Bump docker/setup-buildx-action from 3.1.0 to 3.2.0

Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](https://github.com/docker/setup-buildx-action/compare/v3.1.0...v3.2.0) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2026-06-24 04:34:36 -04:00 · 2024-03-14 20:32:16 +00:00
10 changed files with 181 additions and 207 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,7 @@
 version: 2
 updates:
  # Maintain dependencies for GitHub Actions
  - package-ecosystem: "github-actions"
    directory: "/"
    schedule:
      interval: "daily"
--- a/.github/renovate.json
+++ b/.github/renovate.json
@@ -1,24 +0,0 @@
 {
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": [
    "config:recommended",
    "docker:enableMajor",
    "mergeConfidence:all-badges",
    ":disableRateLimiting",
    ":semanticCommits"
  ],
  "rebaseWhen": "conflicted",
  "customManagers": [
    {
      "customType": "regex",
      "managerFilePatterns": [
        "/(^|/)Dockerfile$/"
      ],
      "matchStrings": [
        "# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\sARG .*?_VERSION=(?<currentValue>.*)(\\sARG .*?_CHECKSUM=(?<currentDigest>.*))?\\s",
        "# renovate: datasource=(?<datasource>.*?) depName=(?<depName>.*?)( versioning=(?<versioning>.*?))?\\sARG .*?_BRANCH=(?<currentValue>.*)(\\sARG .*?_COMMIT_HASH=(?<currentDigest>.*))?\\s"
      ],
      "versioningTemplate": "{{#if versioning}}{{versioning}}{{/if}}"
    }
  ]
 }
--- a/.github/workflows/build-image-on-push.yml
+++ b/.github/workflows/build-image-on-push.yml
@@ -1,60 +0,0 @@
 name: "Test build of image when Dockerfile is changed"
 on:
  push:
    paths:
    - 'Dockerfile'
    branches-ignore:
    - main
  pull_request:
    paths:
    - 'Dockerfile'
  workflow_dispatch:
 env:
  GHCR_REPO: ghcr.io/${{ github.repository_owner }}/p2pool
 jobs:
  rebuild-container:
    name: "Build image with cache"
    strategy:
      fail-fast: false
      matrix:
        os:
          - ubuntu-latest
          - ubuntu-24.04-arm
    runs-on: ${{ matrix.os }}
    steps:
      - name: Prepare platform matrix for arm64
        if: runner.arch == 'ARM64'
        run: |
          echo "PLATFORM=linux/arm64" >> $GITHUB_ENV
          echo "DIGEST_NAME=arm64" >> $GITHUB_ENV
      - name: Prepare platform matrix for amd64
        if: runner.arch == 'X64'
        run: |
          echo "PLATFORM=linux/amd64" >> $GITHUB_ENV
          echo "DIGEST_NAME=amd64" >> $GITHUB_ENV
      -
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v4.1.0
      -
        name: Checkout repository
        uses: actions/checkout@v7
      -
        name: Test build of image
        id: build
        uses: docker/build-push-action@v7.2.0
        with:
          push: false
          load: true
          platforms: ${{ env.PLATFORM }}
          tags: p2pool:testing
          cache-from: type=registry,ref=${{ env.GHCR_REPO }}:latest
      - 
        name: Test-run image
        run: |
          docker run --rm p2pool:testing --wallet 468ydghFfthE3UTc53eF5MP9UyrMcUiAHP5kizVYJsej5XGaXBoAAEzUHCcUF7t3E3RrYAX8Rs1ujhBdcvMpZSbH8qkb55R &
          PID=$!
          sleep 30
          kill -SIGINT $PID # this will return a non-zero exit code if the container dies early on
--- a/.github/workflows/trivy-analysis.yml
+++ b/.github/workflows/trivy-analysis.yml
@@ -0,0 +1,37 @@
 name: Build and scan container for vulnerabilities with Trivy
 on:
  push:
    paths:
    - 'Dockerfile'
  pull_request:
    paths:
    - 'Dockerfile'
  schedule:
    - cron: '22 14 * * 0'
 jobs:
  build:
    name: Build
    runs-on: ubuntu-latest
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Build an image from Dockerfile
        run: |
          docker build -t docker.io/my-organization/my-app:${{ github.sha }} .
