From 7ef4d5e9196ba7a769b07e707ab6856df1a9324d Mon Sep 17 00:00:00 2001
From: surtur <a_mirre@utb.cz>
Date: Thu, 22 Apr 2021 21:38:59 +0200
Subject: [PATCH] ci: build locally with kaniko + push to DockerHub

* add hadolint Dockerfile linter step
* update Dockerfile to implement hadolint suggestions (cbp)
* switch to immawanderer/drone-kaniko as the kaniko flavour of choice
* add a note to README about the DH builds issue situation
---
 .drone.yml     | 77 ++++++++++++++++++++++++++++----------------------
 .hadolint.yaml |  3 ++
 Dockerfile     | 16 ++++++-----
 README.md      |  7 +++++
 4 files changed, 63 insertions(+), 40 deletions(-)
 create mode 100644 .hadolint.yaml

diff --git a/.drone.yml b/.drone.yml
index 50296d4..e6130b8 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,53 +1,64 @@
 ---
 kind: pipeline
 type: docker
-name: dockerhub-build-trigger
+name: testing
 
 platform:
   os: linux
   arch: amd64
 
-clone:
-  disable: true
-
 steps:
-- name: call webhook
+- name: hadolint
   pull: always
-  image: curlimages/curl:latest
-  environment:
-    ENDPOINT:
-      from_secret: dockerhub_endpoint
+  image: hadolint/hadolint:v1.23.0-8-gb01c5a9-alpine
   commands:
-  - curl -s -X POST $ENDPOINT
+  - hadolint --version
+  - hadolint Dockerfile
   when:
-    branch:
-    - master
-    event:
-    - push
-    - cron
     ref:
-      exclude:
-      - ref/tags/**
+    - refs/heads/master
+    - "refs/heads/feature-**"
+    - "refs/pull/**"
+    - "refs/tags/**"
+    event:
+      exclude: [cron]
 
----
-kind: pipeline
-type: docker
-name: kaniko-build
-
-platform:
-  os: linux
-  arch: amd64
-
-depends_on:
-- dockerhub-build-trigger
-
-steps:
-- name: build
+- name: kaniko-build
   pull: always
   image: immawanderer/drone-kaniko:efd19c50
   settings:
     dockerfile: Dockerfile
     context: .
+  when:
+    ref:
+    - "refs/heads/feature-**"
+    - "refs/pull/**"
+    - "refs/tags/**"
+    event:
+      exclude: [cron]
+
+- name: kaniko-publish
+  pull: always
+  image: immawanderer/drone-kaniko:efd19c50
+  settings:
+    dockerfile: Dockerfile
+    context: .
+    tags:
+    - latest
+    - linux-amd64
+    - ${DRONE_COMMIT_SHA:0:8}
+    repo: immawanderer/archlinux-cdev
+    username:
+      from_secret: docker_username
+    password:
+      from_secret: docker_password
+  when:
+    ref:
+    - refs/heads/master
+    event:
+      exclude: [pull_request, tag]
+trigger:
+  event: [push, pull_request, cron, tag]
 
 ---
 kind: pipeline
@@ -82,7 +93,7 @@ trigger:
   - failure
 
 depends_on:
-- kaniko-build
+- testing
 
 ---
 kind: pipeline
@@ -119,4 +130,4 @@ trigger:
   - failure
 
 depends_on:
-- kaniko-build
+- testing
diff --git a/.hadolint.yaml b/.hadolint.yaml
new file mode 100644
index 0000000..ce02626
--- /dev/null
+++ b/.hadolint.yaml
@@ -0,0 +1,3 @@
+ignored:
+  # ad "DL3007 archlinux is always updating
+  - DL3007
diff --git a/Dockerfile b/Dockerfile
index 6d96243..1e1221b 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,3 +1,4 @@
+# syntax=docker/dockerfile:1.2
 FROM immawanderer/archlinux:latest
 
 ARG BUILD_DATE
@@ -8,11 +9,12 @@ LABEL org.label-schema.build-date=$BUILD_DATE \
       org.label-schema.vcs-ref=$VCS_REF \
       org.label-schema.license=GPL-3.0
 
-RUN pacman -Syu --noconfirm --ignore glibc --needed gcc cmake make git valgrind
-RUN pacman --noconfirm -R $(pacman -Qdtq) || true
-RUN pacman -Scc && rm -rfv /var/cache/pacman/* /var/lib/pacman/sync/* \
-    && rm -rv /usr/share/info/* ;rm -rv /usr/share/man/* ; \
-    rm -rv /usr/share/doc/* ;rm -r /usr/share/zoneinfo/* ;rm -rv /usr/share/i18n/*; \
+RUN pacman --version
+
+RUN pacman -Syu --noconfirm --needed gcc cmake make git valgrind
+RUN pacman --noconfirm -Rn "$(pacman -Qdtq)" || true
+RUN pacman -Scc && rm -rf /var/cache/pacman/* /var/lib/pacman/sync/* \
+    && rm -rf /usr/share/info/* ;rm -rf /usr/share/man/* ; \
+    rm -rf /usr/share/doc/* ;rm -rf /usr/share/zoneinfo/* ;rm -rf /usr/share/i18n/*; \
     find /. -name "*~" -type f -delete; \
-    find /usr/share/terminfo/. ! -name "*xterm*" ! -name "*screen*" ! -name "*screen*" -type f -delete; \
-    rm -rfv /tmp/* || true
+    find /usr/share/terminfo/. ! -name "*xterm*" ! -name "*screen*" ! -name "*screen*" -type f -delete;
diff --git a/README.md b/README.md
index ccef3bc..60cead6 100644
--- a/README.md
+++ b/README.md
@@ -7,6 +7,13 @@
 
 This repository provides the Dockerfile to create a Docker image used for light C development (some goodies included).
 
+## :warning: :construction: DockerHub issue :construction: :warning:
+unless you're running Arch (or a Fedora 34+ or some reasonably recent thing) as your host OS, please make sure you read through the following issue write-up (since DH issue affects the base image it affects this one, too) \
+⇒ https://git.dotya.ml/wanderer/docker-archlinux/issues/1 \
+:warning: :construction: :construction: :construction: :warning:
+
+The image is rebuilt approximately every hour to ensure it always has the latest packages.
+
 The image is rebuilt <del>approximately every hour</del> nightly to ensure it always has the latest packages.
 
 push mirror lives in [this GitHub repo](https://github.com/wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf/docker-archlinux-cdev)