ipng/gitea-debian-runner
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

refactor: image building

Browse Source 
refactor image building, add more variants
This commit is contained in:
hackercat
2021-04-21 10:07:46 +00:00
parent d0defb200a
commit 7818b929c6
14 changed files with 606 additions and 280 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.github/linters/.dockerfilelintrc
+104
View File
@@ -0,0 +1,104 @@
---
###########################
###########################
## Dockerfile Lint rules ##
###########################
###########################
#################################
# Default is 'on' for all rules #
# You can disable as needed. #
#################################
# Additional Info can be found at:
# https://github.com/replicatedhq/dockerfilelint
# Set the rules
rules:
# All commands in a Dockerfile require at least 1 argument
required_params: on
# For clarity and readability, all instructions in
# a Dockerfile should be uppercase
uppercase_commands: on
# The first instruction in a Dockerfile must specify
# the base image using a FROM
from_first: on
# This line is not a valid Dockerfile line
invalid_line: on
# Use of sudo is not allowed in a Dockerfile
sudo_usage: off
# Consider using a `--no-install-recommends` when `apt-get`
# installing packages
apt-get_missing_param: on
# Consider using a `--no-install-recommends` when `apt-get`
# installing packages
apt-get_recommends: on
# Use of `apt-get upgrade` is not allowed in a Dockerfile
apt-get-upgrade: on
# Use of `apt-get dist-upgrade` is not allowed in a Dockerfile
apt-get-dist-upgrade: on
# All instances of `apt-get update` should have the `apt-get install`
# commands on the same line to reduce image size
apt-get-update_require_install: on
# Consider using a `--no-cache` (supported in alpine linux >= 3.3) or
# `--update` followed by the command `rm -rf /var/cache/apk/*`
# when `apk` adding packages. This will result in a smaller image size
apkadd-missing_nocache_or_updaterm: on
# Consider using a `--virtual` or `-t` switch to group multiple packages
# for easy cleanup. This will help ensure future authors will continue
# to clean up build dependencies and other temporary packages
apkadd-missing-virtual: off
# Exposing ports should only be valid port numbers
invalid_port: on
# Only valid commands are allowed in a Dockerfile
invalid_command: on
# Expose Only Container Port
expose_host_port: on
# Using LABEL should be in key=value format
label_invalid: on
# Base images should specify a tag to use
missing_tag: on
# Base images should not use the latest tag
latest_tag: on
# This command has extra arguments and will be ignored
extra_args: on
# This command requires additional arguments
missing_args: on
# All files referenced in an ADD command should
# be part of the Docker build context
add_src_invalid: on
# When adding multiple files, the destination should be a directory
add_dest_invalid: on
# Using a WORKDIR parameter that has spaces should be escaped
invalid_workdir: on
# The arguments to this command are invalid
invalid_format: on
# Use of apt-get update should be paired with
# rm -rf /var/lib/apt/lists/* in the same layer
apt-get_missing_rm: on
# This INSTRUCTION is deprecated as of Docker 1.13
deprecated_in_1.13: on
.github/linters/.hadolint.yml
+12
View File
@@ -0,0 +1,12 @@
ignored:
- SC2086
- SC2059
- DL3004
- DL3002
- DL3008
- DL3018
- DL3003
trustedRegistries:
- docker.io
- ghcr.io
- quay.io
.github/workflows/build-alpine.yml
+112
View File
@@ -0,0 +1,112 @@
name: Build alpine images
on:
schedule:
- cron: 0 12 */7 * *
push:
paths:
- '.github/workflows/build-alpine.yml'
- 'linux/alpine/act/**'
pull_request:
paths:
- '.github/workflows/build-alpine.yml'
- 'linux/alpine/act/**'
workflow_dispatch:
jobs:
build:
name: Build
runs-on: ubuntu-latest
if: ${{ ( github.actor == github.repository_owner && github.event_name != 'pull_request' ) || ( github.actor != github.repository_owner ) }}
steps:
- name: Login to GitHub Container Registry
id: ghcr
if: ${{ github.actor == github.repository_owner }}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Quay
id: quay
if: ${{ github.actor == github.repository_owner }}
uses: docker/login-action@v1
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Login to Docker Hub
id: dckr
if: ${{ github.actor == github.repository_owner }}
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Print date in UTC format
id: print-date
run: echo "::set-output name=date::$(date +%Y%m%d)"
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- uses: actions/checkout@v2
- name: Build and push ${{ github.repository_owner }}/alpine:act-${{ steps.print-date.outputs.date }}
id: act
uses: docker/build-push-action@v2
env:
GHCR_TAG: ghcr.io/${{ github.repository_owner }}/alpine:act
QUAY_TAG: quay.io/${{ github.repository_owner }}/alpine:act
DCKR_TAG: docker.io/${{ github.repository_owner }}/alpine:act
with:
context: .