      - name: Run Trivy vulnerability scanner
        uses: aquasecurity/trivy-action@master
        with:
          image-ref: 'docker.io/my-organization/my-app:${{ github.sha }}'
          format: 'template'
          template: '@/contrib/sarif.tpl'
          output: 'trivy-results.sarif'
          severity: 'CRITICAL,HIGH'
      - name: Upload Trivy scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v3
        with:
          sarif_file: 'trivy-results.sarif'
--- a/.github/workflows/update-base-image.yml
+++ b/.github/workflows/update-base-image.yml
@@ -0,0 +1,59 @@
 name: "Update image and push to Github Packages and Docker Hub weekly"
 on:
  schedule:
    - cron: "0 12 * * 1" # Run every Monday at noon.
  workflow_dispatch:
 jobs:
  rebuild-container:
    name: "Rebuild Container with the latest base image"
    runs-on: ubuntu-latest
    steps:
      - 
        name: Prepare outputs
        id: prep
        run: |
          echo "::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
      - 
        name: Set up QEMU
        uses: docker/setup-qemu-action@v3.0.0
        with:
          platforms: linux/arm64
      - 
        name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3.2.0
      -
        name: Login to GitHub Container Registry
        uses: docker/login-action@v3.0.0 
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      -
        name: Login to DockerHub
        uses: docker/login-action@v3.0.0 
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: "Checkout repository"
        uses: "actions/checkout@v4"
      - 
        name: "Get p2pool Release Tag"
        id: get_tag
        run: echo "::set-output name=tag::$(awk -F "=" '/P2POOL_BRANCH=/ {print $2}' Dockerfile)"
      - 
        name: Build and push to Docker Hub and GitHub Packages Docker Registry
        id: docker_build
        uses: docker/build-push-action@v5.2.0
        with:
          push: true
          platforms: linux/amd64,linux/arm64
          tags: |
            ghcr.io/${{ github.repository_owner }}/p2pool:latest
            ghcr.io/${{ github.repository_owner }}/p2pool:${{ steps.get_tag.outputs.tag }}
            ${{ secrets.DOCKER_USERNAME }}/p2pool:latest
            ${{ secrets.DOCKER_USERNAME }}/p2pool:${{ steps.get_tag.outputs.tag }}
          labels: |
            org.opencontainers.image.source=${{ github.event.repository.html_url }}
            org.opencontainers.image.created=${{ steps.prep.outputs.created }}
            org.opencontainers.image.revision=${{ github.sha }}
--- a/.github/workflows/update-image-on-push.yml
+++ b/.github/workflows/update-image-on-push.yml
@@ -6,120 +6,58 @@ on:
    - main
    paths:
    - 'Dockerfile'
  workflow_dispatch:
 env:
  GHCR_REPO: ghcr.io/${{ github.repository_owner }}/p2pool
 jobs:
-  build:
+  rebuild-container:
-    name: "Build container for multiple architectures and push by digest"
+    name: "Rebuild Container with the latest base image"
-    strategy:
+    runs-on: ubuntu-latest
      fail-fast: false
      matrix:
        os:
          - ubuntu-latest
          - ubuntu-24.04-arm
    runs-on: ${{ matrix.os }}
    steps:
-      - name: Prepare platform matrix for arm64
+      - 
-        if: runner.arch == 'ARM64'
+        name: Prepare outputs
        id: prep
        run: |
-          echo "PLATFORM=linux/arm64" >> $GITHUB_ENV
+          echo "::set-output name=created::$(date -u +'%Y-%m-%dT%H:%M:%SZ')"
-          echo "DIGEST_NAME=arm64" >> $GITHUB_ENV
+      - 
-      - name: Prepare platform matrix for amd64
+        name: Set up QEMU
-        if: runner.arch == 'X64'
+        uses: docker/setup-qemu-action@v3.0.0
        run: |
          echo "PLATFORM=linux/amd64" >> $GITHUB_ENV
          echo "DIGEST_NAME=amd64" >> $GITHUB_ENV
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v6
        with:
-          images: |
+          platforms: linux/arm64
            ${{ env.GHCR_REPO }}
