.github/dependabot.yml

@@ -0,0 +1,10 @@
+version: 2
+
+updates:
+- package-ecosystem: docker
+  directory: /
+  schedule:
+    interval: weekly
+    day: friday
+
+# https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/configuration-options-for-dependency-updates

CHANGELOG.md

@@ -5,6 +5,14 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
 and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [Unreleased]
+
+## [1.1.0] - 2021-05-11
+### Added
+- image labels:
+  - `org.opencontainers.image.revision` (git commit hash via build arg)
+  - `org.opencontainers.image.source` (repo url)
+  - `org.opencontainers.image.title`
+
 ### Fixed
 - ansible-playbook:
   - rename data volume to avoid collision with container name
@@ -31,7 +39,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ### Added
 - Tor bridge running obfs4 obfuscation proxy in Alpine
 
-[Unreleased]: https://github.com/fphammerle/docker-tor-obfs4-bridge/compare/v1.0.0...HEAD
+[Unreleased]: https://github.com/fphammerle/docker-tor-obfs4-bridge/compare/v1.1.0...HEAD
+[1.1.0]: https://github.com/fphammerle/docker-tor-obfs4-bridge/compare/v1.0.0...v1.1.0
 [1.0.0]: https://github.com/fphammerle/docker-tor-obfs4-bridge/compare/v0.1.1...v1.0.0
 [0.1.1]: https://github.com/fphammerle/docker-tor-obfs4-bridge/compare/0.1.0...v0.1.1
 [0.1.0]: https://github.com/fphammerle/docker-tor-obfs4-bridge/releases/tag/0.1.0

Dockerfile

@@ -1,7 +1,7 @@
 # https://pkgs.alpinelinux.org/packages?name=obfs4proxy&arch=x86_64
-FROM alpine:3.12
+FROM alpine:3.13.5
 
-ARG TOR_PACKAGE_VERSION=0.4.3.5-r0
+ARG TOR_PACKAGE_VERSION=0.4.4.8-r0
 ARG OBFS4PROXY_PACKAGE_VERSION=0.0.11-r2
 RUN apk add --no-cache tor=$TOR_PACKAGE_VERSION \
     && apk add --no-cache obfs4proxy=$OBFS4PROXY_PACKAGE_VERSION \
@@ -23,3 +23,9 @@ ENTRYPOINT ["/entrypoint.sh"]
 USER tor
 VOLUME /var/lib/tor
 CMD ["tor", "-f", "/tmp/torrc"]
+
+# https://github.com/opencontainers/image-spec/blob/v1.0.1/annotations.md
+ARG REVISION=
+LABEL org.opencontainers.image.title="tor bridge providing obfs4 obfuscation protocol" \
+    org.opencontainers.image.source="https://github.com/fphammerle/docker-tor-obfs4-bridge" \
+    org.opencontainers.image.revision="$REVISION"

Makefile

@@ -0,0 +1,32 @@
+IMAGE_NAME = docker.io/fphammerle/tor-obfs4-bridge
+PROJECT_VERSION = $(shell git describe --match=v* --abbrev=0 --dirty | sed -e 's/^v//')
+TOR_PACKAGE_VERSION = $(shell grep -Po 'TOR_PACKAGE_VERSION=\K.+' Dockerfile | tr -d -)
+ARCH = $(shell arch)
+# architecture[arm_variant]
+# https://github.com/opencontainers/image-spec/blob/v1.0.1/image-index.md#image-index-property-descriptions
+IMAGE_TAG_ARCH_aarch64 = arm64
+IMAGE_TAG_ARCH_armv6l = armv6
+IMAGE_TAG_ARCH_armv7l = armv7
+IMAGE_TAG_ARCH_x86_64 = amd64
+IMAGE_TAG_ARCH = ${IMAGE_TAG_ARCH_${ARCH}}
+IMAGE_TAG = ${PROJECT_VERSION}-tor${TOR_PACKAGE_VERSION}-${IMAGE_TAG_ARCH}
+BUILD_PARAMS = --tag="${IMAGE_NAME}:${IMAGE_TAG}" \
+	--build-arg=REVISION="$(shell git rev-parse HEAD)"
+
+.PHONY: worktree-clean docker-build podman-build docker-push
+
+worktree-clean:
+	git diff --exit-code
+	git diff --staged --exit-code
+
+docker-build: worktree-clean
+	sudo docker build ${BUILD_PARAMS} .
+
+podman-build: worktree-clean
+	# --format=oci (default) not fully supported by hub.docker.com
+	# https://github.com/docker/hub-feedback/issues/1871#issuecomment-748924149
+	podman build --format=docker ${BUILD_PARAMS} .
+
+docker-push: docker-build
+	sudo docker push "${IMAGE_NAME}:${IMAGE_TAG}"
+	@echo git tag --sign --message '$(shell sudo docker image inspect --format '{{join .RepoDigests "\n"}}' "${IMAGE_NAME}:${IMAGE_TAG}")' docker/${IMAGE_TAG} $(shell git rev-parse HEAD)