ci: build locally with kaniko + push to DockerHub

* add hadolint Dockerfile linter step
* update Dockerfile to implement hadolint suggestions (cbp)
* switch to immawanderer/drone-kaniko as the kaniko flavour of choice
* add a note to README about the DockerHub builds issue situation - more
  broadly described in
  wanderer/docker-archlinux#1

.drone.yml

@@ -1,26 +1,64 @@
 ---
 kind: pipeline
-name: dockerhub-build-trigger
+type: docker
+name: testing
 
 platform:
   os: linux
   arch: amd64
 
-clone:
-  disable: true
-
 steps:
-- name: call webhook
+- name: hadolint
   pull: always
-  image: bash:latest
-  environment:
-    ENDPOINT:
-      from_secret: dockerhub_endpoint
+  image: hadolint/hadolint:v1.23.0-8-gb01c5a9-alpine
   commands:
-    - apk add --no-cache curl
-    - curl -sO https://git.dotya.ml/wanderer/docker-archlinux-rf/raw/branch/master/curl.it
-    - bash ./curl.it $ENDPOINT
+  - hadolint --version
+  - hadolint Dockerfile
+  when:
+    ref:
+    - refs/heads/master
+    - "refs/heads/feature-**"
+    - "refs/pull/**"
+    - "refs/tags/**"
+    event:
+      exclude: [cron]
 
+- name: kaniko-build
+  pull: always
+  image: immawanderer/drone-kaniko:efd19c50
+  settings:
+    dockerfile: Dockerfile
+    context: .
+  when:
+    ref:
+    - "refs/heads/feature-**"
+    - "refs/pull/**"
+    - "refs/tags/**"
+    event:
+      exclude: [cron]
+
+- name: kaniko-publish
+  pull: always
+  image: immawanderer/drone-kaniko:efd19c50
+  settings:
+    dockerfile: Dockerfile
+    context: .
+    tags:
+    - latest
+    - linux-amd64
+    - ${DRONE_COMMIT_SHA:0:8}
+    repo: immawanderer/archlinux-rf
+    username:
+      from_secret: docker_username
+    password:
+      from_secret: docker_password
+  when:
+    ref:
+    - refs/heads/master
+    event:
+      exclude: [pull_request, tag]
+trigger:
+  event: [push, pull_request, cron, tag]
 
 ---
 kind: pipeline
@@ -44,7 +82,7 @@ trigger:
     - failure
 
 depends_on:
-  - dockerhub-build-trigger
+- testing
 
 steps:
   - name: discord
@@ -88,7 +126,7 @@ trigger:
     - failure
 
 depends_on:
-  - dockerhub-build-trigger
+- testing
 
 steps:
   - name: discord

.hadolint.yaml

@@ -0,0 +1,3 @@
+ignored:
+  # ad "DL3013" ignoring recommendation to pin pip package versions
+  - DL3013

Dockerfile

@@ -1,4 +1,9 @@
-FROM immawanderer/archlinux:latest
+# syntax=docker/dockerfile:1.2
+# refs:
+#   https://docs.docker.com/develop/develop-images/build_enhancements/#overriding-default-frontends
+#   https://pythonspeed.com/articles/docker-buildkit/
+
+FROM immawanderer/archlinux:linux-amd64
 
 ENV CHROMEDRIVER_VERSION="83.0.4103.39"
 ENV SCREEN_MAIN_DEPTH=24
@@ -18,7 +23,7 @@ ADD https://chromedriver.storage.googleapis.com/${CHROMEDRIVER_VERSION}/chromedr
 
 WORKDIR /tmp/
 RUN pacman -Syu --noconfirm --needed python python-pip chromium wget vim findutils \
-    && pip install robotframework robotframework-seleniumlibrary b2 \
+    && pip install --no-cache-dir robotframework robotframework-seleniumlibrary b2 \
     && bsdtar xfv /tmp/chromedriver.zip && rm -v /tmp/chromedriver.zip \
     && chmod -v +x /tmp/chromedriver \
     && mkdir -pv /usr/local/bin \

README.md

@@ -7,6 +7,11 @@
 
 This repository provides the Dockerfile to create a Docker image used to run [robot framework](https://robotframework.org) tests.
 
+## :warning: :construction: DockerHub issue :construction: :warning:
+unless you're running Arch (or a Fedora 34+ or some reasonably recent thing) as your host OS, please make sure you read through the following issue write-up (since DH issue affects the base image it affects this one, too) \
+⇒ https://git.dotya.ml/wanderer/docker-archlinux/issues/1 \
+:warning: :construction: :construction: :construction: :warning:
+
 push mirror lives in [this GitHub repo](https://github.com/wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf/docker-archlinux-rf)  
 development happens on [this Gitea instance](https://git.dotya.ml/wanderer/docker-archlinux-rf)