      - 
        name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v4.1.0
+        uses: docker/setup-buildx-action@v3.2.0
      -
        name: Login to GitHub Container Registry
-        uses: docker/login-action@v4.2.0
+        uses: docker/login-action@v3.0.0 
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      -
-        name: Checkout repository
+        name: Login to DockerHub
-        uses: actions/checkout@v7
+        uses: docker/login-action@v3.0.0 
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_PASSWORD }}
      - name: "Checkout repository"
        uses: "actions/checkout@v4"
      - 
-        name: Build and and push by digest
+        name: "Get p2pool Release Tag"
-        uses: docker/build-push-action@v7.2.0
+        id: get_tag
-        id: build
+        run: echo "::set-output name=tag::$(awk -F "=" '/P2POOL_BRANCH=/ {print $2}' Dockerfile)"
      - 
        name: Build and push to Docker Hub and GitHub Packages Docker Registry
        uses: docker/build-push-action@v5.2.0
        id: docker_build_push
        with:
-          outputs: type=image,"name=${{ env.GHCR_REPO }}",push-by-digest=true,name-canonical=true,push=true
+          push: true
-          platforms: ${{ env.PLATFORM }}
+          platforms: linux/amd64,linux/arm64
          labels: ${{ steps.meta.outputs.labels }}
          cache-from: type=registry,ref=${{ env.GHCR_REPO }}:latest
      - name: Export digest
        run: |
          mkdir -p ${{ runner.temp }}/digests
          digest="${{ steps.build.outputs.digest }}"
          touch "${{ runner.temp }}/digests/${digest#sha256:}"
      - name: Upload digest
        uses: actions/upload-artifact@v7
        with:
          name: digests-${{ env.DIGEST_NAME }}
          path: ${{ runner.temp }}/digests/*
          if-no-files-found: error
          retention-days: 1
  merge:
    runs-on: ubuntu-latest
    needs:
      - build
    steps:
      - name: Download digests
        uses: actions/download-artifact@v8
        with:
          path: ${{ runner.temp }}/digests
          pattern: digests-*
          merge-multiple: true
      - name: Login to GHCR
        uses: docker/login-action@v4.2.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v4.1.0
      - name: Checkout repository
        uses: actions/checkout@v7
      - name: Get p2pool release tag
        run: echo P2POOL_TAG="$(awk -F '=' '/P2POOL_BRANCH=/ {print $2}' Dockerfile)" >> $GITHUB_ENV
      - name: Docker meta
        id: meta
        uses: docker/metadata-action@v6
        with:
          images: |
            ${{ env.GHCR_REPO }}
          tags: |
-            type=sha
+            ghcr.io/${{ github.repository_owner }}/p2pool:latest
-            type=raw,value=latest,enable={{is_default_branch}}
+            ghcr.io/${{ github.repository_owner }}/p2pool:${{ steps.get_tag.outputs.tag }}
-            type=raw,value=${{ env.P2POOL_TAG }}
+            ${{ secrets.DOCKER_USERNAME }}/p2pool:latest
-
+            ${{ secrets.DOCKER_USERNAME }}/p2pool:${{ steps.get_tag.outputs.tag }}
-      - name: Create manifest list and push
+          labels: |
-        working-directory: ${{ runner.temp }}/digests
+            org.opencontainers.image.source=${{ github.event.repository.html_url }}
-        run: |
+            org.opencontainers.image.created=${{ steps.prep.outputs.created }}
-          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
+            org.opencontainers.image.revision=${{ github.sha }}
-            $(printf '${{ env.GHCR_REPO }}@sha256:%s ' *)
+          cache-from: type=registry,ref=${{ secrets.DOCKER_USERNAME }}/simple-monerod:latest
-
+          cache-to: type=inline
      - name: Inspect image
        run: |
          docker buildx imagetools inspect ${{ env.GHCR_REPO }}:${{ steps.meta.outputs.version }}
--- a/25
+++ b/25
@@ -1,8 +1,7 @@
-# renovate: datasource=github-releases depName=SChernykh/p2pool
