feat: initial release

Author: rwaffen

.github/CODEOWNERS

@@ -0,0 +1,5 @@
+# Managed by modulesync - DO NOT EDIT
+# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
+
+# No matter which file got changed, request a review from the main developers
+ * @OpenVoxProject/container-maintainers

.github/dependabot.yml

@@ -0,0 +1,28 @@
+---
+# Managed by modulesync - DO NOT EDIT
+# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
+
+version: 2
+updates:
+  # raise PRs for gem updates
+  - package-ecosystem: bundler
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "13:00"
+    open-pull-requests-limit: 10
+
+  # Maintain dependencies for GitHub Actions
+  - package-ecosystem: github-actions
+    directory: "/"
+    schedule:
+      interval: daily
+      time: "13:00"
+    open-pull-requests-limit: 10
+
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"
+      time: "13:00"
+    open-pull-requests-limit: 10

.github/labeler.yml

@@ -0,0 +1,6 @@
+---
+# Managed by modulesync - DO NOT EDIT
+# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
+
+skip-changelog:
+ - head-branch: ['^release-*']

.github/release.yml

@@ -0,0 +1,42 @@
+---
+# Managed by modulesync - DO NOT EDIT
+# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
+
+# https://docs.github.com/en/repositories/releasing-projects-on-github/automatically-generated-release-notes
+
+changelog:
+  exclude:
+    labels:
+      - duplicate
+      - invalid
+      - modulesync
+      - question
+      - skip-changelog
+      - wont-fix
+      - wontfix
+
+  categories:
+    - title: Breaking Changes 🛠
+      labels:
+        - backwards-incompatible
+
+    - title: New Features 🎉
+      labels:
+        - enhancement
+
+    - title: Bug Fixes 🐛
+      labels:
+        - bug
+
+    - title: Documentation Updates 📚
+      labels:
+        - documentation
+        - docs
+
+    - title: Dependency Updates ⬆️
+      labels:
+        - dependencies
+
+    - title: Other Changes
+      labels:
+        - "*"

.github/workflows/build_docker.yml

@@ -0,0 +1,56 @@
+name: Build and publish a 🛢️ container
+
+on:
+  push:
+    branches:
+      - 'main'
+    tags:
+      - '*'
+  workflow_dispatch:
+
+jobs:
+  setup-matrix:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+      - name: Source checkout
+        uses: actions/checkout@v4
+
+      - id: set-matrix
+        run: echo "matrix=$(cat build_versions.json | jq -c)" >> $GITHUB_OUTPUT
+
+  build-and-push-container:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+    needs: setup-matrix
+    strategy:
+      matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }}
+    steps:
+      - name: Build OpenVox Server ${{ matrix.release }} container
+        uses: voxpupuli/gha-build-and-publish-a-container@v2
+        with:
+          registry_password: ${{ secrets.GITHUB_TOKEN }}
+          build_args: |
+            OPENVOX_RELEASE=${{ matrix.release }}
+            OPENVOXSERVER_VERSION=${{ matrix.server_version }}
+            OPENVOXAGENT_VERSION=${{ matrix.agent_version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
+            R10K_VERSION=${{ matrix.r10k_version }}
+            RUGGED_VERSION=${{ matrix.rugged_version }}
+          build_arch: linux/amd64,linux/arm64
+          build_context: openvoxserver
+          buildfile: openvoxserver/Containerfile
+          tags: |
+            ghcr.io/OpenVoxProject/openvoxserver:${{ matrix.server_version }}-${{ github.ref_name }}
+            ghcr.io/OpenVoxProject/openvoxserver:${{ matrix.server_version }}-latest
+            ghcr.io/OpenVoxProject/openvoxserver:latest
+
+      # - name: Update Docker Hub Description for shortname
+      #   uses: peter-evans/dockerhub-description@v4
+      #   with:
+      #     username: voxpupulibot
+      #     password: ${{ secrets.DOCKERHUB_BOT_PASSWORD }}
+      #     repository: OpenVoxProject/openvoxserver

