LizardByte · ReenigneArcher · Oct 28, 2022 · Aug 11, 2022 · Aug 11, 2022 · Aug 12, 2022
diff --git a/.docker_platforms b/.docker_platforms
@@ -0,0 +1 @@
+linux/amd64
diff --git a/.dockerignore b/.dockerignore
@@ -0,0 +1,16 @@
+# ignore git files
+.git*
+
+# ignore hidden files
+.*
+
+# ignore repo directories and files
+docs/
+packaging/
+scripts/
+tools/
+crowdin.yml
+
+# ignore dev directories
+build/
+venv/
diff --git a/.github/workflows/ci-docker.yml b/.github/workflows/ci-docker.yml
@@ -0,0 +1,203 @@
+---
+# This action is centrally managed in https://github.com/<organization>/.github/
+# Don't make changes to this file in this repo as they will be overwritten with changes made to the same file in
+# the above-mentioned repo.
+
+name: CI Docker
+
+on:
+  pull_request:
+    branches: [master, nightly]
+    types: [opened, synchronize, reopened]
+  push:
+    branches: [master, nightly]
+  workflow_dispatch:
+
+jobs:
+  check_dockerfile:
+    name: Check Dockerfile
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Check
+        id: check
+        run: |
+          if [ -f "./Dockerfile" ]
+          then
+            FOUND=true
+          else
+            FOUND=false
+          fi
+
+          echo "dockerfile=${FOUND}" >> $GITHUB_OUTPUT
+
+    outputs:
+      dockerfile: ${{ steps.check.outputs.dockerfile }}
+
+  lint_dockerfile:
+    name: Lint Dockerfile
+    needs: [check_dockerfile]
+    if: ${{ needs.check_dockerfile.outputs.dockerfile == 'true' }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Hadolint
+        id: hadolint
+        uses: hadolint/[email protected]
+        with:
+          dockerfile: ./Dockerfile
+          ignore: DL3008,DL3013,DL3016,DL3018,DL3028,DL3059
+          output-file: ./hadolint.log
+          verbose: true
+
+      - name: Log
+        if: failure()
+        run: |
+          echo "Hadolint outcome: ${{ steps.hadolint.outcome }}" >> $GITHUB_STEP_SUMMARY
+          cat "./hadolint.log" >> $GITHUB_STEP_SUMMARY
+
+  check_changelog:
+    name: Check Changelog
+    needs: [check_dockerfile]
+    if: ${{ needs.check_dockerfile.outputs.dockerfile == 'true' }}
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        if: ${{ github.ref == 'refs/heads/master' || github.base_ref == 'master' }}
+        uses: actions/checkout@v3
+
+      - name: Verify Changelog
+        id: verify_changelog
+        if: ${{ github.ref == 'refs/heads/master' || github.base_ref == 'master' }}
+        # base_ref for pull request check, ref for push
+        uses: LizardByte/.github/actions/verify_changelog@master
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+    outputs:
+      next_version: ${{ steps.verify_changelog.outputs.changelog_parser_version }}
+
+  docker:
+    name: Docker
+    needs: [check_dockerfile, check_changelog]
+    if: ${{ needs.check_dockerfile.outputs.dockerfile == 'true' }}
+    runs-on: ubuntu-latest
+    permissions:
+      packages: write
+      contents: write
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+        with:
+          submodules: recursive
+
+      - name: Prepare
+        id: prepare
+        env:
+          NEXT_VERSION: ${{ needs.check_changelog.outputs.next_version }}
+        run: |
+          # get branch name
+          BRANCH=${GITHUB_HEAD_REF}
+
+          if [ -z "$BRANCH" ]
+          then
+            echo "This is a PUSH event"
+            BRANCH=${{ github.ref_name }}
+          fi
+
+          # determine to push image to dockerhub and ghcr or not
+          if [[ $GITHUB_EVENT_NAME == "push" ]]; then
+            PUSH=true
+          else
