diff --git a/.github/linters/.dockerfilelintrc b/.github/linters/.dockerfilelintrc new file mode 100644 index 0000000..dbab99f --- /dev/null +++ b/.github/linters/.dockerfilelintrc @@ -0,0 +1,2 @@ +rules: + missing_tag: off \ No newline at end of file diff --git a/.github/linters/.hadolint.yaml b/.github/linters/.hadolint.yaml new file mode 100644 index 0000000..5feb124 --- /dev/null +++ b/.github/linters/.hadolint.yaml @@ -0,0 +1,3 @@ +ignored: + - DL3018 #apk add pin versions + - DL3028 #gem install pin versions \ No newline at end of file diff --git a/.github/workflows/docker-build-and-push.yml b/.github/workflows/docker-build-and-push.yml index bc0e336..b68c317 100644 --- a/.github/workflows/docker-build-and-push.yml +++ b/.github/workflows/docker-build-and-push.yml @@ -7,16 +7,18 @@ on: branches: - 'main' # only build when important files change - paths: - - 'Dockerfile' - - '.github/workflows/docker-build-and-push.yml' + paths-ignore: + - 'README.md' + - '.github/workflows/linter.yml' + - '.github/linters/**' push: branches: - 'main' # only build when important files change - paths: - - 'Dockerfile' - - '.github/workflows/docker-build-and-push.yml' + paths-ignore: + - 'README.md' + - '.github/workflows/linter.yml' + - '.github/linters/**' schedule: # re-run montly to keep image fesh with upstream base images - cron: '0 12 15 * *' @@ -26,18 +28,8 @@ jobs: runs-on: ubuntu-latest steps: - - name: Docker meta - id: docker_meta - uses: crazy-max/ghaction-docker-meta@v2 - with: - # list of Docker images to use as base name for tags - images: | - bretfisher/shpod - ghcr.io/bretfisher/shpod - flavor: | - latest=false - tags: | - type=raw,value=latest + name: Checkout + uses: actions/checkout@v2.3.4 - # we need qemu and buildx so we can build multiple platforms later name: Set up QEMU @@ -72,6 +64,19 @@ jobs: registry: ghcr.io username: ${{ github.actor }} password: ${{ secrets.GITHUB_TOKEN }} + - + name: Docker meta + id: docker_meta + uses: docker/metadata-action@v3.3.0 + with: + # list of Docker images to use as base name for tags + images: | + bretfisher/shpod + ghcr.io/bretfisher/shpod + flavor: | + latest=false + tags: | + type=raw,value=latest - # this will build the images, once per platform, # then push to both Docker Hub and GHCR diff --git a/Dockerfile b/Dockerfile index 7db5bd6..975cb74 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ FROM golang:alpine AS jid -RUN apk add git +RUN apk add git --no-cache # build jid for later RUN go get -u github.com/simeji/jid/cmd/jid @@ -8,19 +8,20 @@ FROM alpine ARG TARGETPLATFORM ARG BUILDPLATFORM RUN echo "I am running on $BUILDPLATFORM, building for $TARGETPLATFORM" > /log -ENV \ - COMPOSE_VERSION=1.29.1 \ - # https://github.com/docker/compose/releases - HELM_VERSION=3.5.4 \ - # https://github.com/helm/helm/releases - KUBECTL_VERSION=1.21.0 \ - # https://dl.k8s.io/release/stable.txt - KUBECTX_VERSION=0.9.3 \ - # https://github.com/ahmetb/kubectx/releases - STERN_VERSION=1.15.0 - # https://github.com/stern/stern/releases -ENV COMPLETIONS=/usr/share/bash-completion/completions -RUN apk add bash bash-completion curl git jq libintl ncurses openssl tmux vim apache2-utils + +ENV COMPOSE_VERSION=1.29.1 \ + # https://github.com/docker/compose/releases + HELM_VERSION=3.5.4 \ + # https://github.com/helm/helm/releases + KUBECTL_VERSION=1.21.0 \ + # https://dl.k8s.io/release/stable.txt + KUBECTX_VERSION=0.9.3 \ + # https://github.com/ahmetb/kubectx/releases + STERN_VERSION=1.15.0 \ + # https://github.com/stern/stern/releases + COMPLETIONS=/usr/share/bash-completion/completions + +RUN apk add --no-cache bash bash-completion curl git jq libintl ncurses openssl tmux vim apache2-utils # docker-compose # FIXME: sadly only x64 builds are prebuilt