From f896b8b6d4fb79d41aa8bf2486c022e5bce7e889 Mon Sep 17 00:00:00 2001 From: surtur Date: Thu, 22 Apr 2021 20:42:56 +0200 Subject: [PATCH] ci: build locally with kaniko + push to DockerHub * add hadolint Dockerfile linter step * update Dockerfile to implement hadolint suggestions (cbp) * switch to immawanderer/drone-kaniko as the kaniko flavour of choice * get a typo in README --- .drone.yml | 80 +++++++++++++++++++++++++++++++------------------- .hadolint.yaml | 3 ++ Dockerfile | 5 ++-- README.md | 2 +- 4 files changed, 56 insertions(+), 34 deletions(-) create mode 100644 .hadolint.yaml diff --git a/.drone.yml b/.drone.yml index d5e70ec..120b5ab 100644 --- a/.drone.yml +++ b/.drone.yml @@ -1,44 +1,64 @@ ---- -kind: pipeline -name: dockerhub-build-trigger - -platform: - arch: amd64 - -trigger: - branch: master - exclude: - event: pull_request - -steps: -- name: call webhook - pull: always - image: curlimages/curl:latest - environment: - ENDPOINT: - from_secret: dockerhub_endpoint - commands: - - curl -s -X POST $ENDPOINT - --- kind: pipeline type: docker -name: kaniko-build +name: testing platform: os: linux arch: amd64 -depends_on: -- dockerhub-build-trigger - steps: -- name: build +- name: hadolint pull: always - image: ghcr.io/finitum/drone-kaniko:0.8.2 + image: hadolint/hadolint:v1.23.0-8-gb01c5a9-alpine + commands: + - hadolint --version + - hadolint Dockerfile + when: + ref: + - refs/heads/master + - "refs/heads/feature-**" + - "refs/pull/**" + - "refs/tags/**" + event: + exclude: [cron] + +- name: kaniko-build + pull: always + image: immawanderer/drone-kaniko:efd19c50 settings: dockerfile: Dockerfile context: . + when: + ref: + - "refs/heads/feature-**" + - "refs/pull/**" + - "refs/tags/**" + event: + exclude: [cron] + +- name: kaniko-publish + pull: always + image: immawanderer/drone-kaniko:efd19c50 + settings: + dockerfile: Dockerfile + context: . + tags: + - latest + - linux-amd64 + - ${DRONE_COMMIT_SHA:0:8} + repo: immawanderer/archlinux + username: + from_secret: docker_username + password: + from_secret: docker_password + when: + ref: + - refs/heads/master + event: + exclude: [pull_request, tag] +trigger: + event: [push, pull_request, cron, tag] --- kind: pipeline @@ -63,7 +83,7 @@ trigger: - cron depends_on: -- kaniko-build +- testing steps: - name: discord @@ -99,7 +119,7 @@ trigger: - failure depends_on: - - kaniko-build +- testing steps: - name: discord diff --git a/.hadolint.yaml b/.hadolint.yaml new file mode 100644 index 0000000..ce02626 --- /dev/null +++ b/.hadolint.yaml @@ -0,0 +1,3 @@ +ignored: + # ad "DL3007 archlinux is always updating + - DL3007 diff --git a/Dockerfile b/Dockerfile index 1082dd3..c38e325 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,6 +21,5 @@ LABEL org.label-schema.build-date=$BUILD_DATE \ RUN pacman --version RUN pacman -Syu --noconfirm --needed -RUN pacman --noconfirm -Rn $(pacman -Qdtq) || true -RUN pacman -Scc && rm -rf /var/cache/pacman/* /var/lib/pacman/sync/* \ - rm -rv /tmp/* || true +RUN pacman --noconfirm -Rn "$(pacman -Qdtq)" || true +RUN pacman -Scc && rm -rf /var/cache/pacman/* /var/lib/pacman/sync/* diff --git a/README.md b/README.md index 403a1b2..9ff7b85 100644 --- a/README.md +++ b/README.md @@ -26,7 +26,7 @@ That's just it. This makes it possible to just grab the image and install whatev * Arch Linux image with freshly updated package base to build upon ## Running the image -* edit the `yourlocalpath` and `containerpath` variabled or remove them entirely (along with `-v`) if you have *nothing to mount* +* edit the `yourlocalpath` and `containerpath` variables or remove them entirely (along with `-v`) if you have *nothing to mount* ```bash docker run -it -v yourlocalpath:containerpath immawanderer/archlinux:latest