diff --git a/.editorconfig b/.editorconfig new file mode 100644 index 0000000..8094c25 --- /dev/null +++ b/.editorconfig @@ -0,0 +1,15 @@ +# top-most EditorConfig file +root = true + +# Default style +[*] +# Default UTF-8 charset +charset = utf-8 +# Unix-style newlines with a newline ending every file +end_of_line = lf +insert_final_newline = true +# Indent with 4 spaces +indent_style = space +indent_size = 4 +# Trim space at end of line +trim_trailing_whitespace = true diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..c855301 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,3 @@ +# Don't change line ending; Check-out as-is, commit as-is. +# i.e.: git config --global core.autocrlf false +* -text diff --git a/.github/workflows/deploy_development.yml b/.github/workflows/deploy_development.yml new file mode 100644 index 0000000..2e55b88 --- /dev/null +++ b/.github/workflows/deploy_development.yml @@ -0,0 +1,32 @@ +name: Deploy Development Build + +# Trigger on push to "development" branch +on: + push: + branches: + - development + paths: + - .github/** + - files/** + - Dockerfile + +jobs: + build_deploy_to_registry: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + uses: crazy-max/ghaction-docker-buildx@v3.1.0 + + - name: Docker login + run: docker login --username '${{secrets.REGISTRY_USERNAME}}' --password '${{secrets.REGISTRY_ACCESS_TOKEN}}' + + - name: Build + Push image ("development") + run: | + docker buildx build \ + --platform "linux/amd64,linux/arm/v7,linux/arm64" \ + --tag "${{secrets.REGISTRY_USERNAME}}/openconnect:development" \ + --output "type=image,push=true" \ + --file ./Dockerfile . diff --git a/.github/workflows/deploy_release.yml b/.github/workflows/deploy_release.yml new file mode 100644 index 0000000..4320478 --- /dev/null +++ b/.github/workflows/deploy_release.yml @@ -0,0 +1,36 @@ +name: Deploy Release Build + +# Trigger on release +on: + release: + types: + - released + +jobs: + build_deploy_to_registry: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + uses: crazy-max/ghaction-docker-buildx@v3.1.0 + + - name: Docker login + run: docker login --username '${{secrets.REGISTRY_USERNAME}}' --password '${{secrets.REGISTRY_ACCESS_TOKEN}}' + + - name: Build + Push image (tag = git release tag) + run: | + docker buildx build \ + --platform "linux/amd64,linux/arm/v7,linux/arm64" \ + --tag "${{secrets.REGISTRY_USERNAME}}/openconnect:${GITHUB_REF#refs/tags/}" \ + --output "type=image,push=true" \ + --file ./Dockerfile . + + - name: Build + Push image ("latest") + run: | + docker buildx build \ + --platform "linux/amd64,linux/arm/v7,linux/arm64" \ + --tag "${{secrets.REGISTRY_USERNAME}}/openconnect:latest" \ + --output "type=image,push=true" \ + --file ./Dockerfile . diff --git a/.github/workflows/validate_pull_request.yml b/.github/workflows/validate_pull_request.yml new file mode 100644 index 0000000..16bf452 --- /dev/null +++ b/.github/workflows/validate_pull_request.yml @@ -0,0 +1,29 @@ +name: Validate Pull Request + +# Trigger on pull request, for things that warrants re-build +on: + pull_request: + branches: + - master + paths: + - .github/** + - files/** + - Dockerfile + +jobs: + # Verify image build success + build_image: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + + - name: Set up Docker Buildx + uses: crazy-max/ghaction-docker-buildx@master + + - name: Build image (no push) + run: | + docker buildx build \ + --platform "linux/amd64,linux/arm/v7,linux/arm64" \ + --output "type=image,push=false" \ + --file ./Dockerfile . diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..a3da48b --- /dev/null +++ b/Dockerfile @@ -0,0 +1,9 @@ +FROM debian:10-slim + +ARG DEBIAN_FRONTEND=noninteractive + +RUN apt update && \ + apt install -y --no-install-recommends openconnect ca-certificates && \ + apt clean + +CMD openconnect --help diff --git a/README.md b/README.md new file mode 100644 index 0000000..5ff7748 --- /dev/null +++ b/README.md @@ -0,0 +1,58 @@ +# OpenConnect + +OpenConnect is a multi-VPN-client for: +- [Cisco's AnyConnect SSL VPN](http://www.cisco.com/go/asm) +- [Pulse Connect Secure](https://www.pulsesecure.net/products/connect-secure/) +- [Palo Alto Networks GlobalProtect SSL VPN](https://www.paloaltonetworks.com/features/vpn) + +This repository builds and publish Docker images for my own use, but you're more than welcome to use it. + +For official source code, go to [openconnect/openconnect](https://github.com/openconnect/openconnect). + +# Licence + +All work in this repository is published as [GNU General Public License, version 3](https://www.gnu.org/licenses/gpl-3.0.en.html). + + + + +# Run with Docker + +e.g. Connect to Palo Alto Networks GlobalProtect SSL VPN: +``` +docker run --rm -it --privileged --net=host klo2k/openconnect openconnect --protocol=gp vpn.example.com +``` + + + + +# Build with "docker buildx" + +Initialise [buildx](https://docs.docker.com/buildx/working-with-buildx/), if you're on a x64 machine: +``` +# Enable experimental mode +export DOCKER_CLI_EXPERIMENTAL=enabled + +# Enable ARM support +docker run --rm --privileged linuxkit/binfmt:v0.8 + +# Create 'mybuilder' if not exist, set as default builder +docker buildx inspect mybuilder||docker buildx create --name mybuilder +docker buildx use mybuilder + +# Start builder +docker buildx inspect --bootstrap +``` + +Build for x64 (x86_64): +``` +docker buildx build --pull \ + --platform "linux/amd64" \ + --tag "klo2k/openconnect" \ + --output=type=docker \ + . +``` + +For ARM 32-bit (armv7l), use `--platform "linux/arm/v7"` + +For ARM 64-bit (aarch64), use `--platform "linux/arm64"`