+            PUSH=false
+          fi
+
+          # setup the tags
+          REPOSITORY=${{ github.repository }}
+          BASE_TAG=$(echo $REPOSITORY | tr '[:upper:]' '[:lower:]')
+          COMMIT=${{ github.sha }}
+
+          TAGS="${BASE_TAG}:${COMMIT:0:7},ghcr.io/${BASE_TAG}:${COMMIT:0:7}"
+
+          if [[ $GITHUB_REF == refs/heads/master ]]; then
+            TAGS="${TAGS},${BASE_TAG}:latest,ghcr.io/${BASE_TAG}:latest"
+            TAGS="${TAGS},${BASE_TAG}:master,ghcr.io/${BASE_TAG}:master"
+          elif [[ $GITHUB_REF == refs/heads/nightly ]]; then
+            TAGS="${TAGS},${BASE_TAG}:nightly,ghcr.io/${BASE_TAG}:nightly"
+          else
+            TAGS="${TAGS},${BASE_TAG}:test,ghcr.io/${BASE_TAG}:test"
+          fi
+
+          if [[ ${NEXT_VERSION} != "" ]]; then
+            TAGS="${TAGS},${BASE_TAG}:${NEXT_VERSION},ghcr.io/${BASE_TAG}:${NEXT_VERSION}"
+          fi
+
+          # read the platforms from `.docker_platforms`
+          PLATFORMS=$(<.docker_platforms)
+
+          echo "branch=${BRANCH}" >> $GITHUB_OUTPUT
+          echo "build_date=$(date -u +'%Y-%m-%dT%H:%M:%SZ')" >> $GITHUB_OUTPUT
+          echo "commit=${COMMIT}" >> $GITHUB_OUTPUT
+          echo "platforms=${PLATFORMS}" >> $GITHUB_OUTPUT
+          echo "push=${PUSH}" >> $GITHUB_OUTPUT
+          echo "tags=${TAGS}" >> $GITHUB_OUTPUT
+
+      - name: Set Up QEMU
+        uses: docker/setup-qemu-action@v2
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v2
+        id: buildx
+
+      - name: Cache Docker Layers
+        uses: actions/cache@v3
+        with:
+          path: /tmp/.buildx-cache
+          key: ${{ runner.os }}-buildx-${{ github.sha }}
+          restore-keys: |
+            ${{ runner.os }}-buildx-
+
+      - name: Log in to Docker Hub
+        if: ${{ steps.prepare.outputs.push == 'true' }}  # PRs do not have access to secrets
+        uses: docker/login-action@v2
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_ACCESS_TOKEN }}
+
+      - name: Log in to the Container registry
+        if: ${{ steps.prepare.outputs.push == 'true' }}  # PRs do not have access to secrets
+        uses: docker/login-action@v2
+        with:
+          registry: ghcr.io
+          username: ${{ secrets.GH_BOT_NAME }}
+          password: ${{ secrets.GH_BOT_TOKEN }}
+
+      - name: Build and push
+        uses: docker/build-push-action@v3
+        with:
+          context: ./
+          file: ./Dockerfile
+          push: ${{ steps.prepare.outputs.push }}
+          platforms: ${{ steps.prepare.outputs.platforms }}
+          build-args: |
+            BRANCH=${{ steps.prepare.outputs.branch }}
+            BUILD_DATE=${{ steps.prepare.outputs.build_date }}
+            BUILD_VERSION=${{ needs.check_changelog.outputs.next_version }}
+            COMMIT=${{ steps.prepare.outputs.commit }}
+          tags: ${{ steps.prepare.outputs.tags }}
+          cache-from: type=local,src=/tmp/.buildx-cache
+          cache-to: type=local,dest=/tmp/.buildx-cache
+
+      - name: Update Docker Hub Description
+        if: ${{ github.event_name == 'push' && github.ref == 'refs/heads/master' }}
+        uses: peter-evans/dockerhub-description@v3
+        with:
+          username: ${{ secrets.DOCKER_HUB_USERNAME }}
+          password: ${{ secrets.DOCKER_HUB_PASSWORD }}  # token is not currently supported
+          repository: ${{ env.BASE_TAG }}
+          short-description: ${{ github.event.repository.description }}
+          readme-filepath: ./DOCKER_README.md
diff --git a/DOCKER_README.md b/DOCKER_README.md
@@ -1,44 +1,50 @@
 # Docker
 