.github/workflows/ci.yaml

@@ -0,0 +1,85 @@
+---
+name: CI🚦
+
+on:
+  pull_request:
+    branches:
+      - 'main'
+  workflow_dispatch:
+
+jobs:
+  setup-matrix:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+      - name: Source checkout
+        uses: actions/checkout@v4
+
+      - id: set-matrix
+        run: echo "matrix=$(jq -c . build_versions.json)" >> $GITHUB_OUTPUT
+
+  general_ci:
+    uses: voxpupuli/crafty/.github/workflows/general_ci.yaml@main
+    with:
+      shellcheck_scan_dir: './openvoxserver'
+
+  build_test_container:
+    name: 'Build test container'
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+      pull-requests: write
+    needs: setup-matrix
+    strategy:
+      matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Build image
+        uses: docker/build-push-action@v6
+        with:
+          tags: 'ci/openvoxserver:${{ matrix.server_version }}'
+          context: openvoxserver
+          file: openvoxserver/Containerfile
+          push: false
+          build-args: |
+            OPENVOX_RELEASE=${{ matrix.release }}
+            OPENVOXSERVER_VERSION=${{ matrix.server_version }}
+            OPENVOXAGENT_VERSION=${{ matrix.agent_version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
+            R10K_VERSION=${{ matrix.r10k_version }}
+            RUGGED_VERSION=${{ matrix.rugged_version }}
+
+  tests:
+    needs:
+      - general_ci
+      - build_test_container
+    runs-on: ubuntu-latest
+    name: Test suite
+    steps:
+      - run: echo Test suite completed
+
+  dependabot:
+    permissions:
+      contents: write
+    name: 'Dependabot auto-merge'
+    needs:
+      - tests
+    runs-on: ubuntu-latest
+    if: ${{ github.actor == 'dependabot[bot]' && github.event_name == 'pull_request'}}
+    steps:
+      - name: Dependabot metadata
+        id: metadata
+        uses: dependabot/[email protected]
+        with:
+          github-token: '${{ secrets.GITHUB_TOKEN }}'
+
+      - name: Enable auto-merge for Dependabot PRs
+        run: gh pr merge --auto --merge "$PR_URL"
+        env:
+          PR_URL: ${{github.event.pull_request.html_url}}
+          GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}

.github/workflows/labeler.yml

@@ -0,0 +1,15 @@
+---
+# Managed by modulesync - DO NOT EDIT
+# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
+
+name: Labeler 🏷️
+
+on:
+  - pull_request_target
+
+jobs:
+  labeler:
+    name: Labeler
+    uses: voxpupuli/crafty/.github/workflows/labeler.yml@main
+    with:
+      allowed_owner: ${{ github.repository_owner }}

.github/workflows/release.yml

@@ -0,0 +1,17 @@
+---
+# Managed by modulesync - DO NOT EDIT
+# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
+
+name: Release 🚀
+
+on:
+  push:
+    tags:
+      - '*'
+
+jobs:
+  release:
+    name: Release
+    uses: voxpupuli/crafty/.github/workflows/release.yml@main
+    with:
+      allowed_owner: voxpupuli

.github/workflows/security_scanning.yml

@@ -0,0 +1,66 @@
+---
+name: Security Scanning 🕵️
+
+on:
+  push:
+    branches:
+      - main
+  pull_request:
+    branches:
+      - main
+
+jobs:
+  setup-matrix:
+    runs-on: ubuntu-latest
+    outputs:
+      matrix: ${{ steps.set-matrix.outputs.matrix }}
+    steps:
+      - name: Source checkout
+        uses: actions/checkout@v4
+
+      - id: set-matrix
+        run: echo "matrix=$(jq -c . build_versions.json)" >> $GITHUB_OUTPUT
+
+  scan_ci_container:
+    name: 'Scan CI container'
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+    needs: setup-matrix
+    strategy:
+      matrix: ${{ fromJson(needs.setup-matrix.outputs.matrix) }}
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v4
+
+      - name: Build CI container
+        uses: docker/build-push-action@v6
+        with:
+          tags: 'ci/openvoxserver:${{ matrix.server_version }}'
+          context: openvoxserver
+          file: openvoxserver/Containerfile
+          push: false
+          build-args: |
+            OPENVOX_RELEASE=${{ matrix.release }}
+            OPENVOXSERVER_VERSION=${{ matrix.server_version }}
+            OPENVOXAGENT_VERSION=${{ matrix.agent_version }}
+            OPENVOXDB_VERSION=${{ matrix.db_version }}
+            R10K_VERSION=${{ matrix.r10k_version }}
+            RUGGED_VERSION=${{ matrix.rugged_version }}
+
+      - name: Scan image with Anchore Grype
+        uses: anchore/scan-action@v5
+        id: scan
+        with:
+          image: 'ci/openvoxserver:${{ matrix.server_version }}'
+          fail-build: false
+
+      - name: Inspect action SARIF report
+        run: jq . ${{ steps.scan.outputs.sarif }}
+
+      - name: Upload Anchore scan SARIF report
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: ${{ steps.scan.outputs.sarif }}

.gitignore

@@ -0,0 +1,7 @@
+# Managed by modulesync - DO NOT EDIT
+# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
+
+.bundle/
+.vendor/
+vendor/
+Gemfile.lock

.markdownlint.json

@@ -0,0 +1,11 @@
+{
+  "default": true,
+  "MD033": {
+    "allowed_elements": [
+      "br"
+    ]
+  },
+  "MD013": {
+    "line_length": 210
+  }
+}

Gemfile

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+# Managed by modulesync - DO NOT EDIT
+# https://voxpupuli.org/docs/updating-files-managed-with-modulesync/
+
+source ENV['GEM_SOURCE'] || 'https://rubygems.org'
+
+group :release do
+  gem 'faraday-retry', '~> 2.1', require: false
+  gem 'github_changelog_generator', '~> 1.16.4', require: false
+end