+ARG P2POOL_BRANCH=v3.10
 ARG P2POOL_BRANCH=v4.17
-# Pin to the latest Ubuntu LTS for the build image base (kept current by Renovate)
+# Select latest Ubuntu LTS for the build image base
-FROM ubuntu:26.04 AS build
+FROM ubuntu:latest as build
 LABEL author="sethforprivacy@protonmail.com" \
      maintainer="sethforprivacy@protonmail.com"
@@ -17,30 +16,28 @@ RUN apt-get update \
 ENV CFLAGS='-fPIC'
 ENV CXXFLAGS='-fPIC'
-ENV USE_SINGLE_BUILDDIR=1
+ENV USE_SINGLE_BUILDDIR 1
-ENV BOOST_DEBUG=1
+ENV BOOST_DEBUG         1
 # Switch to p2pool source directory
 WORKDIR /p2pool
 # Git pull p2pool source at specified tag/branch
 ARG P2POOL_BRANCH
-RUN git clone --recursive --depth 1 --shallow-submodules --branch ${P2POOL_BRANCH} https://github.com/SChernykh/p2pool .
+RUN git clone --recursive --branch ${P2POOL_BRANCH} https://github.com/SChernykh/p2pool .
 # Make static p2pool binary
 ARG NPROC
 RUN test -z "$NPROC" && nproc > /nproc || echo -n "$NPROC" > /nproc && mkdir build && cd build && cmake .. && make -j"$(cat /nproc)"
-# Pin to the latest Ubuntu LTS for the image base (kept current by Renovate)
+# Select latest Ubuntu LTS for the image base
-FROM ubuntu:26.04
+FROM ubuntu:latest
-# Install only the runtime shared libraries that the p2pool binary links against
+# Install remaining dependencies
 # (runtime equivalents of the build-stage -dev packages, verified via ldd on the
 # built binary against the pinned Ubuntu 24.04 base)
 RUN apt-get update \
    && apt-get upgrade -y \
-    && apt-get install --no-install-recommends -y libuv1t64 libzmq5 libsodium23 \
+    && apt-get install --no-install-recommends -y libuv1-dev libzmq3-dev libsodium-dev \
-    libpgm-5.3-0t64 libnorm1t64 libgssapi-krb5-2 libcurl4t64 libidn2-0 \
+    libpgm-dev libnorm-dev libgss-dev libcurl4-openssl-dev libidn2-0-dev \
    && apt-get clean \
    && rm -rf /var/lib/apt/lists/*
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 MIT License
-Copyright (c) 2021 Seth For Privacy (@sethforprivacy)
+Copyright (c) 2021 Seth Simmons (@sethsimmons)
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal
--- a/README.md
+++ b/README.md
@@ -3,11 +3,21 @@ A simple and straightforward Dockerized [p2pool](https://github.com/SChernykh/p2
 ## Actions
-[![Daily Update Rebuild](https://github.com/sethforprivacy/p2pool-docker//actions/workflows/update-daily.yml/badge.svg)](https://github.com/sethforprivacy/p2pool-docker/actions/workflows/update-daily.yml)  
+[![Daily Update Rebuild](https://github.com/sethsimmons/p2pool-docker//actions/workflows/update-daily.yml/badge.svg)](https://github.com/sethsimmons/p2pool-docker/actions/workflows/update-daily.yml)  
-[![Weekly Update Rebuild](https://github.com/sethforprivacy/p2pool-docker//actions/workflows/update-base-image.yml/badge.svg)](https://github.com/sethforprivacy/p2pool-docker/actions/workflows/update-base-image.yml)  
+[![Weekly Update Rebuild](https://github.com/sethsimmons/p2pool-docker//actions/workflows/update-base-image.yml/badge.svg)](https://github.com/sethsimmons/p2pool-docker/actions/workflows/update-base-image.yml)  
 [![Latest Dockerfile build](https://github.com/sethsimmons/p2pool-docker//actions/workflows/update-image-on-push.yml/badge.svg)](https://github.com/sethsimmons/p2pool-docker/actions/workflows/update-image-on-push.yml)  
 [![Container security scan with Trivy](https://github.com/sethsimmons/p2pool-docker//actions/workflows/trivy-analysis.yml/badge.svg)](https://github.com/sethsimmons/p2pool-docker/actions/workflows/trivy-analysis.yml)
 ## Docker
 ![Docker Pulls](https://img.shields.io/docker/pulls/sethsimmons/p2pool)  
 ![Docker Image Size (latest by date)](https://img.shields.io/docker/image-size/sethsimmons/p2pool)  
 ![Docker Image Version (latest by date)](https://img.shields.io/docker/v/sethsimmons/p2pool)  
 # Docker Hub
-This repo is used to build the images available here on GHCR.
