watson/umami
1
0
Fork 0
mirror of https://github.com/umami-software/umami.git synced 2026-02-04 04:37:11 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Merge pull request #3 from umami-software/master

Browse source 
v3
This commit is contained in:
Iskandar Sulaili 2025-11-08 05:26:36 +08:00 committed by GitHub
commit 148eaefc0e
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
7 changed files with 71 additions and 124 deletions
Download patch file Download diff file Expand all files Collapse all files

58
.github/workflows/cd-manual.yml vendored
View file

@ -1,58 +0,0 @@
name: Create docker images (manual)
on:
workflow_dispatch:
inputs:
version:
type: string
description: Version
required: true
jobs:
build:
name: Build, push, and deploy
runs-on: ubuntu-latest
strategy:
matrix:
db-type: [postgresql]
steps:
- uses: actions/checkout@v3
- name: Extract version parts from input
id: extract_version
run: |
echo "version=$(echo ${{ github.event.inputs.version }})" >> $GITHUB_ENV
echo "major=$(echo ${{ github.event.inputs.version }} | cut -d. -f1)" >> $GITHUB_ENV
echo "minor=$(echo ${{ github.event.inputs.version }} | cut -d. -f2)" >> $GITHUB_ENV
- name: Generate tags
id: generate_tags
run: |
echo "tag_major=$(echo ${{ matrix.db-type }}-${{ env.major }})" >> $GITHUB_ENV
echo "tag_minor=$(echo ${{ matrix.db-type }}-${{ env.major }}.${{ env.minor }})" >> $GITHUB_ENV
echo "tag_patch=$(echo ${{ matrix.db-type }}-${{ env.version }})" >> $GITHUB_ENV
echo "tag_latest=$(echo ${{ matrix.db-type }}-latest)" >> $GITHUB_ENV
- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image to ghcr.io for ${{ matrix.db-type }}
with:
image: umami
tags: ${{ env.tag_major }}, ${{ env.tag_minor }}, ${{ env.tag_patch }}, ${{ env.tag_latest }}
buildArgs: DATABASE_TYPE=${{ matrix.db-type }}
registry: ghcr.io
multiPlatform: true
platform: linux/amd64,linux/arm64
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- uses: mr-smithers-excellent/docker-build-push@v6
name: Build & push Docker image to docker.io for ${{ matrix.db-type }}
with:
image: umamisoftware/umami
tags: ${{ env.tag_major }}, ${{ env.tag_minor }}, ${{ env.tag_patch }}, ${{ env.tag_latest }}
buildArgs: DATABASE_TYPE=${{ matrix.db-type }}
registry: docker.io
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}

75
.github/workflows/cd.yml vendored
View file

@ -5,6 +5,11 @@ on:
tags:
- 'v*.*.*'
workflow_dispatch:
inputs:
version:
description: 'Optional image version (e.g. 3.0.0, v3.0.0, or 3.0.0-beta.1)'
required: false
default: ''
jobs:
build:
@ -15,20 +20,22 @@ jobs:
packages: write
id-token: write
strategy:
matrix:
db-type: [postgresql]
steps:
- uses: actions/checkout@v5
# Install cosign (for image signing)
- name: Install cosign
uses: sigstore/cosign-installer@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Log into GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Log into Docker Hub
if: github.repository == 'umami-software/umami'
uses: docker/login-action@v3
@ -37,12 +44,28 @@ jobs:
username: ${{ secrets.DOCKER_USERNAME }}
password: ${{ secrets.DOCKER_PASSWORD }}
- name: Log into GHCR
uses: docker/login-action@v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
# Compute tags for the image
- name: Compute version tags
id: compute
run: |
INPUT="${{ github.event.inputs.version }}"
TAGS=""
if [[ -n "$INPUT" ]]; then
VERSION="${INPUT#v}" # strip leading v
MAJOR=$(echo "$VERSION" | cut -d. -f1)
MINOR=$(echo "$VERSION" | cut -d. -f2)
# prereleases (e.g., 3.0.0-beta) do NOT get 'latest'
if [[ "$VERSION" == *-* ]]; then
TAGS="${VERSION}"
else
TAGS="${VERSION},${MAJOR}.${MINOR},${MAJOR},latest"
fi
fi
echo "tags=$TAGS" >> $GITHUB_OUTPUT
echo "Computed tags: $TAGS"
- name: Extract Docker metadata
id: meta
@ -51,30 +74,32 @@ jobs:
images: |
umamisoftware/umami,enable=${{ github.repository == 'umami-software/umami' }}
ghcr.io/${{ github.repository }}
flavor: |
latest=auto
prefix=${{ matrix.db-type }}-
tags: |
type=semver,pattern={{version}}
type=semver,pattern={{major}}.{{minor}}
type=semver,pattern={{major}}
type=semver,pattern={{version}},enable=${{ github.ref_type == 'tag' }}
type=semver,pattern={{major}}.{{minor}},enable=${{ github.ref_type == 'tag' }}
type=semver,pattern={{major}},enable=${{ github.ref_type == 'tag' }}
type=raw,value=${{ steps.compute.outputs.tags }},enable=${{ steps.compute.outputs.tags != '' }}
type=ref,event=branch
type=sha
# Build and push images
- name: Build and push Docker image
id: build-and-push
uses: docker/build-push-action@v6
with:
context: .
platforms: linux/amd64,linux/arm64
build-args: DATABASE_TYPE=${{ matrix.db-type }}
push: true
platforms: linux/amd64,linux/arm64
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
cache-from: type=gha
cache-to: type=gha,mode=max
provenance: false # disable automatic registry attestations
# Sign the published image digest
- name: Sign the published Docker image
env:
TAGS: ${{ steps.meta.outputs.tags }}
DIGEST: ${{ steps.build-and-push.outputs.digest }}
run: echo "${TAGS}" | xargs -I {} cosign sign --yes "{}@${DIGEST}"
# Generate a local provenance attestation (not uploaded)
- name: Generate local provenance attestation
run: |
cosign attest --yes \
--predicate <(echo '{"build":"github-actions","repo":"${{ github.repository }}","run_id":"${{ github.run_id }}"}') \
--type slsaprovenance \
${{ steps.meta.outputs.tags }}