-## Using docker run
+## Build your own containers
+This image provides a method for you to easily use the latest Sunshine release in your own docker projects. It is not
+intended to use as a standalone container at this point, and should be considered experimental.
+
+```dockerfile
+FROM  lizardbyte/sunshine
+
+# install Steam, Wayland, etc.
+
+ENTRYPOINT steam && sunshine
+```
+
+## Where used
+This is a list of docker projects using Sunshine. Something missing? Let us know about it!
+
+- [Games on Whales](https://games-on-whales.github.io)
+
+## Port and Volume mappings
+Examples are below of the required mappings. The configuration file will be saved to `/config` in the container.
+
+### Using docker run
 Create and run the container (substitute your `<values>`):
 
 ```bash
 docker run -d \
-  --name=sunshine \
+  --name=<image_name> \
   --restart=unless-stopped
-  -v <path to data>:/config \
   -e PUID=<uid> \
   -e PGID=<gid> \
   -e TZ=<timezone> \
+  -v <path to data>:/config \
   -p 47984-47990:47984-47990/tcp \
   -p 48010:48010 \
   -p 47998-48000:47998-48000/udp \
-  lizardbyte/sunshine
+  <image>
 ```
 
-To update the container it must be removed and recreated:
-
-```bash
-# Stop the container
-docker stop sunshine
-# Remove the container
-docker rm sunshine
-# Pull the latest update
-docker pull lizardbyte/sunshine
-# Run the container with the same parameters as before
-docker run -d ...
-```
-
-## Using docker-compose
-
+### Using docker-compose
 Create a `docker-compose.yml` file with the following contents (substitute your `<values>`):
 
 ```yaml
 version: '3'
 services:
-  sunshine:
-    image: lizardbyte/sunshine
+  <image_name>:
+    image: <image>
     container_name: sunshine
     restart: unless-stopped
     volumes:
@@ -48,26 +54,12 @@ services:
       - PGID=<gid>
       - TZ=<timezone>
     ports:
-      - 47984-47990:47984-47990/tcp
-      - 48010:48010
-      - 47998-48000:47998-48000/udp
+      - "47984-47990:47984-47990/tcp"
+      - "48010:48010"
+      - "47998-48000:47998-48000/udp"
 ```
 
-Create and start the container (run the command from the same folder as your `docker-compose.yml` file):
-
-```bash
-docker-compose up -d
-```
-
-To update the container:
-```bash
-# Pull the latest update
-docker-compose pull
-# Update and restart the container
-docker-compose up -d
-```
-
-## Parameters
+### Parameters
 You must substitute the `<values>` with your own settings.
 
 Parameters are split into two halves separated by a colon. The left side represents the host and the right side the
@@ -79,16 +71,17 @@ port `47990` (e.g. `http://<host_ip>:47990`). The internal port must be `47990`,
 (e.g. `-p 8080:47990`). All the ports listed in the `docker run` and `docker-compose` examples are required.
 
 
-| Parameter                   | Function             | Example Value       | Required |
-| --------------------------- | -------------------- | ------------------- | -------- |
-| `-p <port>:47990`           | Web UI Port          | `47990`             | True     |
-| `-v <path to data>:/config` | Volume mapping       | `/home/sunshine`    | True     |
-| `-e PUID=<uid>`             | User ID              | `1001`              | False    |
-| `-e PGID=<gid>`             | Group ID             | `1001`              | False    |
-| `-e TZ=<timezone>`          | Lookup TZ value [here](https://en.wikipedia.org/wiki/List_of_tz_database_time_zones) | `America/New_York` | True     |
+| Parameter                   | Function                  | Example Value      | Required |
+|-----------------------------|---------------------------|--------------------|----------|
+| `-p <port>:47990`           | Web UI Port               | `47990`            | True     |
+| `-v <path to data>:/config` | Volume mapping            | `/home/sunshine`   | True     |
+| `-e PUID=<uid>`             | User ID                   | `1001`             | False    |
+| `-e PGID=<gid>`             | Group ID                  | `1001`             | False    |
+| `-e TZ=<timezone>`          | Lookup TZ value [here][1] | `America/New_York` | False    |
 
-### User / Group Identifiers:
+[1]: https://en.wikipedia.org/wiki/List_of_tz_database_time_zones
 
+#### User / Group Identifiers:
 When using data volumes (-v flags) permissions issues can arise between the host OS and the container. To avoid this
 issue you can specify the user PUID and group PGID. Ensure the data volume directory on the host is owned by the same
 user you specify.
@@ -99,3 +92,5 @@ In this instance `PUID=1001` and `PGID=1001`. To find yours use id user as below
 $ id dockeruser
 uid=1001(dockeruser) gid=1001(dockergroup) groups=1001(dockergroup)
 ```
+
+If you want to change the PUID or PGID after the image has been built, it will require rebuilding the image.