+This repo is used to build the images available at:
 https://hub.docker.com/r/sethsimmons/p2pool
 # Tags
@@ -18,7 +28,7 @@ This repo is used to build the images available here on GHCR.
 *NOTE: Remember to replace the host address with your own node (if desired) as well as the Monero address for the `--wallet` flag, or else you'll be making a kind hashrate donation to me.*
 ```bash
-docker run -d --name="p2pool" -p 3333:3333 -p 37889:37889 -v p2pool-data:/home/p2pool -v /dev/hugepages:/dev/hugepages:rw ghcr.io/sethforprivacy/p2pool:latest --host 5.9.120.18 --rpc-port 18089 --wallet 468ydghFfthE3UTc53eF5MP9UyrMcUiAHP5kizVYJsej5XGaXBoAAEzUHCcUF7t3E3RrYAX8Rs1ujhBdcvMpZSbH8qkb55R --stratum 0.0.0.0:3333 --p2p 0.0.0.0:37889 --addpeers 65.21.227.114:37889,node.sethforprivacy.com:37889
+docker run -d --name="p2pool" -p 3333:3333 -p 37889:37889 -v p2pool-data:/home/p2pool -v /dev/hugepages:/dev/hugepages:rw sethsimmons/p2pool:latest --host 5.9.120.18 --rpc-port 18089 --wallet 468ydghFfthE3UTc53eF5MP9UyrMcUiAHP5kizVYJsej5XGaXBoAAEzUHCcUF7t3E3RrYAX8Rs1ujhBdcvMpZSbH8qkb55R --stratum 0.0.0.0:3333 --p2p 0.0.0.0:37889 --addpeers 65.21.227.114:37889,node.sethforprivacy.com:37889
 ```
 # Copyrights
--- a/examples/docker-compose.yml
+++ b/examples/docker-compose.yml
@@ -1,6 +1,7 @@
 version: '3.5'
 services:
  monerod:
-    image: ghcr.io/sethforprivacy/simple-monerod:latest
+    image: sethsimmons/simple-monerod:latest
    restart: unless-stopped
    container_name: monerod
    volumes:
@@ -20,7 +21,7 @@ services:
      - "--out-peers=50"
  p2pool:
-    image: ghcr.io/sethforprivacy/p2pool:latest
+    image: sethsimmons/p2pool:latest
    restart: unless-stopped
    container_name: p2pool
    tty: true
@@ -51,6 +52,15 @@ services:
    volumes:
        - tor-keys:/var/lib/tor/hidden_service/
  autoheal:
    image: willfarrell/autoheal:latest
    container_name: autoheal
    restart: unless-stopped
    environment:
        AUTOHEAL_CONTAINER_LABEL: all
    volumes:
        - "/var/run/docker.sock:/var/run/docker.sock"
  watchtower:
    image: containrrr/watchtower:latest
    container_name: watchtower