22
.github/workflows/delete-untagged-images.yml vendored
View file

@ -1,22 +0,0 @@
name: Delete untagged GHCR images
on:
workflow_dispatch: # Run manually from the Actions tab
jobs:
cleanup:
name: Delete all untagged images
runs-on: ubuntu-latest
permissions:
packages: write
contents: read
steps:
- name: Delete untagged GHCR images
uses: actions/delete-package-versions@v5
with:
package-name: "umami" # 👈 change if your GHCR package name differs
package-type: "container"
delete-only-untagged-versions: true
min-versions-to-keep: 0

2
README.md
View file

@ -89,7 +89,7 @@ docker compose up -d
Alternatively, to pull just the Umami Docker image with PostgreSQL support:
```bash
docker pull docker.umami.is/umami-software/umami:postgresql-latest
docker pull docker.umami.is/umami-software/umami:latest
```
---

2
docker-compose.yml
View file

@ -1,7 +1,7 @@
---
services:
umami:
image: ghcr.io/umami-software/umami:postgresql-latest
image: ghcr.io/umami-software/umami:latest
ports:
- "3000:3000"
environment:

20
src/app/(main)/UpdateNotice.tsx
View file

@ -1,5 +1,5 @@
import { useEffect, useCallback, useState } from 'react';
import { Button, AlertBanner, Flexbox } from '@umami/react-zen';
import { Button, AlertBanner, Column, Row } from '@umami/react-zen';
import { setItem } from '@/lib/storage';
import { useVersion, checkVersion } from '@/store/version';
import { REPO_URL, VERSION_CHECK } from '@/lib/constants';
@ -47,13 +47,15 @@ export function UpdateNotice({ user, config }) {
}
return (
<Flexbox justifyContent="space-between" alignItems="center">
<AlertBanner title={formatMessage(messages.newVersionAvailable, { version: `v${latest}` })}>
<Button variant="primary" onPress={handleViewClick}>
{formatMessage(labels.viewDetails)}
</Button>
<Button onPress={handleDismissClick}>{formatMessage(labels.dismiss)}</Button>
</AlertBanner>
</Flexbox>
<Column justifyContent="center" alignItems="center" position="fixed" top="10px" width="100%">
<Row width="600px">
<AlertBanner title={formatMessage(messages.newVersionAvailable, { version: `v${latest}` })}>
<Button variant="primary" onPress={handleViewClick}>
{formatMessage(labels.viewDetails)}
</Button>
<Button onPress={handleDismissClick}>{formatMessage(labels.dismiss)}</Button>
</AlertBanner>
</Row>
</Column>
);
}

16
src/lib/__tests__/detect.test.ts
View file

@ -1,4 +1,4 @@
import * as detect from '../detect';
import { getIpAddress } from '../ip';
const IP = '127.0.0.1';
const BAD_IP = '127.127.127.127';
@ -6,23 +6,23 @@ const BAD_IP = '127.127.127.127';
test('getIpAddress: Custom header', () => {
process.env.CLIENT_IP_HEADER = 'x-custom-ip-header';
expect(detect.getIpAddress(new Headers({ 'x-custom-ip-header': IP }))).toEqual(IP);
expect(getIpAddress(new Headers({ 'x-custom-ip-header': IP }))).toEqual(IP);
});
test('getIpAddress: CloudFlare header', () => {
expect(detect.getIpAddress(new Headers({ 'cf-connecting-ip': IP }))).toEqual(IP);
expect(getIpAddress(new Headers({ 'cf-connecting-ip': IP }))).toEqual(IP);
});
test('getIpAddress: Standard header', () => {
expect(detect.getIpAddress(new Headers({ 'x-forwarded-for': IP }))).toEqual(IP);
expect(getIpAddress(new Headers({ 'x-forwarded-for': IP }))).toEqual(IP);
});
test('getIpAddress: CloudFlare header is lower priority than standard header', () => {
expect(
detect.getIpAddress(new Headers({ 'cf-connecting-ip': BAD_IP, 'x-forwarded-for': IP })),
).toEqual(IP);
expect(getIpAddress(new Headers({ 'cf-connecting-ip': BAD_IP, 'x-forwarded-for': IP }))).toEqual(
IP,
);
});
test('getIpAddress: No header', () => {
expect(detect.getIpAddress(new Headers())).toEqual(null);
expect(getIpAddress(new Headers())).toEqual(null);
});