push: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
file: ./linux/alpine/act/base/Dockerfile
platforms: linux/amd64,linux/arm64,linux/arm/v7
tags: |
${{ env.GHCR_TAG }}
${{ env.GHCR_TAG }}-${{ steps.print-date.outputs.date }}
${{ env.QUAY_TAG }}
${{ env.QUAY_TAG }}-${{ steps.print-date.outputs.date }}
${{ env.DCKR_TAG }}
${{ env.DCKR_TAG }}-${{ steps.print-date.outputs.date }}
build-args: |
BASEIMAGE=node
TAG=lts-alpine3.13
DISTRIB_RELEASE=${{ steps.release.outputs.RELEASE }}
BUILD_TAG_VERSION=${{ steps.print-date.outputs.date }}
BUILD_TAG=act
BUILD_REF=${{ github.sha }}
- name: Build and push ${{ github.repository_owner }}/alpine:runner-${{ steps.print-date.outputs.date }}
id: runner
uses: docker/build-push-action@v2
if: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
env:
GHCR_TAG: ghcr.io/${{ github.repository_owner }}/alpine:runner
QUAY_TAG: quay.io/${{ github.repository_owner }}/alpine:runner
DCKR_TAG: docker.io/${{ github.repository_owner }}/alpine:runner
with:
context: .
push: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
file: ./linux/alpine/act/runner/Dockerfile
platforms: linux/amd64,linux/arm64,linux/arm/v7
tags: |
${{ env.GHCR_TAG }}
${{ env.GHCR_TAG }}-${{ steps.print-date.outputs.date }}
${{ env.QUAY_TAG }}
${{ env.QUAY_TAG }}-${{ steps.print-date.outputs.date }}
${{ env.DCKR_TAG }}
${{ env.DCKR_TAG }}-${{ steps.print-date.outputs.date }}
build-args: |
BASEIMAGE=catthehacker/alpine
TAG=act-${{ steps.print-date.outputs.date }}
BUILD_TAG_VERSION=${{ steps.print-date.outputs.date }}
BUILD_TAG=runner
BUILD_REF=${{ github.sha }}
.github/workflows/build-images.yml
-100
View File
@@ -1,100 +0,0 @@
name: Build Docker image
on:
schedule:
- cron: 0 12 */7 * *
push:
paths:
- '.github/workflows/build-images.yml'
- 'linux/**'
pull_request:
paths:
- '.github/workflows/build-images.yml'
- 'linux/**'
workflow_dispatch:
env:
NODE: '12'
jobs:
build:
name: Build
runs-on: ubuntu-20.04
if: ${{ github.actor == github.repository_owner && github.event_name != 'pull_request' }}
strategy:
fail-fast: true
max-parallel: 4
matrix:
DISTRIB_ID: [ubuntu]
DISTRIB_RELEASE: [latest, 20.04, 18.04, 16.04]
IMAGE_TYPE: [act, runner]
steps:
- name: Login to GitHub Container Registry
id: ghcr
if: ${{ github.actor == github.repository_owner }}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Quay
id: quay
if: ${{ github.actor == github.repository_owner }}
uses: docker/login-action@v1
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Login to Docker Hub
id: dckr
if: ${{ github.actor == github.repository_owner }}
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Print date in UTC format
id: print-date
run: echo "::set-output name=date::$(date +%Y%m%d)"
- name: Set Ubuntu version to RELEASE
id: release
run: |
if [ "latest" = "${{ matrix.DISTRIB_RELEASE }}" ]; then
echo "::set-output name=RELEASE::20.04"
else
echo "::set-output name=RELEASE::${{ matrix.DISTRIB_RELEASE }}"
fi
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- uses: actions/checkout@v2
- name: Build and push ${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ steps.print-date.outputs.date }}
id: docker_build
uses: docker/build-push-action@v2
with:
context: .
push: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
file: ./linux/${{ matrix.DISTRIB_ID }}/${{ matrix.IMAGE_TYPE }}/Dockerfile
platforms: linux/amd64,linux/arm64
tags: |
ghcr.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}
ghcr.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ steps.print-date.outputs.date }}
quay.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}
quay.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ steps.print-date.outputs.date }}
docker.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}
docker.io/${{ github.repository_owner }}/${{ matrix.DISTRIB_ID }}:${{ matrix.IMAGE_TYPE }}-${{ matrix.DISTRIB_RELEASE }}-${{ steps.print-date.outputs.date }}
build-args: |
DISTRIB_ID=${{ matrix.DISTRIB_ID }}
DISTRIB_RELEASE=${{ steps.release.outputs.RELEASE }}
NODE_VERSION=${{ env.NODE }}
BUILD_TAG_VERSION=${{ steps.print-date.outputs.date }}
BUILD_TAG=${{ matrix.IMAGE_TYPE }}
BUILD_REF=${{ github.sha }}
.github/workflows/build-ubuntu.yml
+130
View File
@@ -0,0 +1,130 @@
