
josh
977df48644 fix: only alert on CVEs that have a fix 2023-09-22 20:54:49 +00:00
josh
89e29531f0 fix: upload sarif file 2023-09-22 20:37:00 +00:00
josh
ec84d91bc3 Integrate Grype for Scanning 
Fixes #11
 2023-09-22 20:31:11 +00:00
josh
ab9c1c4816 ci: remove duplicate artifact upload 2023-09-22 20:26:27 +00:00
josh
24c26bea0d ci: specify file output 2023-09-22 20:24:38 +00:00
josh
8e6724ef25 ci: simplify sbom 2023-09-22 20:21:51 +00:00
josh
3a0be9b7dd ci: running on published instead of just created 2023-09-22 20:11:06 +00:00
josh
c47edea183 ci: move sbom into it's own file 2023-09-22 20:07:21 +00:00
josh
44e70e01be ci: test shifting sbom around 2023-09-22 20:01:20 +00:00
josh
ad8063651d Integrate syft for SBOM 
Fixes #12
 2023-09-22 19:41:17 +00:00
josh
c34324b998 fix: quick filter to not release on PRs 2023-09-22 19:34:26 +00:00
josh
bc56fb09ad ci: update workflow name 2023-09-22 19:23:33 +00:00
josh
ab80272f60 Add a CI Release Process 
Fixes #16
 2023-09-22 19:18:19 +00:00
josh
3a5eb50b13 fix: ci: use full registry name 2023-09-22 13:13:59 +00:00
josh
f461592cbf chore: update dep versions 2023-09-22 13:11:59 +00:00
josh
fc24b78d4a fix: ci: lowercase tag names 2023-09-22 13:03:36 +00:00
josh
3b29bee4c6 fix: ci: use correct registry 2023-09-22 13:00:14 +00:00
josh
7755601a81 Update Actions Workflow to Push to registry.dangerous.tech 
Fixes #10
 2023-09-22 12:58:31 +00:00