name: Build ubuntu images
on:
schedule:
- cron: 0 12 */7 * *
push:
paths:
- '.github/workflows/build-ubuntu.yml'
- 'linux/ubuntu/**'
pull_request:
paths:
- '.github/workflows/build-ubuntu.yml'
- 'linux/ubuntu/**'
workflow_dispatch:
env:
NODE: '12'
jobs:
build:
name: Build
runs-on: ubuntu-latest
if: ${{ github.actor == github.repository_owner && github.event_name != 'pull_request' }}
strategy:
fail-fast: true
max-parallel: 4
matrix:
BASEIMAGE: [ubuntu]
TAG: [latest, 20.04, 18.04, 16.04]
IMAGE_TYPE: [act]
steps:
- name: Login to GitHub Container Registry
id: ghcr
if: ${{ github.actor == github.repository_owner }}
uses: docker/login-action@v1
with:
registry: ghcr.io
username: ${{ github.repository_owner }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Login to Quay
id: quay
if: ${{ github.actor == github.repository_owner }}
uses: docker/login-action@v1
with:
registry: quay.io
username: ${{ secrets.QUAY_USER }}
password: ${{ secrets.QUAY_TOKEN }}
- name: Login to Docker Hub
id: dckr
if: ${{ github.actor == github.repository_owner }}
uses: docker/login-action@v1
with:
username: ${{ secrets.DOCKER_USER }}
password: ${{ secrets.DOCKER_TOKEN }}
- name: Print date in UTC format
id: print-date
run: echo "::set-output name=date::$(date +%Y%m%d)"
- name: Set Ubuntu version to RELEASE
id: release
run: |
if [ "latest" = "${{ matrix.TAG }}" ]; then
echo "::set-output name=RELEASE::$(lsb_release -rs)"
else
echo "::set-output name=RELEASE::${{ matrix.TAG }}"
fi
- name: Set up QEMU
uses: docker/setup-qemu-action@v1
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v1
- uses: actions/checkout@v2
- name: Build and push ${{ github.repository_owner }}/${{ matrix.BASEIMAGE }}:act-${{ matrix.TAG }}-${{ steps.print-date.outputs.date }}
id: act
uses: docker/build-push-action@v2
env:
GHCR_TAG: ghcr.io/${{ github.repository_owner }}/${{ matrix.BASEIMAGE }}:act-${{ matrix.TAG }}
QUAY_TAG: quay.io/${{ github.repository_owner }}/${{ matrix.BASEIMAGE }}:act-${{ matrix.TAG }}
DCKR_TAG: docker.io/${{ github.repository_owner }}/${{ matrix.BASEIMAGE }}:act-${{ matrix.TAG }}
with:
context: .
push: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
file: ./linux/${{ matrix.BASEIMAGE }}/act/Dockerfile
platforms: linux/amd64,linux/arm64
tags: |
${{ env.GHCR_TAG }}
${{ env.GHCR_TAG }}-${{ steps.print-date.outputs.date }}
${{ env.QUAY_TAG }}
${{ env.QUAY_TAG }}-${{ steps.print-date.outputs.date }}
${{ env.DCKR_TAG }}
${{ env.DCKR_TAG }}-${{ steps.print-date.outputs.date }}
build-args: |
BASEIMAGE=buildpack-deps
TAG=${{ steps.release.outputs.RELEASE }}
NODE_VERSION=${{ env.NODE }}
BUILD_TAG_VERSION=${{ steps.print-date.outputs.date }}
BUILD_TAG=act
BUILD_REF=${{ github.sha }}
- name: Build and push ${{ github.repository_owner }}/${{ matrix.BASEIMAGE }}:runner-${{ matrix.TAG }}-${{ steps.print-date.outputs.date }}
id: runner
uses: docker/build-push-action@v2
env:
GHCR_TAG: ghcr.io/${{ github.repository_owner }}/${{ matrix.BASEIMAGE }}:runner-${{ matrix.TAG }}
QUAY_TAG: quay.io/${{ github.repository_owner }}/${{ matrix.BASEIMAGE }}:runner-${{ matrix.TAG }}
DCKR_TAG: docker.io/${{ github.repository_owner }}/${{ matrix.BASEIMAGE }}:runner-${{ matrix.TAG }}
with:
context: .
push: ${{ github.event_name != 'pull_request' && github.event_name != 'push' }}
file: ./linux/${{ matrix.BASEIMAGE }}/runner/Dockerfile
platforms: linux/amd64,linux/arm64
tags: |
${{ env.GHCR_TAG }}
${{ env.GHCR_TAG }}-${{ steps.print-date.outputs.date }}
${{ env.QUAY_TAG }}
${{ env.QUAY_TAG }}-${{ steps.print-date.outputs.date }}
${{ env.DCKR_TAG }}
${{ env.DCKR_TAG }}-${{ steps.print-date.outputs.date }}
build-args: |
BASEIMAGE=catthehacker/ubuntu
TAG=act-${{ matrix.TAG }}
BUILD_TAG_VERSION=${{ steps.print-date.outputs.date }}
BUILD_TAG=${{ matrix.IMAGE_TYPE }}
BUILD_REF=${{ github.sha }}
.github/workflows/lint.yml
+22
View File
@@ -0,0 +1,22 @@
name: Lint Code Base
on:
push:
pull_request:
workflow_dispatch:
jobs:
lint:
name: Lint
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@v2
with:
fetch-depth: 0
- name: Lint
uses: github/super-linter@v3
env:
VALIDATE_ALL_CODEBASE: ${{ github.event_name != 'pull_request' }}
DEFAULT_BRANCH: master
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}